Submitted URL: http://subject.com.ua/
Effective URL: https://subject.com.ua/
Submission: On July 05 via api from GB — Scanned from GB

Summary

This website contacted 103 IPs in 16 countries across 98 domains to perform 649 HTTP transactions. The main IP is 31.131.26.2, located in Ukraine and belongs to VPS-UA-AS, UA. The main domain is subject.com.ua.
TLS certificate: Issued by R3 on June 12th 2022. Valid for: 3 months.
This is the only time subject.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 31.131.26.2 56851 (VPS-UA-AS)
1 2600:9000:21f... 16509 (AMAZON-02)
47 2a00:1450:400... 15169 (GOOGLE)
6 51.91.60.38 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:225... 16509 (AMAZON-02)
4 2a03:90c0:41:... 199524 (GCORE)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 9 2a00:1450:400... 15169 (GOOGLE)
28 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
13 51.79.79.65 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
18 142.250.185.226 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:401... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
14 37.157.4.24 198622 (ADFORM)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
7 24 185.33.221.14 29990 (ASN-APPNEX)
5 147.75.85.234 54825 (PACKET)
10 212.77.99.29 12827 (WIRTUALNA...)
11 2606:4700:10:... 13335 (CLOUDFLAR...)
50 2606:4700:10:... 13335 (CLOUDFLAR...)
5 178.250.0.165 44788 (ASN-CRITE...)
5 135.125.163.79 16276 (OVH)
5 185.184.8.90 204995 (RTB-HOUSE...)
1 15 51.75.86.98 16276 (OVH)
9 2a00:1450:400... 15169 (GOOGLE)
34 2a00:1450:400... 15169 (GOOGLE)
12 48 142.250.184.226 15169 (GOOGLE)
4 22 104.18.18.126 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
15 51.79.20.94 16276 (OVH)
40 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
10 2a02:2638::3 44788 (ASN-CRITE...)
1 185.64.189.112 62713 (AS-PUBMATIC)
2 54.171.241.185 16509 (AMAZON-02)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638:1::4 44788 (ASN-CRITE...)
1 1 159.65.196.12 14061 (DIGITALOC...)
2 2 194.190.76.41 48061 (UMA-TECH-AS)
2 5 37.157.3.30 198622 (ADFORM)
3 8 213.19.147.44 26120 (RHYTHMONE)
1 2604:9e00:1:1... 27257 (WEBAIR-IN...)
2 2 193.0.160.128 54312 (ROCKETFUEL)
1 1 35.205.207.25 396982 (GOOGLE-CL...)
2 2600:9000:224... 16509 (AMAZON-02)
2 3 159.122.14.34 36351 (SOFTLAYER)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 35.186.193.173 15169 (GOOGLE)
1 178.162.133.149 60781 (LEASEWEB-...)
1 6 2600:9000:223... 16509 (AMAZON-02)
1 54.74.12.230 16509 (AMAZON-02)
1 1 104.90.104.26 16625 (AKAMAI-AS)
2 84.17.46.54 60068 (CDN77 ^_^)
1 178.250.2.148 44788 (ASN-CRITE...)
9 142.250.74.194 15169 (GOOGLE)
1 213.202.235.9 24961 (MYLOC-AS ...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 178.250.2.135 44788 (ASN-CRITE...)
2 178.250.0.162 44788 (ASN-CRITE...)
3 4 35.244.159.8 15169 (GOOGLE)
2 23.35.237.56 16625 (AKAMAI-AS)
5 2600:1f18:1ac... 14618 (AMAZON-AES)
1 64.233.166.155 15169 (GOOGLE)
1 2600:1f18:612... 14618 (AMAZON-AES)
3 4 185.94.180.125 35220 (SPOTX-AMS)
3 4 2001:678:cb4:... 56396 (AMOBEE)
1 2 151.101.194.49 54113 (FASTLY)
2 5 2a05:d018:d29... 16509 (AMAZON-02)
4 14 104.36.113.23 62713 (AS-PUBMATIC)
2 185.86.137.108 201081 (SMARTADSE...)
6 18.193.215.198 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
7 9 18.156.0.31 16509 (AMAZON-02)
1 2 23.35.229.117 16625 (AKAMAI-AS)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:401... 15169 (GOOGLE)
1 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 213.155.156.168 1299 (TWELVE99 ...)
7 7 72.251.249.13 29791 (VOXEL-DOT...)
2 3 108.128.165.171 16509 (AMAZON-02)
4 199.101.135.227 40824 (WZCOM-)
1 1 35.190.0.66 15169 (GOOGLE)
1 1 139.162.23.100 63949 (LINODE-AP...)
1 1 195.209.111.4 52007 (ADRIVER-AS)
1 35.186.253.211 15169 (GOOGLE)
1 174.137.133.49 27257 (WEBAIR-IN...)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 178.250.2.146 44788 (ASN-CRITE...)
2 52.223.40.198 16509 (AMAZON-02)
5 104.90.104.226 16625 (AKAMAI-AS)
10 104.90.104.242 16625 (AKAMAI-AS)
5 212.77.98.32 12827 (WIRTUALNA...)
10 10 141.95.98.71 16276 (OVH)
5 5 18.235.201.30 14618 (AMAZON-AES)
5 5 23.35.228.23 16625 (AKAMAI-AS)
10 11 188.42.191.196 7979 (SERVERS-COM)
6 104.18.19.126 13335 (CLOUDFLAR...)
1 2 209.54.176.128 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 18.158.37.200 16509 (AMAZON-02)
2 2 64.202.112.223 23352 (SERVERCEN...)
2 2 18.193.237.214 16509 (AMAZON-02)
2 2 51.178.20.139 16276 (OVH)
1 1 34.193.246.29 14618 (AMAZON-AES)
1 52.30.130.246 16509 (AMAZON-02)
1 1 185.29.134.248 30419 (MEDIAMATH...)
1 1 34.255.241.13 16509 (AMAZON-02)
1 52.16.40.114 16509 (AMAZON-02)
1 66.155.71.25 13768 (COGECO-PEER1)
1 72.251.245.179 29791 (VOXEL-DOT...)
1 38.91.45.7 398989 (DEEPINTENT)
1 192.132.33.46 18568 (BIDTELLECT)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 34.192.82.213 14618 (AMAZON-AES)
2 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2602:803:c004... 26667 (RUBICONPR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 195.201.152.105 24940 (HETZNER-AS)
1 185.86.137.113 201081 (SMARTADSE...)
1 64.202.112.127 23352 (SERVERCEN...)
1 46.249.52.249 50673 (SERVERIUS-AS)
649 103
Apex Domain
Subdomains
Transfer
94 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
pubads.g.doubleclick.net — Cisco Umbrella Rank: 487
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 287
bid.g.doubleclick.net — Cisco Umbrella Rank: 465
435 KB
92 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 273
731 KB
50 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 10756
sync.quantumdex.io — Cisco Umbrella Rank: 4819
9 KB
43 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 276
gcdn.2mdn.net — Cisco Umbrella Rank: 883
r5---sn-aigl6n7z.c.2mdn.net — Cisco Umbrella Rank: 567334
2 MB
34 vdo.ai
a.vdo.ai — Cisco Umbrella Rank: 17803
analytics.vdo.ai — Cisco Umbrella Rank: 17266
targeting.vdo.ai — Cisco Umbrella Rank: 20801
h5.vdo.ai — Cisco Umbrella Rank: 22114
5 MB
32 google.com
cse.google.com — Cisco Umbrella Rank: 3240
www.google.com — Cisco Umbrella Rank: 8
adservice.google.com — Cisco Umbrella Rank: 92
clients1.google.com — Cisco Umbrella Rank: 582
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2184
262 KB
29 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 244
acdn.adnxs.com — Cisco Umbrella Rank: 591
secure.adnxs.com — Cisco Umbrella Rank: 408
105 KB
28 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576
dsum.casalemedia.com — Cisco Umbrella Rank: 1295
27 KB
25 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 520 Failed
image6.pubmatic.com — Cisco Umbrella Rank: 629
ads.pubmatic.com — Cisco Umbrella Rank: 488
61 KB
19 adform.net
adx.adform.net — Cisco Umbrella Rank: 3956
c1.adform.net — Cisco Umbrella Rank: 583
5 KB
16 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
21 KB
15 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 820
2 KB
15 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 744
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13468
ads.eu.criteo.com — Cisco Umbrella Rank: 7052
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 8884
gum.criteo.com — Cisco Umbrella Rank: 391
mug.criteo.com — Cisco Umbrella Rank: 2727
58 KB
14 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 479
ups.analytics.yahoo.com — Cisco Umbrella Rank: 299
6 KB
13 criteo.net
static.criteo.net — Cisco Umbrella Rank: 606
pix.eu.criteo.net — Cisco Umbrella Rank: 6881
csm.eu.criteo.net — Cisco Umbrella Rank: 7033
105 KB
11 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2197
7 KB
11 connectad.io
i.connectad.io — Cisco Umbrella Rank: 6911
cdn.connectad.io — Cisco Umbrella Rank: 4190
sync-eu.connectad.io — Cisco Umbrella Rank: 3137
4 KB
10 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 550
13 KB
10 wp.pl
ssp.wp.pl — Cisco Umbrella Rank: 27846
2 KB
9 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 536
static.adsafeprotected.com — Cisco Umbrella Rank: 562
dt.adsafeprotected.com — Cisco Umbrella Rank: 481
96 KB
9 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 179
326 KB
7 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 660
4 KB
6 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
205 B
6 media.net
cs.media.net — Cisco Umbrella Rank: 1523
hbx.media.net — Cisco Umbrella Rank: 1351
3 KB
6 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 659
2 KB
6 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1121
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 3080
582 B
6 dev2pub.com
tag.eu.dev2pub.com — Cisco Umbrella Rank: 229008
api.eu.dev2pub.com — Cisco Umbrella Rank: 188152
578 KB
5 otm-r.com
ssp.otm-r.com — Cisco Umbrella Rank: 114707
1 KB
5 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 4219
1 KB
5 wpcdn.pl
std.wpcdn.pl — Cisco Umbrella Rank: 32941
80 KB
5 openx.net
us-u.openx.net — Cisco Umbrella Rank: 387
rtb.openx.net — Cisco Umbrella Rank: 1589
1 KB
5 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6442
880 B
5 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 7559
4 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1220
835 B
5 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2518
mp.4dex.io — Cisco Umbrella Rank: 3646
47 KB
5 subject.com.ua
subject.com.ua
38 KB
4 stat-rock.com
serving.stat-rock.com — Cisco Umbrella Rank: 13543
98 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 801
r.turn.com — Cisco Umbrella Rank: 2975
2 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 501
3 KB
4 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 4608
1 KB
4 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 40667
84 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 534
b1h.zemanta.com — Cisco Umbrella Rank: 4247
754 B
3 360yield.com
match.360yield.com — Cisco Umbrella Rank: 4129
ad.360yield.com — Cisco Umbrella Rank: 642
955 B
3 gstatic.com
csi.gstatic.com
398 B
3 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1255
ww1097.smartadserver.com — Cisco Umbrella Rank: 28090
2 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 851
1 KB
3 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 425
www.googleapis.com — Cisco Umbrella Rank: 53
329 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
119 KB
3 optad360.io
cmp.optad360.io — Cisco Umbrella Rank: 44745
get.optad360.io — Cisco Umbrella Rank: 26439
660 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2209
1 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1269
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 790
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 290
440 B
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 286
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 367
653 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4852
651 B
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2942
casale-match.dotomi.com — Cisco Umbrella Rank: 3187
290 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 681
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 612
796 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 938
344 B
2 admost.com
run.admost.com — Cisco Umbrella Rank: 80631
96 B
2 rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 3055
p.rfihub.com — Cisco Umbrella Rank: 775
2 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 540
2 KB
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 10669
966 B
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 107
52 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 429
3 KB
2 google.ae
adservice.google.ae — Cisco Umbrella Rank: 119687
914 B
1 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 6853
157 B
1 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 528
1 KB
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 4439
399 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 908
414 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 755
380 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 922
222 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1459
408 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 587
191 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 474
430 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1568
112 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 462
683 B
1 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 192
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 2399
234 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 443
506 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 5237
233 B
1 adriver.ru
ssp.adriver.ru — Cisco Umbrella Rank: 14142
342 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 17337
560 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 12943
554 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 888
183 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
5 KB
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 11552
1 KB
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 670
35 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1050
474 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 34958
609 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 395
834 B
1 avads.net
ads.avads.net — Cisco Umbrella Rank: 21560
439 B
1 torchad.com
rtb2-useast.torchad.com — Cisco Umbrella Rank: 21962
233 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2661
550 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 867
699 B
0 smilewanted.com Failed
prebid.smilewanted.com Failed
0 wbtrk.net Failed
um.wbtrk.net Failed
649 98
Domain Requested by
48 cm.g.doubleclick.net 12 redirects googleads.g.doubleclick.net
db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
subject.com.ua
ssum-sec.casalemedia.com
47 pagead2.googlesyndication.com subject.com.ua
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
www.googletagservices.com
s0.2mdn.net
45 sync.quantumdex.io get.optad360.io
sync.quantumdex.io
ssum-sec.casalemedia.com
40 s0.2mdn.net imasdk.googleapis.com
subject.com.ua
s0.2mdn.net
db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
34 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
s0.2mdn.net
imasdk.googleapis.com
pagead2.googlesyndication.com
24 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
subject.com.ua
db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
23 ib.adnxs.com 7 redirects get.optad360.io
googleads.g.doubleclick.net
acdn.adnxs.com
ssum-sec.casalemedia.com
tag.eu.dev2pub.com
22 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
16 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
subject.com.ua
15 h5.vdo.ai subject.com.ua
a.vdo.ai
15 onetag-sys.com 1 redirects get.optad360.io
sync.quantumdex.io
tag.eu.dev2pub.com
14 image6.pubmatic.com 4 redirects ads.pubmatic.com
14 fundingchoicesmessages.google.com pagead2.googlesyndication.com
subject.com.ua
14 adx.adform.net get.optad360.io
tag.eu.dev2pub.com
13 analytics.vdo.ai a.vdo.ai
11 ads.betweendigital.com 10 redirects tag.eu.dev2pub.com
10 id5-sync.com 10 redirects
10 ads.pubmatic.com get.optad360.io
sync.quantumdex.io
10 static.criteo.net get.optad360.io
static.criteo.net
ads.eu.criteo.com
10 ssp.wp.pl get.optad360.io
9 ups.analytics.yahoo.com 7 redirects ssum-sec.casalemedia.com
9 googleads4.g.doubleclick.net subject.com.ua
googleads.g.doubleclick.net
9 www.googletagservices.com googleads.g.doubleclick.net
www.googletagservices.com
db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
9 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
subject.com.ua
9 www.google.com 1 redirects cse.google.com
www.google.com
db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
tpc.googlesyndication.com
7 ap.lijit.com 7 redirects
6 match.sharethrough.com db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
sync.quantumdex.io
6 s.ad.smaato.net 1 redirects sync.quantumdex.io
6 db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
5 ssp.otm-r.com tag.eu.dev2pub.com
5 ade.googlesyndication.com subject.com.ua
5 ssum-sec.casalemedia.com sync.quantumdex.io
5 usermatch.targeting.unrulymedia.com sync.quantumdex.io
5 hbx.media.net 5 redirects
5 ssp.disqus.com 5 redirects
5 std.wpcdn.pl ssp.wp.pl
5 cdn.connectad.io get.optad360.io
5 acdn.adnxs.com get.optad360.io
5 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
5 dt.adsafeprotected.com db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
5 c1.adform.net 2 redirects ssum-sec.casalemedia.com
5 prebid-eu.creativecdn.com get.optad360.io
5 rtb.adxpremium.services get.optad360.io
5 bidder.criteo.com get.optad360.io
5 useast.quantumdex.io get.optad360.io
5 i.connectad.io get.optad360.io
5 prebid.a-mo.net get.optad360.io
5 a.vdo.ai subject.com.ua
a.vdo.ai
5 subject.com.ua 1 redirects subject.com.ua
serving.stat-rock.com
4 gum.criteo.com 2 redirects static.criteo.net
4 serving.stat-rock.com get.optad360.io
subject.com.ua
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 us-u.openx.net 3 redirects googleads.g.doubleclick.net
4 adservice.google.co.uk securepubads.g.doubleclick.net
imasdk.googleapis.com
4 script.4dex.io get.optad360.io
script.4dex.io
tag.eu.dev2pub.com
4 api.eu.dev2pub.com tag.eu.dev2pub.com
4 cdn.admixer.net subject.com.ua
cdn.admixer.net
3 mug.criteo.com subject.com.ua
3 csi.gstatic.com imasdk.googleapis.com
3 ad.turn.com 3 redirects
3 um.simpli.fi 2 redirects ssum-sec.casalemedia.com
3 pubads.g.doubleclick.net imasdk.googleapis.com
subject.com.ua
3 www.googletagmanager.com subject.com.ua
a.vdo.ai
www.googletagmanager.com
2 gu.dyntrk.com 2 redirects
2 pm.w55c.net 2 redirects
2 b1sync.zemanta.com 2 redirects
2 x.bidswitch.net ssum-sec.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 match.adsrvr.org get.optad360.io
ssum-sec.casalemedia.com
2 match.360yield.com 2 redirects
2 d5p.de17a.com 2 redirects
2 r5---sn-aigl6n7z.c.2mdn.net subject.com.ua
2 ads.stickyadstv.com 1 redirects googleads.g.doubleclick.net
2 ssbsync.smartadserver.com db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
2 sync-tm.everesttech.net 1 redirects ssum-sec.casalemedia.com
2 sync.teads.tv googleads.g.doubleclick.net
2 csm.eu.criteo.net ads.eu.criteo.com
2 run.admost.com db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
s0.2mdn.net
2 static.adsafeprotected.com pixel.adsafeprotected.com
db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
2 sync.1rx.io 2 redirects
2 px.adhigh.net 2 redirects
2 pixel.adsafeprotected.com db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
2 www.youtube.com a.vdo.ai
www.youtube.com
2 cdn.jsdelivr.net get.optad360.io
a.vdo.ai
2 adservice.google.ae pagead2.googlesyndication.com
2 imasdk.googleapis.com a.vdo.ai
imasdk.googleapis.com
2 get.optad360.io subject.com.ua
get.optad360.io
2 cse.google.com subject.com.ua
www.google.com
2 tag.eu.dev2pub.com subject.com.ua
tag.eu.dev2pub.com
1 pbjs.e-planning.net tag.eu.dev2pub.com
1 b1h.zemanta.com tag.eu.dev2pub.com
1 ww1097.smartadserver.com tag.eu.dev2pub.com
1 mp.4dex.io tag.eu.dev2pub.com
1 ad.360yield.com tag.eu.dev2pub.com
1 fastlane.rubiconproject.com tag.eu.dev2pub.com
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 s.company-target.com 1 redirects
1 csync.loopme.me 1 redirects
1 bttrack.com ssum-sec.casalemedia.com
1 match.deepintent.com ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 cm.adgrx.com ssum-sec.casalemedia.com
1 pixel-sync.sitescout.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 match.prod.bidr.io ssum-sec.casalemedia.com
1 d.adroll.com 1 redirects
1 sync.mathtag.com 1 redirects
1 dpm.demdex.net ssum-sec.casalemedia.com
1 nep.advangelists.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 secure.adnxs.com ssum-sec.casalemedia.com
1 sync-eu.connectad.io cdn.connectad.io
1 dsp.adkernel.com db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
1 rtb.openx.net db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
1 ssp.adriver.ru 1 redirects
1 a.c.appier.net 1 redirects
1 ads.travelaudience.com 1 redirects
1 dclk-match.dotomi.com db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
1 gcdn.2mdn.net 1 redirects
1 r.turn.com db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
1 partners.tremorhub.com googleads.g.doubleclick.net
1 bid.g.doubleclick.net imasdk.googleapis.com
1 pix.eu.criteo.net ads.eu.criteo.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 m.exactag.com db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
1 cat.nl.eu.criteo.com ads.eu.criteo.com
1 cs.media.net 1 redirects
1 ads.yieldmo.com db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
1 sync.go.sonobi.com db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
1 gcm.ctnsnet.com 1 redirects
1 px.ads.linkedin.com 1 redirects
1 ads.avads.net 1 redirects
1 a.rfihub.com 1 redirects
1 rtb2-useast.torchad.com db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
1 sync.targeting.unrulymedia.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 ads.eu.criteo.com db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
1 rtb.fr.eu.criteo.com subject.com.ua
1 hbopenbid.pubmatic.com get.optad360.io
1 targeting.vdo.ai a.vdo.ai
1 clients1.google.com subject.com.ua
1 www.googleapis.com subject.com.ua
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cmp.optad360.io subject.com.ua
0 prebid.smilewanted.com Failed tag.eu.dev2pub.com
0 um.wbtrk.net Failed db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
649 149
Subject Issuer Validity Valid
subject.com.ua
R3
2022-06-12 -
2022-09-10
3 months crt.sh
*.optad360.io
Amazon
2021-11-17 -
2022-12-15
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
tag.eu.dev2pub.com
R3
2022-05-08 -
2022-08-06
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA
2022-06-08 -
2023-06-21
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-17 -
2023-06-17
a year crt.sh
www.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.vdo.ai
Go Daddy Secure Certificate Authority - G2
2021-08-17 -
2022-09-18
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
api.eu.dev2pub.com
R3
2022-05-08 -
2022-08-06
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.google.ae
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.a-mo.net
R3
2022-07-04 -
2022-10-02
3 months crt.sh
*.wp.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-10 -
2023-03-15
a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3
2022-04-15 -
2023-04-15
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-15 -
2022-09-18
3 months crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA
2021-08-05 -
2022-09-05
a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-17 -
2023-04-12
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.google.co.uk
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-21 -
2022-09-23
3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2021-08-04 -
2022-09-04
a year crt.sh
fw.adsafeprotected.com
Amazon
2022-04-28 -
2023-05-27
a year crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-05-18 -
2022-08-13
3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-05-27 -
2022-08-25
3 months crt.sh
*.torchad.com
AlphaSSL CA - SHA256 - G2
2021-09-20 -
2022-10-22
a year crt.sh
static.adsafeprotected.com
Amazon
2021-09-05 -
2022-10-04
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2021-12-08 -
2023-01-09
a year crt.sh
*.yieldmo.com
Amazon
2022-04-25 -
2023-05-24
a year crt.sh
*.admost.com
Sectigo RSA Domain Validation Secure Server CA
2021-12-01 -
2022-12-11
a year crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-05-22 -
2022-08-24
3 months crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA
2021-08-16 -
2022-09-14
a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-12 -
2022-09-12
3 months crt.sh
teads.tv
R3
2022-06-01 -
2022-08-30
3 months crt.sh
dt.adsafeprotected.com
Amazon
2022-04-10 -
2023-05-08
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
*.sharethrough.com
Amazon
2021-08-13 -
2022-09-11
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2021-08-10 -
2022-09-11
a year crt.sh
serving.stat-rock.com
R3
2022-07-03 -
2022-10-01
3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G2
2021-12-30 -
2023-01-31
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2021-12-10 -
2022-12-09
a year crt.sh
*.wpcdn.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-05-13 -
2023-05-15
a year crt.sh
s.ad.smaato.net
Amazon
2021-09-21 -
2022-10-20
a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA
2022-05-09 -
2023-05-09
a year crt.sh
*.c.docs.google.com
GTS CA 1C3
2022-06-21 -
2022-08-30
2 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-05 -
2023-05-04
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-06-14 -
2022-12-07
6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-02-03 -
2023-03-07
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-06-07 -
2022-11-30
6 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-19 -
2022-11-19
a year crt.sh
*.match.prod.bidr.io
Amazon
2022-01-27 -
2023-02-25
a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2021-12-15 -
2023-01-15
a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2022-03-01 -
2023-03-28
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-05-02 -
2023-06-03
a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA
2022-03-21 -
2023-04-20
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.360yield.com
Amazon
2022-06-28 -
2023-07-27
a year crt.sh
*.otm-r.com
AlphaSSL CA - SHA256 - G2
2022-05-27 -
2023-06-28
a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-29 -
2022-08-29
a year crt.sh
*.e-planning.net
R3
2022-05-17 -
2022-08-15
3 months crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA
2021-12-15 -
2023-01-15
a year crt.sh

This page contains 90 frames:

Primary Page: https://subject.com.ua/
Frame ID: 4EE0F70448CDAB4A84A96843EF90E8CD
Requests: 211 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html
Frame ID: 22024A54C117B649FC95AEA4D43D8CEA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&adk=1812271804&adf=3025194257&lmt=1656988765&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsubject.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988765214&bpp=2&bdt=342&idt=134&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1085221559156&frm=20&pv=2&ga_vid=1145372659.1656988765&ga_sid=1656988765&ga_hid=1152939023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068196%2C44768759%2C42531608&oid=2&pvsid=1520103964203497&tmod=760952956&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=151
Frame ID: D8D606682265942DED085866740E9023
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1656988765&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988765216&bpp=1&bdt=345&idt=167&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1085221559156&frm=20&pv=1&ga_vid=1145372659.1656988765&ga_sid=1656988765&ga_hid=1152939023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068196%2C44768759%2C42531608&oid=2&pvsid=1520103964203497&tmod=760952956&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=khtphbQ4H2&p=https%3A//subject.com.ua&dtd=171
Frame ID: 6699E55561B318683E83706C9FE474B9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 97888DA839D229E2E2391ADD3D3AB567
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWKYRD0-PABGPXrsskBMAE&v=APEucNVCPf5Cjwh3mS_qn4KXfd3uIhRMeXVfVXDOKB3oP3fg6Nnui5Hno3DSFM-h5SAb_BcvVeT0ub-2Hgt7F17Ot8WjHBnfxA
Frame ID: 5687EC8D74F884B47FAB3399BA39C9C5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CFNun5lrxzkOEiZsdQBTAU9iL0JMPVTKVrZ3MUazTq6SwSFfG3IVNEtuXmy1N5notZRhAtEYQkyHeYQssHQBOAnz_ddwS5Mn88KI0ul9bKouPMsBXU-0KGVGK9DNtHi4LOQvplPE9eK9NIyN6RafILRIUpNw&cry=1&dbm_d=AKAmf-AfoGGTdQDIbfhLcyu53RV-wbdNcXOM66JZ5kWUH2vppalTiHrca6ZiWFCbqOqR3VGnt3AToKnxW2vQH9DU3t1mguPj8cp8VDmdtHWCVVyjKYd5Nksf4_6J0sc3fpGIyUVMXXZqe3CPf31gJdo4XriEtUTldR8Ig3POb9A8KlqmTu4kZ6E85g5b2bjcBrMl1KyAZWz2a55HrA9Yrd3bj_EujayHXflEGpr7s8y5FsUkNJyr_za02rBu-P-bzdsaUujC8AXjHw4_NoOXyrx_SlrVWYJVJMW8aaC71HrJ6Gu6C5Ww7x0IuJiLWruGQ1LrNv8K5rrC8SYvL9eXcXPrUAN38Vh3kT1HH8O0AAtI88HEmODcsDvaTafERkSUuDhVRp8RT1M1GIgoURN9NNgTU5oCaYPStbFRCG61I4iqrzVYWFNKk2R0AmuP7FGir5jIdRqRKqWFfw3JVxL9lBF0dxnCHBn85S8cxih3JmKqZnHMzXHH3MXOO3oE4rSXfBDviU4-5irX9AcQFUZ136rN072sxgEBjNTLz9qnhAHzh98joIZTlg9EmJ6uO7Qrfazayd3QiltX2Jf-7SnSBrFWZhOkp3wLJ8b9Sogb7nWro40i0yK1O092ucCkBdlaj4-wwHvpZFrw8oCil9jAaovoLtrUY7CQHdOsGOZpJNke0WpXjnpzOZMKP651TalTcFN1fOSjuNinfZ5C6wk5lSzYck73pQrDoLnACN7vFVAifbKWtazWjPSkcIxs0YxKZqAmMx1QZiyiKSVZspi6mogS2I3IqBdpxAZhjz5EX1nl_IpzIn68sD3NmOOYZRQwruSev5sBzSH4WXn3TZe4qwlPJzMWHQ0K6cQY4GIceB9P-9OuAWuqWAqheRTzg3cRms3iNpVcP_a3whqbvr4Phkb_Q17IFN7oDL5mDm63M9yl2LCfFYGswN46rx4ZIrVV9aFi1Gnq5r2Ui2L71QRDJb_mYoHCt_J6sl6KYJjrd9fz4sqmY2QOcb3FCSSlvClFZYSjX7KlYDHjEiZxnOrjJATbefDJiMHfjXYS6EVvJCC67XB0yXM6qXM36CrUNDZomC5MH7gxpnVfeNguCzjLizGqUA9NBaK58aDfQ9W5pu4Te1dHp2_-gdmYU7PBcUXyK8hAG4z-q9tIHYqiEvADhSVjyYLIitnsozs1l8JA16Huv38sqFBihcyThf8NY_JKWHBpbGefutXJ8xRr3gRkDl9qMJsSQJlIRcPeX1PD0_iT0kgCdH0u18AGQcOPpoK3mIAY4Y4kVwnX5QxLBwrSyH0O0WJmWA3dohX4rOY-WE8Wj8HiY816TjpFtuG_hdhw6aEzDupR_Q43mE3LcuEts1DOGHw1MDY1jyBiwzUavN7QY0ntMIaOJK0N3Zhb0Tw8CINlAxGljwWtL-HW7k3xjxBu5R1saNABoG7Vn_10HY72urs6T3mFQWDz_hU5cunK-dUt7p34X6yY7LZmbgBTRwBynJ8ZlHradyNzGpcxI4fqLFhmJLfMsTnuUpmcLL4osiOqEWnWNb3nx93PqS7wJVXynL_Yk8s31ZMEa8NhGggG0rEYVhs5u0pNkjcLw8vfUkEN7OVqqRwwYhBeACBjO5kg92BEBYkrT2xI5U634ydM6ciTOMwKoC19eRei5vN2i3OP9BLLq0_98mF4oZ6XSL3XBUurgWVrFkkMYmXG83H1wSen__MtCMbjwi8r0iwl7Lc1hYFWKEWTAXZHmEY6CTRAFKwZ4pjCXTe2_k4DTMbIPl-B4OhG68AJGnylBsdILZ9W8scGr2LrOp98wvgkq-pVJ_FrhE6Li2-8_zmXvj-oCfOZzXvlOaBwObO02zgFK4BQGU3fW8hSxKvPFmGD5XcYZPF_tMfa1w02KNdhqyUCorTIWeI8mocQVMDTDvETqE_vkMdCgPAdPKLFRjV-ad0yOrOnY7nfYd-ml-UXcvlaDdYInM7cui27zwSAPMfhoczc5O4Q6k2lnt5cLE0OHWUlEfJWztKjR5RvDYdTt35jDf76HRIQ2P4I9B1onrwrdNOGBnK82Nvyc1evLVUP2RADTHHP6dwShBnbpqskKTiHEfQ_vdmd_8-34xZUp991xVCpnWBI1ht3KJ8myNA3JB2I7YF7z1DON6ZVb5KDjbkznLZ7x98Pct_G3bFbZ4h9fKpQaH7ea2eXSz4HpgsfDCRh_m50f7f2cHekygM_36DV3QK43qLIVL_Ol9qEPy_5D7rDyot6D7Cxy12d5pH1XaMeue2F2fgfKsAmBt4x2ZptjndSroPmfYlLhJpd7YuMBAoqlkQEFy2OO-OOksUQDfDLyjoVyx2oxOC4ibLpRbx4IefqMOfXgTrM2QbWBKa8EqYGFO_fgoLvfX-xFOpfJIQYNn4CMoe2aoo5R39mpOSmT9scS97zL7p9ydvwdmWfEPS67E4UQNzDPCGwhz8EfLFA_LMH5AlNZb0oAwvyv3swkvNjBgQeyB6q3Y1s1wyRI-EPEF0TmZHd0wvpmRym9j-j07AY-iSLxE5fd0Y_rGcvDL0O1zuryRnwkJxaGkXV1ux5QtkilBpi1cILrmDFvpLPmcsDglfL5SGpEb0L5ZbMZNFLLQFlNRz9e6c7cCbCerSn0dA6UxENGxfDwoLyyYcvkOS6YtESW5yTJkL--NsMUy46HgMRmMqsZ6klUhiMbMQmfkPyow6vyykc8UKnSL5GdKU3D6mE7syUTx-b3E649iCjvoofPCtdbmpHaEI8lrecfSnAFBJNXDje2xz-SQ2kaveq_2sVxdzb6kK7W13v8gwoAshk8bLpSgSAshhZWX4qTfH2BTv0poV9i20w3VbW8RK8oUcqPJAQoToZMiqeA8kKSCrxjCJGajXng4f3SHKYO4v-AYgIRFtDKl-w3g50B69orLXwgBUNcvisFVZGHteKXgPRmykvQAoJIMZvDbNDqZDMNXqTuekVyH07LuapzM4EiX5omfmaDaTNpo-XVfpO0FxGZjLNdOrLbLukXK2Ywo3TyEZZaB7xALugDLqhi32khbEBT9U9okv9VsgoinpwlpJNRU0xhhdQTSBCYKeTaajPrXn9YzEKlsy_l1Pyp8s2f5njBLvur9yl877qYqlEsEbFdtcn01x2994AAQuKJFfSeeBSB0B9b9kqOP_PACzY7pBVliuqCMpKePgnHnv2V-cJUG80KjUyOyaFla8WZvPOh0oPjCfBEIMmftN2Jq61GLh5S9lmLnupJC2pjS2S3wNIVJG-CW0xZwasETK67L9qFR9_nRecLrMS_LYHAMeh_EHahIjnu3Pa5QWuncGqLEinfscBNDpqLgE9iyu5KvMToONS5VO5Jaa1CQnJPq6HoR3fHH2QcEK3Kgplyy7oJrMF5CwQMRsiI49xV4gQzEDaoL8AV7ZYQ6hKr0bzCg1MdnoLsh7gk0PWjAztBVGB2GdFUscPJqle7vyWbcslHbbmB4rKRZIp_Ck4Zq4JtCE-c4Z_EoB3HgXR9Z70elWknw9FnpusHHBPgQ6VSjBVwRPwrBwrSCcexd9PEkIcArb6sAU8AvorBQ0H4PnGbO09xK4uumVUzkbVjvTdn_fCV6C3zt3UA9pP8NfscpRORmBNnUWHBq6lZ5Qk-9VzN485hJYPzHk&cid=CAASBORo1jM&rfl=2%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Frame ID: 7EDE59A58BE6F0FA820890D964981D4A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Frame ID: E2B4D24B0998E5BE73E64D3DDFE0FABA
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 30A9784418AC32B2C064C20C3C3BDA4D
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.520.0_en.html
Frame ID: 013C51AF1C68B0FB8621CAE5E6A0272B
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3E1D4FA38C24128D4E870E43E3EEBA5A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Frame ID: 57F56DA49E625527657458F4259C0EDE
Requests: 1 HTTP requests in this frame

Frame: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6C95DFBAFE2CBF5103B8318199B40CD8
Requests: 1 HTTP requests in this frame

Frame: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BB599FB9A5C5F207E2C249DA344904CE
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQvNLfAhj39cO7ATAB&v=APEucNWBrlJhMh08vLaO9igxB1YoesnShOm73jPokpWRb-6HCjRwK5ZVGjYCWwAj2UdibeO54kjwz1voQiX7knqjNGpd6YnizahCZy9-aUP4N8srTmX3R5c
Frame ID: 66B8E24DCC1047F29AB716F9106F734C
Requests: 5 HTTP requests in this frame

Frame: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7755BD797318AB97B6E9F8BBA1CB3F49
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YsOkXwABZD8Iu_F9AAivmAr-TcEGJWUvIkJcYw&u=%7C3KzpqDx1Bo%2FUE%2B04%2BvMrLZjvMj6O%2F7g29GuaOlHwS4o%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQQfSwGU1sppLCzv2iiOS9LkPiw93sZyzprpcBW_Kd9DE6XzmaMRJbrT_2NzhcdyW6A2Mj1DXlPfZUcc2XqZigEn5UxmziCPwX6kiNuHpjsFsoAtfeCQvHw4240EUM52N89x8y8WHGRo3MmOV6zbMyzoX2Y0ihCcIVd4d-RVNldOXWICc8oj1YZh9S8YZwpacmeEyJmwFczAxM7nK02GNdKrTzRaXfnmM9rHz0yU8yXyQSkHPWCgeVtolyeGN8GC8AzIu_kxjUgIe3WH3ewWJrdyzDrktK3pP0-z8dvYC2qYxRZvatpkYE77bYdHXAwz8iB7KOnoSB-ElG_VenLyHTN7n-jbo0mRf2_FuOvBgAqMre5xKN3H7mxVhwmr9bY-dZ3wajW8i3HnKQ0HvWiPGNbp_Gx4X51F53O-oSOCznS9Mufy8Txo5HT1EQ19pShrKEQsRTtKk81KA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqetZX6TDYr_IBf3i7_UPmN-iwArkj9KxXKeS4YiIAcCNtwEQASAAYLu-roPQCoIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAG91IjrA8gBCakCfWA6DVlQtD7gAgCoAwGqBPcBT9DB6bdKXH35cnICF2wFV7P8CHNsy003E8nsbsbkVUoGVa461pbC2OJF30GwdBYGeI1baVUXVurHHaxpyAOMeG4oFXscoMKQXQhm5mQXUwgJP6e_oQt-vHP0Jwr22hquD18iAQ9G1EZFnbyXxjV4p6abk1GOs5EGrNkhThuAOxCJQKgMRJMFakNNdMjdgsIWgKANFNxkh8FjhfHAXVsoZnlzP3BwPtWU1d6Mh9zErHfv8tZuS2bD_7wQYPciR6J7b3gorG-iRwVh15K86XRB93MRPCUhCa0HQgAGFX3WjXPqYzJhJ0Rt5IiWDRMDKXCh08PExM4klOAEAYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi05MTkyMjIxNzc2MDk1MjIz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1zoljkdA-KQweL4tw6ifyt8asAnA%26client%3Dca-pub-5512390705137507%26adurl%3D
Frame ID: 93D116D2815A90494770BC17535B2F1A
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AC0CA90197800273C217F322ABC28DF2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4F77908593A4733B54261AAB968E1192
Requests: 9 HTTP requests in this frame

Frame: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 33174E9716EDB912385DC489F4945B3B
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 16675A5BDE2D8A464F2D8F0D32A195CA
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJWG2AEQwO_UAhiCmZbOATAB&v=APEucNUF5yHdinfmW6lOHLBIuCXC982M7RMKNV7iMJJpZzcAUFhMjBbFffc889i4kkKjOyPj-bAptNCcOUnBW2s1zeYtayoPEmAQASg9L7Wj6rP_x9GDS1E
Frame ID: 0E0C339C0EC12D0648E8236459C0EA7E
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10468941064440532424/index.html?e=69&leftOffset=0&topOffset=0&c=5e5TppNCCg&t=1&renderingType=2&ev=01_247
Frame ID: 3A4C915D33ACCD4BC214EB3AF4AE18B0
Requests: 8 HTTP requests in this frame

Frame: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 71400D8DDC101F0AD55AC8997359DA11
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEJq67dUCGIHZha8BMAE&v=APEucNUDfUP8vNOn35ZjDGGcrpBw8lREQNOaCMrOQvBrik4TV4UqFY9G3MZnFqL3IuGqeSVBpEYd5gAG72En6G-pbzuGR8nXjTr3FRdRLuw5ISP_5QHvI5k
Frame ID: 084EC57EA275C70E6CCB791E066539AD
Requests: 4 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 1DEAB03F216E862A7822292AE36B41C2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9352D315EE1D6AE7891C5246636FF722
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/index.html
Frame ID: FE71F4C011C6BFA3CB5D5AF5CE16CD48
Requests: 16 HTTP requests in this frame

Frame: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 97E63E7E2FAB533FCD40C9D08FB3DD0F
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 476A256B2CD30B6D876492DC08FF0CD2
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Frame ID: 4A9736675990D29EC8AFE6512D9FB715
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmWlQEQzaudARiP0aTIATAB&v=APEucNXr82p9HD-rqPoyi6uiOj88A0gJwJXpR95cbSg8ICieNZxi7uQPsoArJ8cIRsRwg7DKSt3fmmG_yKcTBtv1Q3OVRyLAi_nH9lQ8BJw8jNRiApxj61I
Frame ID: E961F9DC8782E6051F2ECE01DFB5F623
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A5F5C33F5F92A021F04F69C273C3EA37
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 988E5DBBCB4ABCC5B160031F4FD39520
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Frame ID: 5D6195139B399409638D18E6C0D60252
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F869C670B42195C4C99FDED27158CFEE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6B2BB319AEA59CCC630CB67C18BC84A1
Requests: 3 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: DD55F0968F97C975FC20C578F4442FBF
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 66AC78593FBEF14E4C80D2EFD10D0BA7
Requests: 2 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: FDBAFA60C8508457E3213DEF2699D1FE
Requests: 2 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 9359C01D1BC583F69AA88365F95D406C
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 648D780D5FD48784D14D14A6AF835B78
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: E4C496B24448947321B78E9DCEF97FB9
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 384519CE24DB332AE52CEBA257307F3D
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1656988765783&gdpr=0
Frame ID: 54559796CD724B15F83BA8520D76DBD7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: 8607AB913BC7EA9D5112B797D911B55E
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 7BD7E4507FF98F6F05200406C5EA4856
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1656988765783&gdpr=0
Frame ID: 2BEC2F0D104A292633B8FA80458D19AE
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: A4AE5878E8BD80B8E44C6B8978F01F95
Requests: 10 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 214AD0B9106A54172E5EEE40CAD31AB2
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1656988765782&gdpr=0
Frame ID: C2283AA3D0AA69722108128C9EB071AF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 9715301C10ECC0248CAA1A50E67E349A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: A767A70DF49E69C083944DEF0CE7C922
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AF8AED6D3071FF3FB9E56C5B7437187D
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EF859862C394E305DFB68BF9B7E5DDE0
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0C1E3F42FB6810AC4A4C43AC1C9EBA66
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: 3BA60B844FEE3BCFA964F37A727D0EB8
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BFCD114BAF740333CC1367E6D1AA197A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: D6F7C501FAE647EB2FB9B48867CC3756
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 88341C8F74A38472EB534700F1035CD5
Requests: 2 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 92BA22FAE65A1B33B3FA8DCC96C37C3C
Requests: 2 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 724937FF455337C56A94BE0DD9A4E1AA
Requests: 2 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 0B644ED29B94E21FDD432743E811479E
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 2F64B4DB0F4CB5169B5175D4DC828974
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: F181C03E81D34CABD233584114413612
Requests: 2 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: 901FE13CD74DCDC836AED0C3837960FF
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: F7E6424C2B2F88B24E6654365C518988
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 83ACA592EF5B500264AB1563E977DA99
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 574338ADB406D1F299C05B7A7F3D983E
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 6EA475870AD6ABB33336155A51AC7FA6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 6AFC9DAE082C9B8B3BF8FF6471B52E7A
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: B361CE151068C202CDC2755FD8351ED4
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 82D493845C85F45FD79F48932CB16BA0
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: A7EB0D1ABDBFBD0785F0FDD7BC1FADC7
Requests: 2 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 6528C5906F3C5F57B1B3DF86EC73E28A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: D64957A21968F4A4141E86D9C18AACDF
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: EAB147710F83FC49F54CA61FEAF00539
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 25B81DD8268AFCB381AAB7646719D08B
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 52871B9B087F75D7FF505B8C72982C43
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: E5138CF88A76864D88A71CB83749B0F8
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 69AD8DABBCAE0488262F7A3B40233DA7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 49743ACE833672738D70FB227E693981
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: C3ABAC74A21C427498189A96C15F8547
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 46179CB0C40D1FA361BBB4F10FA8A46C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 4828D669154DC08B1BF97FEF7E968CC0
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 8D3F56CA37E5EDE92D206CF0C3BDD510
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 1CC3B4D97EB5888DFF949D1809432486
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=subject.com.ua&gdpr=0&gdpr_consent=
Frame ID: 28BD8A0A4F2DEAA547261E1570E8BA6A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 81E961F51528FF63B6589824020B6C3C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E7AB6293105F869C43286C33E2B01B50
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Всі предмети - Великий довідник школярашукати

Page URL History Show full URLs

  1. http://subject.com.ua/ HTTP 301
    https://subject.com.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

649
Requests

84 %
HTTPS

36 %
IPv6

98
Domains

149
Subdomains

103
IPs

16
Countries

11716 kB
Transfer

21696 kB
Size

109
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://subject.com.ua/ HTTP 301
    https://subject.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 105
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOFFEbvIABBYhyfudPRLIKg&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOFFEbvIABBYhyfudPRLIKg&google_cver=1&C=1
Request Chain 106
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsOkXqZha.1iGFYS-EfDlAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAb11kvJe9n9xRHVqUtKm-s&google_cver=1&google_hm=2
Request Chain 107
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENeyqbUyQhRqGsNvDOCa5Aw&google_cver=1
Request Chain 108
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzMjU4NDQzNjYwNjU5OTUyNw%3D%3D
Request Chain 153
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAb11kvJe9n9xRHVqUtKm-s&google_cver=1&gdpr=0
Request Chain 208
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsOkXqZha.1iGFYS-EfDlAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAb11kvJe9n9xRHVqUtKm-s&google_cver=1&gdpr=0&google_hm=2
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEM9SQn_PRtzvJte6QGedQlk&google_cver=1
Request Chain 210
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzMjU4NDQzNjYwNjU5OTUyNw%3D%3D
Request Chain 228
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEFF6gxhJbD4LLWx3ddvVLdM&google_cver=1&google_push=ARnp8GB4w8JrCTDjpInIcrqjTuiQs98uq7AnbnJ_0QmxTlL8_txbS_Bl0b6hgzUsZvRwZUJHs0a33z9gOKubWbDkGmyAVLp_J8KO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ARnp8GB4w8JrCTDjpInIcrqjTuiQs98uq7AnbnJ_0QmxTlL8_txbS_Bl0b6hgzUsZvRwZUJHs0a33z9gOKubWbDkGmyAVLp_J8KO
Request Chain 229
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEDKxe7Ktv0g8kmDCelPuhn4&google_cver=1&google_push=ARnp8GDkOuuDgVg7qwXCxQm_Q7b0QuiTF1MHcyEpbuqZ6yuEjf-qJCADKK29vqdeJDJjSNztGZY6SSQBpU2H_OtPOEMbtIeOzGWD HTTP 302
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEDKxe7Ktv0g8kmDCelPuhn4&google_cver=1&google_push=ARnp8GDkOuuDgVg7qwXCxQm_Q7b0QuiTF1MHcyEpbuqZ6yuEjf-qJCADKK29vqdeJDJjSNztGZY6SSQBpU2H_OtPOEMbtIeOzGWD&bounced=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=ARnp8GDkOuuDgVg7qwXCxQm_Q7b0QuiTF1MHcyEpbuqZ6yuEjf-qJCADKK29vqdeJDJjSNztGZY6SSQBpU2H_OtPOEMbtIeOzGWD&google_hm=wgy_yjbgb6oAAikABlGBzDoXdA%3D%3D
Request Chain 230
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBOYgpz_aOCXMu3nhBXShqE&google_cver=1&google_push=ARnp8GC2917Uzh3M4nsp6M8_strYq-T2ca-I4osyMiTo2o9KpTj7WsBWSDXyfpTLSsNtKGXjuvxXP8NUOIa40A2zFsomc3AdsCAw HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBOYgpz_aOCXMu3nhBXShqE&google_cver=1&google_push=ARnp8GC2917Uzh3M4nsp6M8_strYq-T2ca-I4osyMiTo2o9KpTj7WsBWSDXyfpTLSsNtKGXjuvxXP8NUOIa40A2zFsomc3AdsCAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE3NTU5NDUwNDczNTE0MzY2OA&google_push=ARnp8GC2917Uzh3M4nsp6M8_strYq-T2ca-I4osyMiTo2o9KpTj7WsBWSDXyfpTLSsNtKGXjuvxXP8NUOIa40A2zFsomc3AdsCAw
Request Chain 231
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEHuVAd-txBxxD8cZ1cf7IDA&google_cver=1&google_push=ARnp8GBNpWP8otMvfc7FGxCc2IZXJA3x8tgL_0771ct4_y7IAWXqNic4jLrhFsu8EMUhXz-y-84XA4FDDUkga9V5h-QKyc0skSRi HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ARnp8GBNpWP8otMvfc7FGxCc2IZXJA3x8tgL_0771ct4_y7IAWXqNic4jLrhFsu8EMUhXz-y-84XA4FDDUkga9V5h-QKyc0skSRi&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1656988767648 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a6bdf7a2-c449-48bd-9f80-00a06f62024e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DARnp8GBNpWP8otMvfc7FGxCc2IZXJA3x8tgL_0771ct4_y7IAWXqNic4jLrhFsu8EMUhXz-y-84XA4FDDUkga9V5h-QKyc0skSRi%26google_hm%3DA6a996LESUi9n4AAoG9iAk4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ARnp8GBNpWP8otMvfc7FGxCc2IZXJA3x8tgL_0771ct4_y7IAWXqNic4jLrhFsu8EMUhXz-y-84XA4FDDUkga9V5h-QKyc0skSRi&google_hm=A6a996LESUi9n4AAoG9iAk4
Request Chain 233
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESENSZwH6KMuvqx_ptXqThVvg&google_cver=1&google_push=ARnp8GBkW5-cj214IVwly3oGsgnyhAnzS7OsN8EpdTYR7iZuSgVWIoGf4xzo7bJfZkQ6u8lP8ZBXoS1ddY4f7fRSn-zKVNwoovAzsQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ARnp8GBkW5-cj214IVwly3oGsgnyhAnzS7OsN8EpdTYR7iZuSgVWIoGf4xzo7bJfZkQ6u8lP8ZBXoS1ddY4f7fRSn-zKVNwoovAzsQ&google_hm=Mzc5ODYzMzc4MjMxMzEwNDIy
Request Chain 234
  • https://ads.avads.net/sync/ggl?google_gid=CAESEJ6S8GWnm_4hcajRVqo43Is&google_cver=1&google_push=ARnp8GCuMjzB1mHrqlyryZdvUG_Q2u5GngL24Iu6ceVq2ufpvcvcBV8V_P4DckWRAZ88LzJ0_lrVAQr6nOTxCRsHDxFRhi47QPGRsg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=MGU2MmNiNzYtNWFlNy00MWU1LWI1NjAtMjhhM2FlYjNiY2Vl&google_push=ARnp8GCuMjzB1mHrqlyryZdvUG_Q2u5GngL24Iu6ceVq2ufpvcvcBV8V_P4DckWRAZ88LzJ0_lrVAQr6nOTxCRsHDxFRhi47QPGRsg
Request Chain 246
  • https://um.simpli.fi/gp_match?google_gid=CAESEJ-kUWxAboKZ79eXr6swPxs&google_cver=1&google_push=ARnp8GDnAwYl8vhbHQt9WVxZuOAftAP_1tcuwFpW0F2OigO_N368EmWpAkpd-A6JIsM99-jS2ytfYlfuDG85dwNXbO97rSXGKQDI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=767E77954A84485088CA923552782A67&google_push=ARnp8GDnAwYl8vhbHQt9WVxZuOAftAP_1tcuwFpW0F2OigO_N368EmWpAkpd-A6JIsM99-jS2ytfYlfuDG85dwNXbO97rSXGKQDI
Request Chain 247
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEICo2txcifTcOz7Bd5FBFqU&google_cver=1&google_push=ARnp8GD4JLUUEy0bKgs-usrFl_La9yLiK2SZkGYdPK28VJVlPgPXZcSBQkDWExzTG85qAXBIbVAHW99PFV40tkpmefz6Cv7lA7s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ARnp8GD4JLUUEy0bKgs-usrFl_La9yLiK2SZkGYdPK28VJVlPgPXZcSBQkDWExzTG85qAXBIbVAHW99PFV40tkpmefz6Cv7lA7s
Request Chain 248
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELhFA03yj6ZxIpHEAdha_vM&google_cver=1&google_push=ARnp8GA9LqpS3rz3pGh-sXWyaqD2AQjSVVd1enY842YZV9XCi61LRaNhoVYFwbHuHnXXasFsN1OKOo2N5IqOqsfHe_Yd1OlD5_dM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ARnp8GA9LqpS3rz3pGh-sXWyaqD2AQjSVVd1enY842YZV9XCi61LRaNhoVYFwbHuHnXXasFsN1OKOo2N5IqOqsfHe_Yd1OlD5_dM&google_hm=KiRSW_vlT2-0tAHnKdGixWY
Request Chain 250
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJB1gte3IFI-pCzOlOK80dw&google_cver=1&google_push=ARnp8GDpwCLHtZVXoF3eMkiFZE9tbk57tLRrJc5RYQTWJhtr7cDoaf0Yc3JkYTuS-Grj1Et6Zh4mmYkpapH9w3au1VWsNouNF1Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GDpwCLHtZVXoF3eMkiFZE9tbk57tLRrJc5RYQTWJhtr7cDoaf0Yc3JkYTuS-Grj1Et6Zh4mmYkpapH9w3au1VWsNouNF1Y
Request Chain 252
  • https://cs.media.net/cksync?type=g&google_gid=CAESEPZN2d0hqenv2gaM9x2zdBI&google_cver=1&google_push=ARnp8GARzSF5jpcQ3yO3Tb_4i3N0UvFGBSik4Sg-F_GR5e_S2f6uemunnj6o8_l1dx9EaGp_wLUm-I-_vTe1IUG7SHUocLKQq7Cc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjk5OTkwMzY3NDY3OTA3NjAwMFYxMA%3d%3d&mn_hm=Mjk5OTkwMzY3NDY3OTA3NjAwMFYxMA%3d%3d&google_sc=1&google_push=ARnp8GARzSF5jpcQ3yO3Tb_4i3N0UvFGBSik4Sg-F_GR5e_S2f6uemunnj6o8_l1dx9EaGp_wLUm-I-_vTe1IUG7SHUocLKQq7Cc&gdpr=&gdpr_consent=
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMV37H1iaEPgfdli_D_B4r0&google_cver=1&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEMV37H1iaEPgfdli_D_B4r0&google_cver=1&gdpr=0
Request Chain 281
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmE5NDMxOTItOTVlMi0yNDRlLWZjNGItM2QxOTc0MmM4NjJk
Request Chain 282
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEIX0yEjKXHvRRPx3KWso89U&google_cver=1&gdpr=0
Request Chain 308
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEJ9ma6h-eYX7BH_i0cDIP6Y&google_cver=1&gdpr=0
Request Chain 309
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEGIhIjLaT-DxXGgpvuhU88w&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEGIhIjLaT-DxXGgpvuhU88w&google_cver=1&__user_check__=1&sync_id=b0c7f50b-fc0b-11ec-9505-1fd522ee0206
Request Chain 310
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=b0c0a491-fc0b-11ec-b384-155da6fd0206 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YjBjMGE0NDQtZmMwYi0xMWVjLWIzODQtMTU1ZGE2ZmQwMjA2
Request Chain 321
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDlrHDeGNhXmL8ubdH_lesY&google_cver=1&google_push=ARnp8GCz5tG1Xab95RnYU6vpf5YGUrBAeznhu0lYY_xgyKb0s0AUZl6mQhMm9H_GN9iYv5nNmWbAMkK3g0ZCkW1VyuQ-p39xvpc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzYxNjI2Mjk4NjMwNDgxNzQ3NQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDlrHDeGNhXmL8ubdH_lesY&google_cver=1
Request Chain 322
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBO1qa6h7Bxqn5WMycSXsvE&google_cver=1&google_push=ARnp8GDAfEV5UzDgaI370b3TZ8ZweVcge8m7vNhxWaCboW8m9nqD9oM4tQz_gP9l4rnUxWtohHf7pMIU7v9bjDCOXWqSrP3qnaIn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBO1qa6h7Bxqn5WMycSXsvE&google_push=ARnp8GDAfEV5UzDgaI370b3TZ8ZweVcge8m7vNhxWaCboW8m9nqD9oM4tQz_gP9l4rnUxWtohHf7pMIU7v9bjDCOXWqSrP3qnaIn
Request Chain 324
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOsI8qeUdPb0dLQAVi_De_8&google_cver=1&google_push=ARnp8GDYEpPBtqqYe_34-RHIP92yXcRnyy7DHXrjY-dxwUswb9vqYaQurUCiQJMmYRxXw7OJ9f9JzAK_XNYL5f2VxIoFOTxseSlx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GDYEpPBtqqYe_34-RHIP92yXcRnyy7DHXrjY-dxwUswb9vqYaQurUCiQJMmYRxXw7OJ9f9JzAK_XNYL5f2VxIoFOTxseSlx&google_hm=OTMzNjE2MDE4OTk4NjE5NzYx
Request Chain 325
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMPlPzobs7VBONxzMkiryuo&google_cver=1&google_push=ARnp8GBC1UsGmmJBHxYLe5NVf85tvFM6neWiT_617YDLdRMPUMIJMnMJX_mK8PjzPipz3ZkiqwHm-k1xODaACe0C-hhU-lyJnGM HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMPlPzobs7VBONxzMkiryuo&google_cver=1&google_push=ARnp8GBC1UsGmmJBHxYLe5NVf85tvFM6neWiT_617YDLdRMPUMIJMnMJX_mK8PjzPipz3ZkiqwHm-k1xODaACe0C-hhU-lyJnGM&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Sws9o6aUT3ivtiswqNX3rw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GBC1UsGmmJBHxYLe5NVf85tvFM6neWiT_617YDLdRMPUMIJMnMJX_mK8PjzPipz3ZkiqwHm-k1xODaACe0C-hhU-lyJnGM
Request Chain 364
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&gdpr=0&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&gdpr=0&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1xRVJ6LnBWRTJ1SGpWVlQ5OXFfOFg2M1Fsa2Y0ZjRKM35B&gdpr=0&gdpr_consent=
Request Chain 365
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESELrGLHOpWGZzQv8UeN_Ms7o&google_cver=1&gdpr=0
Request Chain 366
  • https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YWVmYTM4YjUxMTU2ZjJkY2M3MmUwMWI3Yzc2ZGJkNA==&gdpr=0&gdpr_consent=
Request Chain 367
  • https://gcdn.2mdn.net/videoplayback/id/bec5cba177d59779/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3755281257/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/2FECBD3D70E976E8928AB8204331DFDBCAAA1B28.44FBAF06674D610A375B2E90F7024E78011FAF09/key/ck2/file/file.webm?cpn=CJEGnZZ50Uw6gsTB HTTP 302
  • https://r5---sn-aigl6n7z.c.2mdn.net/videoplayback/id/bec5cba177d59779/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3755281257/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4AF68655622CFBD6EE71DC7E0F59F5518E6F0D9D.28DD7AF2FD1ED1BDAA0F05A62BA328F7A3C95ACC/key/cms1/cms_redirect/yes/mh/RR/mip/2a02:8c8:c10:30::15/mm/42/mn/sn-aigl6n7z/ms/onc/mt/1656987561/mv/u/mvi/5/pl/48?cpn=CJEGnZZ50Uw6gsTB&file=file.webm
Request Chain 376
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOsI8qeUdPb0dLQAVi_De_8&google_cver=1&google_push=ARnp8GCJR36Kp5LwnB5nxrlTKgazvExxxzAVHGCik3-WzSLbBv_UExu14cPQu9ccvV32U9oao4k-_rpIVRArzp3HV0SbO_CnK_y9IA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GCJR36Kp5LwnB5nxrlTKgazvExxxzAVHGCik3-WzSLbBv_UExu14cPQu9ccvV32U9oao4k-_rpIVRArzp3HV0SbO_CnK_y9IA&google_hm=NzcwNzQxMTM4MjQxMjMwODU1NQ%3D%3D
Request Chain 377
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELrZtr0YB5UWIe9bqNBLhIw&google_cver=1&google_push=ARnp8GBBAMIRwQLxDfd2JHrXLPSCLstjLDcjEPND-KVTcK5Mraq804-aTd0ZqTAywMf1D4yMWjL-CcWPbrcP2SEJW1eOvMBrJVJ_Sw HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESELrZtr0YB5UWIe9bqNBLhIw&google_cver=1&google_push=ARnp8GBBAMIRwQLxDfd2JHrXLPSCLstjLDcjEPND-KVTcK5Mraq804-aTd0ZqTAywMf1D4yMWjL-CcWPbrcP2SEJW1eOvMBrJVJ_Sw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GBBAMIRwQLxDfd2JHrXLPSCLstjLDcjEPND-KVTcK5Mraq804-aTd0ZqTAywMf1D4yMWjL-CcWPbrcP2SEJW1eOvMBrJVJ_Sw
Request Chain 378
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBzn5KSStn88XUi8jWy3zCs&google_cver=1&google_push=ARnp8GBELrloVBTLtGWjms9QNtV1AUD7k4rIpouiaQREhhHsEVDaMiQ_mj964dKwHL9RjTLbwfXnZHsqf-FSEKNJMb3vQZsP22CCTQ HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBzn5KSStn88XUi8jWy3zCs&google_cver=1&google_push=ARnp8GBELrloVBTLtGWjms9QNtV1AUD7k4rIpouiaQREhhHsEVDaMiQ_mj964dKwHL9RjTLbwfXnZHsqf-FSEKNJMb3vQZsP22CCTQ&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GBELrloVBTLtGWjms9QNtV1AUD7k4rIpouiaQREhhHsEVDaMiQ_mj964dKwHL9RjTLbwfXnZHsqf-FSEKNJMb3vQZsP22CCTQ&google_hm=E7CfqGZHanM4f790Thm9zbEH
Request Chain 379
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIG_6j6cE2BNG-ZmP6u23zw&google_cver=1&google_push=ARnp8GDBNzRZnMTqr3hYCGkBE8ukxqzSWmBUIfXtCHl_RLmL0nBUETqi-w4RSKMJPmGCh2bBBspNOGSdZokLQXMNoch89XEruOsP0Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GDBNzRZnMTqr3hYCGkBE8ukxqzSWmBUIfXtCHl_RLmL0nBUETqi-w4RSKMJPmGCh2bBBspNOGSdZokLQXMNoch89XEruOsP0Q
Request Chain 380
  • https://match.360yield.com/match/ebda?google_gid=CAESEEorfVaZ3pxUrlCVnlG6Bt8&google_cver=1&google_push=ARnp8GAq9n2u6mMUYOTl2iUQrtP6JCiqowSp0iywhQlgZCMnYCeEowcG8c0sM9dxmHICpu6O7rrC5YXvQDOVsrxU1O4Ghe6ktk-8iw HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEorfVaZ3pxUrlCVnlG6Bt8&google_cver=1&google_push=ARnp8GAq9n2u6mMUYOTl2iUQrtP6JCiqowSp0iywhQlgZCMnYCeEowcG8c0sM9dxmHICpu6O7rrC5YXvQDOVsrxU1O4Ghe6ktk-8iw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cun3XEjIRfKZA8GnWb8a7A&google_push=ARnp8GAq9n2u6mMUYOTl2iUQrtP6JCiqowSp0iywhQlgZCMnYCeEowcG8c0sM9dxmHICpu6O7rrC5YXvQDOVsrxU1O4Ghe6ktk-8iw
Request Chain 394
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBFpuLTFe84pFu8u14058yg&google_cver=1&google_push=ARnp8GCtCyvpdu1rqdobou7uL6FGhjE8GAbKNKg5SwQdcWHpM4Hp72xqw0HAhgb3oVh2ljt4cpujt6DbSIb8zTOBKMimHBeUBSzrMQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JfWOOuzxRuuQceXhiI-T6g2&google_push=ARnp8GCtCyvpdu1rqdobou7uL6FGhjE8GAbKNKg5SwQdcWHpM4Hp72xqw0HAhgb3oVh2ljt4cpujt6DbSIb8zTOBKMimHBeUBSzrMQ
Request Chain 395
  • https://a.c.appier.net/gcm?google_gid=CAESEMRLDO8FkLZevjw5d-SFx-I&google_cver=1&google_push=ARnp8GBLtlNu5LX75ZS3j0p1BlhhsxFLwKsZXOHPr4Pg_NmEsmlEAHz-3S402TS0gsU4_mAPgHTRO2N95wjONk8pfg18lSoxidAFmg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=NzlSWDl6bnpCTFNTSDJSZ1lhVERZZw%3D%3D&google_push=ARnp8GBLtlNu5LX75ZS3j0p1BlhhsxFLwKsZXOHPr4Pg_NmEsmlEAHz-3S402TS0gsU4_mAPgHTRO2N95wjONk8pfg18lSoxidAFmg
Request Chain 396
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEJ7mV9u-McCKm0RbHI4XHQw&google_cver=1&google_push=ARnp8GDqGCG7tLsYET6C8W5r5HWcTixwbD6PBY_9LYLYdaJn9uktvKvur39twVTA6l_WmWHQU6nPA4R8DlpCHAezIMTcvEULLoS9hg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=ARnp8GDqGCG7tLsYET6C8W5r5HWcTixwbD6PBY_9LYLYdaJn9uktvKvur39twVTA6l_WmWHQU6nPA4R8DlpCHAezIMTcvEULLoS9hg&google_hm=QWpZYTV2Q2FHN0RJYVNPM2hmYWlPVXc=
Request Chain 398
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMPlPzobs7VBONxzMkiryuo&google_cver=1&google_push=ARnp8GC5LvQJoYa9gRWTV-bLAAGF4k_TwP0y6mN7FDfUjaelkfsj9LjWZ7LObCGHR3XsW9OltmPbXjLr7r_Sh4TeJR6P7hkeI_b2cA HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMPlPzobs7VBONxzMkiryuo&google_cver=1&google_push=ARnp8GC5LvQJoYa9gRWTV-bLAAGF4k_TwP0y6mN7FDfUjaelkfsj9LjWZ7LObCGHR3XsW9OltmPbXjLr7r_Sh4TeJR6P7hkeI_b2cA&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ct0ULQ62RsOkcvmY5EKolg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GC5LvQJoYa9gRWTV-bLAAGF4k_TwP0y6mN7FDfUjaelkfsj9LjWZ7LObCGHR3XsW9OltmPbXjLr7r_Sh4TeJR6P7hkeI_b2cA
Request Chain 406
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsubject.com.ua%2F&domain=subject.com.ua&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Y2LiJ3xyek5JeVVEQW44RHNBMEpVQkU0cjFlek5nZ1Vxb3poNE1ONFFySHJVaVJVNG5YS2k1d3E0ckEzYUlrR3cvUUEzYkdRWVdmQTh4RjhVbG5ZSjhCczNvR1ZiaGxPcWdQcmVnbnFGRXhJem4vZ2J4NjgvTGs2a2xsVy9XSjFEV3R4OEtpM1dGZzAybUJhYUNCcDJ0aTRTTzBmSWY3OHBXeGxwMlQyRjJUbU1RV0VDVFhnSlZLL2RUQjhDZVNTcjVXU2FaUGlJclNPUFcrTG91aDA4UmdtM3BnZENnbmpvM0MrL0V5Ums0aEd0SnowPXw&cppv=2
Request Chain 442
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO_jo6f_aTiz5yI-au1yqtO0eGAds-S1ZV2UfpAg
Request Chain 443
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2532584436606599527
Request Chain 445
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=8ae455a9-7229-9123-9685-1ee443575a19
Request Chain 447
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 448
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E7CfqGZHanM4f790Thm9zbEH
Request Chain 449
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JNqVeaJE2uHNjY8ybdr71Y5boTZOVGYpbwIwhJI-~A
Request Chain 450
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=36dcdb41-47c7-52ba-acba-af7cce790b1d
Request Chain 451
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E7CfqGZHanM4f790Thm9zbEH
Request Chain 452
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JNqVeaJE2uHNjY8ybdr71Y5boTZOVGYpbwIwhJI-~A
Request Chain 453
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2532584436606599527
Request Chain 454
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=36dcdb41-47c7-52ba-acba-af7cce790b1d
Request Chain 455
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO_jo6f_aTiz5yI-au1yqtO0eGAds-S1ZV2UfpAg
Request Chain 457
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=74b5bf86-f463-d9ae-b057-9b012047cddd
Request Chain 459
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 460
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JNqVeaJE2uHNjY8ybdr71Y5boTZOVGYpbwIwhJI-~A
Request Chain 461
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO_jo6f_aTiz5yI-au1yqtO0eGAds-S1ZV2UfpAg
Request Chain 463
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2532584436606599527
Request Chain 464
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=a0cab781-2034-0b67-5e6c-543e7a6995f6
Request Chain 465
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 466
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=36dcdb41-47c7-52ba-acba-af7cce790b1d
Request Chain 468
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E7CfqGZHanM4f790Thm9zbEH
Request Chain 506
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 507
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E7CfqGZHanM4f790Thm9zbEH
Request Chain 508
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JNqVeaJE2uHNjY8ybdr71Y5boTZOVGYpbwIwhJI-~A
Request Chain 509
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2532584436606599527
Request Chain 510
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=36dcdb41-47c7-52ba-acba-af7cce790b1d
Request Chain 511
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO_jo6f_aTiz5yI-au1yqtO0eGAds-S1ZV2UfpAg
Request Chain 513
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ac7b08a9-d8be-ca37-d3c4-e3dcfe74077d
Request Chain 514
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JNqVeaJE2uHNjY8ybdr71Y5boTZOVGYpbwIwhJI-~A
Request Chain 515
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2532584436606599527
Request Chain 516
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=36dcdb41-47c7-52ba-acba-af7cce790b1d
Request Chain 517
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO_jo6f_aTiz5yI-au1yqtO0eGAds-S1ZV2UfpAg
Request Chain 519
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=acf4a7d1-51ed-55e7-5500-13b1b78440e1
Request Chain 521
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 522
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E7CfqGZHanM4f790Thm9zbEH
Request Chain 545
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YsOkXqZha-1iGFYS_EfDlAAACkUAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YsOkXqZha-1iGFYS_EfDlAAACkUAAAIB&dcc=t
Request Chain 547
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=Oh6Nc20Y2HEhGot3OkjDdjpPjHYhFI0hPB75AN9d
Request Chain 550
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Request Chain 554
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3616262986304817475
Request Chain 556
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=WgMfoYFY1O8ytj5&gdpr=1
Request Chain 557
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030001_62c3a4616db6c&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_62c3a4616db6c
Request Chain 558
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-39567b3a-3773-41f7-a3df-e2910aa4bad6
Request Chain 563
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3616262986304817475
Request Chain 564
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=8a4d62c3-a461-4100-b6b6-af8ebc141780&gdpr=1&gdpr_consent=
Request Chain 565
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 568
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 574
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1657075169&gdpr=1
Request Chain 577
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=379863378231310422
Request Chain 584
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c1ab46f5-8b41-49fc-a20f-b08024d255b2&us_privacy=null&gdpr_consent=null&gdpr=1
Request Chain 585
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1672886369&external_user_id=a6bc78d5-d5e4-44cf-a11a-9f084b42a84e
Request Chain 588
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Request Chain 589
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=131&cm_user_id=YsOkXqZha.1iGFYS-EfDlAAA&gdpr=1 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=131&cm_user_id=YsOkXqZha.1iGFYS-EfDlAAA&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662295846784134
Request Chain 612
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=subject.com.ua&sn=ChromeSyncframe&so=3&topUrl=subject.com.ua&bundle=Cf_1EF9HdUJzZUFadmVEdTA1cEd5V2poaGxuVnA0bEZhVVRKZVNibFJHQkhzS3I5JTJCdzN3aXBIVHNQeEtXcEUwdnJkJTJGUUFNa0NSQkM0JTJCR09tSDVCOWs5c3F5dWlvdE1KZzJvSm1MQXp5U0pXUnNxMEVWVHIxalVQYjdyRGNDczF2Q1dqdA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=jHd-rnx1Z2RjUjRIMXljRjF6cHcvSDg3bDhpWDBuSENTbnU4TnZDZFNhdUpFbk52Y2dCUUhOL0F6SVhHUm9PcjR6aEt3a3dYUHhONUt3R2RpVFBYZlNNR29wR3dqT3d2TDNDUlB2Q3AzejMyYVpJZWFDVTRINmUya1ArV3pxcTdMK21CaHRyQVhaMTRWbHFuOXduMGtETkdVTlltWTQ2MnNxTjErckVjMjJTVEhWcUhZVy9aK2Erb0w3L3V4MnVlRGZESGZkdmhBMk03WktENXptNDB5aGlKeTVHSDkzYUV1TFgySmE0M0FmeW5GNmxPMENoQkNJNlJYTnlPWTArUFI1WSthckx3OTQ5ZUpXd0dzMituL2dTa1EzVTY4MktiRFdnMW10eE8rbVQ3KzhzMD18&cppv=2

649 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
subject.com.ua/
Redirect Chain
  • http://subject.com.ua/
  • https://subject.com.ua/
11 KB
4 KB
Document
General
Full URL
https://subject.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.26.2 , Ukraine, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
valerym.sv
Software
Apache /
Resource Hash
3ed193be1d15265678137ca886ffb7bdc7d963232001bf1886e8dace9b3c3b03

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, s-maxage=10
Connection
close
Content-Encoding
gzip
Content-Length
4181
Content-Type
text/html; charset=utf-8
Date
Tue, 05 Jul 2022 02:32:11 GMT
Server
Apache
Vary
Accept-Encoding
X-Mod-Pagespeed
1.13.35.2-0

Redirect headers

Connection
close
Content-Length
231
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 05 Jul 2022 02:32:10 GMT
Location
https://subject.com.ua/
Server
Apache
style.min.css
subject.com.ua/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://subject.com.ua/css/style.min.css
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.26.2 , Ukraine, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
valerym.sv
Software
Apache /
Resource Hash
707c74e779762b2e450b6959ae22c2c6b0b26079fffe308b6427dcf8347506f2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 05 Jul 2022 02:32:11 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Nov 2021 09:42:02 GMT
Server
Apache
ETag
"15dc-5d1c205107e0e-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=3600
Connection
close
Accept-Ranges
bytes
Content-Length
1430
97672d69-12a2-43ea-9222-362234514ff0.min.js
cmp.optad360.io/items/
258 KB
73 KB
Script
General
Full URL
https://cmp.optad360.io/items/97672d69-12a2-43ea-9222-362234514ff0.min.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a600:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da9da6cc08f4fae96cb11b10e093fc4d19f871c3d4b46a2a48ee7f26637b92e5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:26 GMT
content-encoding
gzip
last-modified
Fri, 15 Jan 2021 12:06:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
W/"c7b5c09d2b1684bb417714719df59bd9"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-id
VVYQCov-OGcq4pB_MozAgPgIUXBHUtu1FRbN7ZfiZMbp2YCZ1kMhFw==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
161 KB
56 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4adc34e943aed7192fdbf71e93bc7c7e3281d121e86eb3150b77245da45f5a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56380
x-xss-protection
0
server
cafe
etag
14800945702627472923
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 05 Jul 2022 02:39:25 GMT
dev2pub.js
tag.eu.dev2pub.com/
102 KB
102 KB
Script
General
Full URL
https://tag.eu.dev2pub.com/dev2pub.js?id=%27d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f%27
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.91.60.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
a43ae50be81a393bb0611779e3a14c0a7a791e480ef713585de7f10dcbb4bb9b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 05 Jul 2022 02:39:25 GMT
Last-Modified
Sat, 02 Jul 2022 06:40:31 GMT
Server
nginx
X-IPLB-Request-ID
05BB1566:E0B6_335B3C26:01BB_62C3A45D_29ED1CEF:111E9
ETag
"62bfe85f-196fd"
X-IPLB-Instance
42214
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
104189
js
www.googletagmanager.com/gtag/
103 KB
40 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-1099121-7
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d6b295c72920882cdfd361e537554d94add26762b96eb408afee7badaaf17a3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40353
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Jul 2022 02:39:25 GMT
cse.js
cse.google.com/
10 KB
4 KB
Script
General
Full URL
https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
18e01eba7742b866de79403a3b3f762666d0524d16687161ecb1666fbd29e899
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Tue, 05 Jul 2022 02:39:25 GMT
content-encoding
br
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3504
x-xss-protection
0
server
gws
plugin.min.js
get.optad360.io/sf/e630b43e-4175-11e8-9881-06048607e8f8/
280 KB
59 KB
Script
General
Full URL
https://get.optad360.io/sf/e630b43e-4175-11e8-9881-06048607e8f8/plugin.min.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:5e00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b441b2a9558e2a5fabec71de00959128e85b1292f2211f84cb30a52a7f3f270

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:26 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 09:30:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
W/"c5f65ac98ef9a838c9489966e549e265"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-id
xn9vbz0v6mkKjowBok3Rk6ACGyOoplVUYOtJw66PNX4N81Culrjjzw==
loader2.js
cdn.admixer.net/scripts3/
176 KB
55 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Tue, 05 Jul 2022 02:39:25 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:59 GMT
server
nginx
etag
W/"6282425f-2c101"
x-cached-since
2022-07-05T02:35:13+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Mon, 16 May 2022 12:35:25 GMT
Roboto.woff2
subject.com.ua/fonts/
27 KB
28 KB
Font
General
Full URL
https://subject.com.ua/fonts/Roboto.woff2
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/css/style.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.26.2 , Ukraine, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
valerym.sv
Software
Apache /
Resource Hash
57d4944ce0cbe8e3daba4cb5fcd014b2bf5d4e1d06a2bc6c24bab30eabf3109e

Request headers

Referer
https://subject.com.ua/css/style.min.css
Origin
https://subject.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 05 Jul 2022 02:32:11 GMT
Last-Modified
Wed, 04 Dec 2019 15:02:31 GMT
Server
Apache
ETag
"6d84-598e21a197121"
Content-Type
font/woff2
Cache-Control
s-maxage=10
Connection
close
Accept-Ranges
bytes
Content-Length
28036
vdo.ai.js
a.vdo.ai/core/subject/
26 KB
5 KB
Script
General
Full URL
https://a.vdo.ai/core/subject/vdo.ai.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e4c75bc1ec08f6057d423247f6d2fe9f7b76cc5184c6eeefa1b239d22096354

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
via
1.1 varnish-v4
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
vdo-server
Tag2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish
10386143 6976966
last-modified
Tue, 05 Jul 2022 01:08:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QX%2Fuu4ZMDSAYXRB3CONSBXJQ9U6iLZ8aaUTjJOnjcuwAcRVFn%2B934%2BLgMp%2FwqGvmPUHUWnqPuRnTZJo08P66QjWnvx1rwvJ%2Ba6ubEPB36sSWn47MLRyd5oOOhf2rADo7ULJ%2FSzJOug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cache-control
public, max-age=1800
cf-ray
725cbae5cefd771f-LHR
cse_element__uk.js
www.google.com/cse/static/element/3e1664f444e6eb06/
306 KB
101 KB
Script
General
Full URL
https://www.google.com/cse/static/element/3e1664f444e6eb06/cse_element__uk.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3921d22e340021189f986befdb097d34a4d1142b3c0a2565ef53f5d0971c1748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 14:01:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
304650
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103146
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 17:07:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 01 Jul 2023 14:01:55 GMT
default+uk.css
www.google.com/cse/static/element/3e1664f444e6eb06/
41 KB
9 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/element/3e1664f444e6eb06/default+uk.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 15:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127310
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9086
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 17:07:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Mon, 03 Jul 2023 15:17:35 GMT
espresso.css
www.google.com/cse/static/style/look/v4/
5 KB
2 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/style/look/v4/espresso.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79079035ef85018e365005353caff57c4797c437cb07f6460e77bf6477cd3805
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:34:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
305
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1538
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Tue, 05 Jul 2022 03:24:20 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/
336 KB
118 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&easpi=true&asro=false&easai=false
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a170822e6eff5c303f730f469bd1fd94ea9789505eab4541b9a1c2e48854fa53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121073
x-xss-protection
0
server
cafe
etag
12230330099223476142
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Jul 2022 02:39:25 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/ Frame 2202
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
38215
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 16:02:30 GMT
etag
10429905676100781186
expires
Mon, 18 Jul 2022 16:02:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1099121-7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5676
date
Tue, 05 Jul 2022 01:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 05 Jul 2022 03:04:49 GMT
js
www.googletagmanager.com/gtag/
103 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-113932176-39
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/subject/vdo.ai.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4ab0e6df27ae3fe0f509000e3d73db82fd24ff5ae10155e41e660d6dd3491943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40310
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Jul 2022 02:39:25 GMT
js
www.googletagmanager.com/gtag/
103 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-113932176-39&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1099121-7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
40eda45fe4c8ac3e02ba22f5a611ea7fd75c356488fc42bfa73d7e333df50af2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40315
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Jul 2022 02:39:25 GMT
logger
analytics.vdo.ai/
0
344 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/subject/vdo.ai.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns568718.ip-51-79-79.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 05 Jul 2022 02:39:25 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=2
vdo.min.js
a.vdo.ai/core/dependencies_hbv4_latest/
409 KB
127 KB
Script
General
Full URL
https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/subject/vdo.ai.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e81c6df8730a4d1bb72cf74ed5c5bf440505ad49041e9eabbf943a365be7e9b8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5
cf-ray
725cbae70886771f-LHR
x-cache
HIT
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Jun 2022 07:14:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtIDAKmQoH%2BimkGxMt70Wtrh9yLFWIctG3OYFrWXqpKHnFwj5aMpHOX9UtOSvKD%2F2dCt7ePy0DZQ46H3tyxLG5DaI13XjZlu5BcVLOrEiuQ6cLxv%2B%2Few7UJSSo6gttu2Sao4N%2FViuw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
10646498 7270991
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
public, max-age=1800
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
ima3.js
imasdk.googleapis.com/js/sdkloader/
373 KB
125 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/subject/vdo.ai.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
662a701e1568bc9c60eb966d8c2200f4441a233d50746596c2cd23ac0240dc62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126951
x-xss-protection
0
expires
Tue, 05 Jul 2022 02:39:25 GMT
GetLastCurrenciesRates
api.eu.dev2pub.com/api/public/Dev2Pub/
423 B
690 B
XHR
General
Full URL
https://api.eu.dev2pub.com/api/public/Dev2Pub/GetLastCurrenciesRates
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/dev2pub.js?id=%27d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.91.60.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
156a89db96532096793f7211ea80e871a260de5416be71883362fd6305a434cb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 05 Jul 2022 02:39:25 GMT
Server
nginx
X-IPLB-Request-ID
05BB1566:E0EE_335B3C26:01BB_62C3A45D_29F304AE:2D4C4
Content-Length
423
X-IPLB-Instance
43024
Content-Type
application/json; charset=utf-8
cookie.js
partner.googleadservices.com/gampad/
395 B
699 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=subject.com.ua&callback=_gfp_s_&client=ca-pub-2062463022593482&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&easpi=true&asro=false&easai=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
22241fdf7e5d74dbba137a54493600ddeea31c80c829e46d7a90342ca8627b2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
254
x-xss-protection
0
integrator.js
adservice.google.ae/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.ae/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&easpi=true&asro=false&easai=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&easpi=true&asro=false&easai=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D8D6
96 KB
33 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&adk=1812271804&adf=3025194257&lmt=1656988765&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsubject.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988765214&bpp=2&bdt=342&idt=134&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1085221559156&frm=20&pv=2&ga_vid=1145372659.1656988765&ga_sid=1656988765&ga_hid=1152939023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068196%2C44768759%2C42531608&oid=2&pvsid=1520103964203497&tmod=760952956&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=151
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&easpi=true&asro=false&easai=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ff5c9d7e49415ffeeeddff81bdfad825451eeef09e1c2c4ee13ea46f16cff02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
34029
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Jul 2022 02:39:25 GMT
expires
Tue, 05 Jul 2022 02:39:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6699
20 KB
9 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1656988765&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988765216&bpp=1&bdt=345&idt=167&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1085221559156&frm=20&pv=1&ga_vid=1145372659.1656988765&ga_sid=1656988765&ga_hid=1152939023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068196%2C44768759%2C42531608&oid=2&pvsid=1520103964203497&tmod=760952956&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=khtphbQ4H2&p=https%3A//subject.com.ua&dtd=171
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&easpi=true&asro=false&easai=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dda30ba7e80bbabbcc06f0de349c08c4ba46e1745685e382b0b968cc28f7838e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9268
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Jul 2022 02:39:25 GMT
expires
Tue, 05 Jul 2022 02:39:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/
81 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/e630b43e-4175-11e8-9881-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
fbeeeddcdfdcb5659d9eb9f825c7f2491be4ff8fb18fe098ad93376959170739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28046
x-xss-protection
0
server
sffe
etag
"1264 / 631 of 1000 / last-modified: 1656713159"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 05 Jul 2022 02:39:25 GMT
prebid6.13.0.js
get.optad360.io/sf/
527 KB
528 KB
Script
General
Full URL
https://get.optad360.io/sf/prebid6.13.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/e630b43e-4175-11e8-9881-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:5e00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
710bf3b3a54e164c3bde1c64dd239d2e8cafb6277fecfcfff4bda901d81d377b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 11:26:59 GMT
via
1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
last-modified
Wed, 02 Mar 2022 11:37:42 GMT
server
AmazonS3
age
918747
etag
"9880469287264dec1b2db80d6f0c4c98"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
539768
x-amz-cf-id
w0MDF3sZ8iK55EGKkzP4amHyrQnbGRFd9WoGyd5sX_FcKaapHnC25A==
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1152939023&t=event&_s=1&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=vdoaijs&ea=loaded&el=subject&_u=YAjAAUABCAAAAC~&jid=1272787481&gjid=1182205778&cid=1145372659.1656988765&tid=UA-113932176-39&_gid=605402542.1656988765&_r=1&gtm=2ou6t0&z=355206314
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
async-ads.js
cse.google.com/adsense/search/
140 KB
51 KB
Script
General
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/3e1664f444e6eb06/cse_element__uk.js?usqp=CAI%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e5645a6fb948eb0f445dd91ebeb9b353938b82c80b5a4778f4406136a8ea18e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"13471135256269257698"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Tue, 05 Jul 2022 02:39:25 GMT
clear.png
www.google.com/cse/static/css/v2/
1018 B
1 KB
Image
General
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/3e1664f444e6eb06/default+uk.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/cse/static/element/3e1664f444e6eb06/default+uk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:04:14 GMT
x-content-type-options
nosniff
age
552911
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1018
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 28 Jun 2023 17:04:14 GMT
generate_204
www.googleapis.com/
0
178 B
Image
General
Full URL
https://www.googleapis.com/generate_204
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
clients1.google.com/
0
178 B
Image
General
Full URL
https://clients1.google.com/generate_204
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
c.html
cdn.admixer.net/scripts3/46506/ Frame 9788
738 B
511 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Tue, 05 Jul 2022 02:39:25 GMT
etag
W/"62824272-2e2"
expires
Wed, 05 Jul 2023 08:59:53 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-07-04T08:59:53+00:00
x-id
fr5-up-gc32
a21031c0f6a0994b3314.b.js
cdn.admixer.net/scripts3/46506/
23 KB
8 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/46506/a21031c0f6a0994b3314.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Tue, 05 Jul 2022 02:39:25 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:15 GMT
server
nginx
etag
W/"6282426f-5d41"
vary
Accept-Encoding
x-cached-since
2022-05-31T09:05:56+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Thu, 01 Jun 2023 09:05:56 GMT
0a75d04ce9f53a1a35b6.b.js
cdn.admixer.net/scripts3/46506/
75 KB
20 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/46506/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Tue, 05 Jul 2022 02:39:25 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:04 GMT
server
nginx
etag
W/"62824264-12c39"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:26 GMT
allowed_url.php
targeting.vdo.ai/
19 KB
2 KB
XHR
General
Full URL
https://targeting.vdo.ai/allowed_url.php?type=json&url=subject.com.ua%2F&tag=subject&domain=subject.com.ua
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed2fd2a10dbd3dd732faf98e27d993116bc233e5da8c1032cb93b4238873cf83

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BEBciVaXWTulNeKdx10AIEsqEig%2BcuHBsjn39Hlfa1IvIl%2F2%2FmE6a5MZaiza0u8jK6JbSi%2FLss9eZNG9xwx75EA9tsueXUw9q4k5c8gLBTE5hlf0h%2BPcyTMcnSfhATsnuIRTC4krW6fr76S4P0Z"}],"group":"cf-nel","max_age":604800}
cf-ray
725cbae92d3974a9-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1152939023&t=pageview&_s=2&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAjAAUABCAAAAC~&jid=&gjid=&cid=1145372659.1656988765&tid=UA-113932176-39&_gid=605402542.1656988765&gtm=2ou6t0&z=1101888697
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 21:38:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18078
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
openrtb
adx.adform.net/adx/ Frame
0
0
Preflight
General
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://subject.com.ua
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 05 Jul 2022 02:39:25 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame
0
0
Preflight
General
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://subject.com.ua
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 05 Jul 2022 02:39:25 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame
0
0
Preflight
General
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://subject.com.ua
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 05 Jul 2022 02:39:25 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame
0
0
Preflight
General
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://subject.com.ua
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 05 Jul 2022 02:39:25 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220705
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ac59bf2ef1bcff84c51376f56f9a50de1e13f10525ffa8f2864c30b077e11e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
41907
x-jsd-version
1.0.1392
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19149-FRA, cache-itm18843-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"668-IFvMYUAOsllzUO6ZFQRl0JmnUfg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lR3DR1KprTR05XvsV0ig2cJoN5d3wJ5E82AqnVw3PClEWvk96aqKbkt6Ui8OqL%2B4WWvnqD6YBzxzOjioaUW89xJNpD6eEHUP2iSLwL03DkzQMcevRiofxDbcyvjfv6AXY5g7Wajpw6jEN%2Fx%2BFfU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
725cbae98f95887f-LHR
access-control-expose-headers
*
localstore.js
script.4dex.io/
483 B
940 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2381974
x-amz-request-id
txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2
txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZRQdPFxCL7gICDNoDI9mmoFvUm%2BMpN%2BvPuyq0zXsOgJ9JTaQSwvhbkt5f9t2qYwWpvpFYhm940H51lavFvzppGUmjwmT8wyOo%2FVTE0gHEkhbtOCASEX0OzUv8aRRezsZsDnq5xKLgKT0de7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1652176652152482
cf-ray
725cbae99f9e752d-LHR
prebid
ib.adnxs.com/ut/v3/
144 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0dccfb1620a4db7c8e5d1e3e09a8cc5a690ab6dd1d72f562a2a51cb2940a02a8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:25 GMT
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9adb637f-41dc-4b65-9df9-31f18627d88d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/
0
135 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Tue, 05 Jul 2022 02:39:25 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
70
vary
origin, Accept-Encoding
/
ssp.wp.pl/bidder/
0
57 B
XHR
General
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.13.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
uber-trace-id
0000000000000000684f64da84a64103:399817accbfedf5a:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
v2
i.connectad.io/api/
0
38 B
XHR
General
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
725cbae9bcca7795-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
apacdex
useast.quantumdex.io/auction/
0
337 B
XHR
General
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
cf-ray
725cbae9ad9f888b-LHR
openrtb
adx.adform.net/adx/
0
408 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:25 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/
0
216 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.13.0&cb=16417866189
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
auction
rtb.adxpremium.services/openrtb2/
466 B
790 B
XHR
General
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
d245e82258fa0cbdc3d1cdd87f32d91f7e0ed0a84da6fe8ab32020efb72f495e

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:26 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
466
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
176 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Tue, 05 Jul 2022 02:39:25 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid-request
onetag-sys.com/
15 B
361 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://subject.com.ua
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
translator
hbopenbid.pubmatic.com/
0
0

auction
rtb.adxpremium.services/openrtb2/
465 B
789 B
XHR
General
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
6662f56724b20e34f24fc6022461d4f2aab396edc20d088da9b4edb0d03f7f4f

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:25 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
465
expires
0
v2
i.connectad.io/api/
0
38 B
XHR
General
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
725cbae9bccb7795-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
prebid-request
onetag-sys.com/
15 B
361 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://subject.com.ua
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
apacdex
useast.quantumdex.io/auction/
0
134 B
XHR
General
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
cf-ray
725cbae9ada2888b-LHR
/
ssp.wp.pl/bidder/
0
57 B
XHR
General
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.13.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
uber-trace-id
00000000000000009efe8537e47a62e7:2ce9f19736b57b87:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
cdb
bidder.criteo.com/
0
215 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.13.0&cb=97909974049
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:24 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
openrtb
adx.adform.net/adx/
0
407 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:25 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
translator
hbopenbid.pubmatic.com/
0
0

c
prebid.a-mo.net/a/
0
134 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Tue, 05 Jul 2022 02:39:24 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
2
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
176 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Tue, 05 Jul 2022 02:39:25 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/
145 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
08636323995f6c36f9b860849371a1430e50e239aef09b456cab19aa79756e57
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:25 GMT
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
68542fb0-a0ff-4c6f-a7d2-31fd9b2bafc6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
176 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Tue, 05 Jul 2022 02:39:25 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
/
ssp.wp.pl/bidder/
0
222 B
XHR
General
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.13.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
uber-trace-id
00000000000000000cd5511f3c48bce4:fb3a0b9e38ba0074:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
apacdex
useast.quantumdex.io/auction/
0
134 B
XHR
General
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
cf-ray
725cbae9ada1888b-LHR
v2
i.connectad.io/api/
0
37 B
XHR
General
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
725cbae9bccc7795-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
auction
rtb.adxpremium.services/openrtb2/
465 B
789 B
XHR
General
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
4bc560334638100408afb5bc01e7fbc38e01e0c517b1bfd543c489d9cbdc8cff

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:25 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
465
expires
0
translator
hbopenbid.pubmatic.com/
0
0

c
prebid.a-mo.net/a/
0
158 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Tue, 05 Jul 2022 02:39:25 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
openrtb
adx.adform.net/adx/
0
407 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:25 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid-request
onetag-sys.com/
15 B
361 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://subject.com.ua
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/
145 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1fe0d4888178da26fc6a3dc378b284c71ee2d841994f08f6d2da87c562c458a4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:25 GMT
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ef0f1fe4-d101-4a1d-b1cd-8dce5137c114
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/
0
215 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.13.0&cb=75806728948
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/
145 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5925b6ce61e16911c4704a187063891abae9e8096841ac9ca4bb9b5a11c8a217
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:25 GMT
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8e6da072-6857-41fc-a5d9-3a239336a334
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/
0
215 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.13.0&cb=99898663570
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:24 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
176 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Tue, 05 Jul 2022 02:39:25 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
openrtb
adx.adform.net/adx/
0
407 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:25 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v2
i.connectad.io/api/
0
326 B
XHR
General
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
725cbae9bccf7795-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
apacdex
useast.quantumdex.io/auction/
0
134 B
XHR
General
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
cf-ray
725cbae9ada0888b-LHR
prebid-request
onetag-sys.com/
15 B
361 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://subject.com.ua
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
ssp.wp.pl/bidder/
0
56 B
XHR
General
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.13.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
uber-trace-id
00000000000000007ec3c462121c4d20:da2ff305ec1db31c:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
c
prebid.a-mo.net/a/
0
276 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Tue, 05 Jul 2022 02:39:24 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
0
vary
origin, Accept-Encoding
auction
rtb.adxpremium.services/openrtb2/
465 B
789 B
XHR
General
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
cb326ea58d9ecbfd533ab216aea0934feeeffc4e46862f152a6f5a5d2a35d974

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:25 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
465
expires
0
translator
hbopenbid.pubmatic.com/
0
0

logger
analytics.vdo.ai/
0
344 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns568718.ip-51-79-79.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 05 Jul 2022 02:39:25 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=2
vdo.player.js
a.vdo.ai/core/assets/
651 KB
180 KB
Script
General
Full URL
https://a.vdo.ai/core/assets/vdo.player.js
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e32695eb554644820130b6b6c39187282bfaef34cf5b88b9a8c9b10d2da1e03

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
cf-ray
725cbae9c9a9771d-LHR
x-cache
HIT
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 23 Jul 2021 13:25:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yANyHGWGzxDBpNMDIp586Vfrh%2FsI9rT2BrEM4Jn605D8V8ky5XQtvAwlgi0nZQ%2BmqI5ui%2FQABEGItMuYvIqZMWGfBYABDp8Ggyn1v1gE%2BONmFoLX0DXJpEhsYP4XnTA4LFNN8%2Bm8gg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
11997945 262155
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
public, max-age=1800
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
rtb_v6.24.1.js
a.vdo.ai/core/assets/
466 KB
132 KB
Script
General
Full URL
https://a.vdo.ai/core/assets/rtb_v6.24.1.js
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddbc9719c72a462df357c3a5209f268d45cd45cc7270c682ebf5724c97cb7364

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
cf-ray
725cbae9d9aa771d-LHR
x-cache
HIT
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 14 Jun 2022 14:09:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTQfely3TPkJbiWYP4oF7R1KVnHByFgv3URFlEN75AV3PwrIphB8Oq58CWmSkEa9QOhcvwdoSPknnwQQI4AGav7GzcAjpDjYHxzBEXKbHMJW%2Bz%2F%2BZOe7l864ML53ciEkLRPd%2FAQDmA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
12094116 32771
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
public, max-age=1800
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1152939023&t=event&_s=3&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=initVdo&el=subject&_u=aAjAAUABCAAAAC~&jid=&gjid=&cid=1145372659.1656988765&tid=UA-113932176-39&_gid=605402542.1656988765&gtm=2ou6t0&z=395946827
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 21:38:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18078
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022062701.js
securepubads.g.doubleclick.net/gpt/
373 KB
127 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
01fb24629611503ba4ea42ea9d94c1b82449d62985a6087c5e22e9e38b9b0ff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 21:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17847
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130259
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:39:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 04 Jul 2023 21:41:58 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
368 B
191 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=subject.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
cf937f22bb4c5f8e827a344e6726fa957c379738a0e9f4d5d35406ebb35d0143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166
x-xss-protection
0
expires
Tue, 05 Jul 2022 02:39:25 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5687
624 B
300 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWKYRD0-PABGPXrsskBMAE&v=APEucNVCPf5Cjwh3mS_qn4KXfd3uIhRMeXVfVXDOKB3oP3fg6Nnui5Hno3DSFM-h5SAb_BcvVeT0ub-2Hgt7F17Ot8WjHBnfxA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1656988765&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988765216&bpp=1&bdt=345&idt=167&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1085221559156&frm=20&pv=1&ga_vid=1145372659.1656988765&ga_sid=1656988765&ga_hid=1152939023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068196%2C44768759%2C42531608&oid=2&pvsid=1520103964203497&tmod=760952956&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=khtphbQ4H2&p=https%3A//subject.com.ua&dtd=171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1656988765&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988765216&bpp=1&bdt=345&idt=167&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1085221559156&frm=20&pv=1&ga_vid=1145372659.1656988765&ga_sid=1656988765&ga_hid=1152939023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068196%2C44768759%2C42531608&oid=2&pvsid=1520103964203497&tmod=760952956&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=khtphbQ4H2&p=https%3A//subject.com.ua&dtd=171
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Jul 2022 02:39:25 GMT
expires
Tue, 05 Jul 2022 02:39:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 7EDE
26 KB
16 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CFNun5lrxzkOEiZsdQBTAU9iL0JMPVTKVrZ3MUazTq6SwSFfG3IVNEtuXmy1N5notZRhAtEYQkyHeYQssHQBOAnz_ddwS5Mn88KI0ul9bKouPMsBXU-0KGVGK9DNtHi4LOQvplPE9eK9NIyN6RafILRIUpNw&cry=1&dbm_d=AKAmf-AfoGGTdQDIbfhLcyu53RV-wbdNcXOM66JZ5kWUH2vppalTiHrca6ZiWFCbqOqR3VGnt3AToKnxW2vQH9DU3t1mguPj8cp8VDmdtHWCVVyjKYd5Nksf4_6J0sc3fpGIyUVMXXZqe3CPf31gJdo4XriEtUTldR8Ig3POb9A8KlqmTu4kZ6E85g5b2bjcBrMl1KyAZWz2a55HrA9Yrd3bj_EujayHXflEGpr7s8y5FsUkNJyr_za02rBu-P-bzdsaUujC8AXjHw4_NoOXyrx_SlrVWYJVJMW8aaC71HrJ6Gu6C5Ww7x0IuJiLWruGQ1LrNv8K5rrC8SYvL9eXcXPrUAN38Vh3kT1HH8O0AAtI88HEmODcsDvaTafERkSUuDhVRp8RT1M1GIgoURN9NNgTU5oCaYPStbFRCG61I4iqrzVYWFNKk2R0AmuP7FGir5jIdRqRKqWFfw3JVxL9lBF0dxnCHBn85S8cxih3JmKqZnHMzXHH3MXOO3oE4rSXfBDviU4-5irX9AcQFUZ136rN072sxgEBjNTLz9qnhAHzh98joIZTlg9EmJ6uO7Qrfazayd3QiltX2Jf-7SnSBrFWZhOkp3wLJ8b9Sogb7nWro40i0yK1O092ucCkBdlaj4-wwHvpZFrw8oCil9jAaovoLtrUY7CQHdOsGOZpJNke0WpXjnpzOZMKP651TalTcFN1fOSjuNinfZ5C6wk5lSzYck73pQrDoLnACN7vFVAifbKWtazWjPSkcIxs0YxKZqAmMx1QZiyiKSVZspi6mogS2I3IqBdpxAZhjz5EX1nl_IpzIn68sD3NmOOYZRQwruSev5sBzSH4WXn3TZe4qwlPJzMWHQ0K6cQY4GIceB9P-9OuAWuqWAqheRTzg3cRms3iNpVcP_a3whqbvr4Phkb_Q17IFN7oDL5mDm63M9yl2LCfFYGswN46rx4ZIrVV9aFi1Gnq5r2Ui2L71QRDJb_mYoHCt_J6sl6KYJjrd9fz4sqmY2QOcb3FCSSlvClFZYSjX7KlYDHjEiZxnOrjJATbefDJiMHfjXYS6EVvJCC67XB0yXM6qXM36CrUNDZomC5MH7gxpnVfeNguCzjLizGqUA9NBaK58aDfQ9W5pu4Te1dHp2_-gdmYU7PBcUXyK8hAG4z-q9tIHYqiEvADhSVjyYLIitnsozs1l8JA16Huv38sqFBihcyThf8NY_JKWHBpbGefutXJ8xRr3gRkDl9qMJsSQJlIRcPeX1PD0_iT0kgCdH0u18AGQcOPpoK3mIAY4Y4kVwnX5QxLBwrSyH0O0WJmWA3dohX4rOY-WE8Wj8HiY816TjpFtuG_hdhw6aEzDupR_Q43mE3LcuEts1DOGHw1MDY1jyBiwzUavN7QY0ntMIaOJK0N3Zhb0Tw8CINlAxGljwWtL-HW7k3xjxBu5R1saNABoG7Vn_10HY72urs6T3mFQWDz_hU5cunK-dUt7p34X6yY7LZmbgBTRwBynJ8ZlHradyNzGpcxI4fqLFhmJLfMsTnuUpmcLL4osiOqEWnWNb3nx93PqS7wJVXynL_Yk8s31ZMEa8NhGggG0rEYVhs5u0pNkjcLw8vfUkEN7OVqqRwwYhBeACBjO5kg92BEBYkrT2xI5U634ydM6ciTOMwKoC19eRei5vN2i3OP9BLLq0_98mF4oZ6XSL3XBUurgWVrFkkMYmXG83H1wSen__MtCMbjwi8r0iwl7Lc1hYFWKEWTAXZHmEY6CTRAFKwZ4pjCXTe2_k4DTMbIPl-B4OhG68AJGnylBsdILZ9W8scGr2LrOp98wvgkq-pVJ_FrhE6Li2-8_zmXvj-oCfOZzXvlOaBwObO02zgFK4BQGU3fW8hSxKvPFmGD5XcYZPF_tMfa1w02KNdhqyUCorTIWeI8mocQVMDTDvETqE_vkMdCgPAdPKLFRjV-ad0yOrOnY7nfYd-ml-UXcvlaDdYInM7cui27zwSAPMfhoczc5O4Q6k2lnt5cLE0OHWUlEfJWztKjR5RvDYdTt35jDf76HRIQ2P4I9B1onrwrdNOGBnK82Nvyc1evLVUP2RADTHHP6dwShBnbpqskKTiHEfQ_vdmd_8-34xZUp991xVCpnWBI1ht3KJ8myNA3JB2I7YF7z1DON6ZVb5KDjbkznLZ7x98Pct_G3bFbZ4h9fKpQaH7ea2eXSz4HpgsfDCRh_m50f7f2cHekygM_36DV3QK43qLIVL_Ol9qEPy_5D7rDyot6D7Cxy12d5pH1XaMeue2F2fgfKsAmBt4x2ZptjndSroPmfYlLhJpd7YuMBAoqlkQEFy2OO-OOksUQDfDLyjoVyx2oxOC4ibLpRbx4IefqMOfXgTrM2QbWBKa8EqYGFO_fgoLvfX-xFOpfJIQYNn4CMoe2aoo5R39mpOSmT9scS97zL7p9ydvwdmWfEPS67E4UQNzDPCGwhz8EfLFA_LMH5AlNZb0oAwvyv3swkvNjBgQeyB6q3Y1s1wyRI-EPEF0TmZHd0wvpmRym9j-j07AY-iSLxE5fd0Y_rGcvDL0O1zuryRnwkJxaGkXV1ux5QtkilBpi1cILrmDFvpLPmcsDglfL5SGpEb0L5ZbMZNFLLQFlNRz9e6c7cCbCerSn0dA6UxENGxfDwoLyyYcvkOS6YtESW5yTJkL--NsMUy46HgMRmMqsZ6klUhiMbMQmfkPyow6vyykc8UKnSL5GdKU3D6mE7syUTx-b3E649iCjvoofPCtdbmpHaEI8lrecfSnAFBJNXDje2xz-SQ2kaveq_2sVxdzb6kK7W13v8gwoAshk8bLpSgSAshhZWX4qTfH2BTv0poV9i20w3VbW8RK8oUcqPJAQoToZMiqeA8kKSCrxjCJGajXng4f3SHKYO4v-AYgIRFtDKl-w3g50B69orLXwgBUNcvisFVZGHteKXgPRmykvQAoJIMZvDbNDqZDMNXqTuekVyH07LuapzM4EiX5omfmaDaTNpo-XVfpO0FxGZjLNdOrLbLukXK2Ywo3TyEZZaB7xALugDLqhi32khbEBT9U9okv9VsgoinpwlpJNRU0xhhdQTSBCYKeTaajPrXn9YzEKlsy_l1Pyp8s2f5njBLvur9yl877qYqlEsEbFdtcn01x2994AAQuKJFfSeeBSB0B9b9kqOP_PACzY7pBVliuqCMpKePgnHnv2V-cJUG80KjUyOyaFla8WZvPOh0oPjCfBEIMmftN2Jq61GLh5S9lmLnupJC2pjS2S3wNIVJG-CW0xZwasETK67L9qFR9_nRecLrMS_LYHAMeh_EHahIjnu3Pa5QWuncGqLEinfscBNDpqLgE9iyu5KvMToONS5VO5Jaa1CQnJPq6HoR3fHH2QcEK3Kgplyy7oJrMF5CwQMRsiI49xV4gQzEDaoL8AV7ZYQ6hKr0bzCg1MdnoLsh7gk0PWjAztBVGB2GdFUscPJqle7vyWbcslHbbmB4rKRZIp_Ck4Zq4JtCE-c4Z_EoB3HgXR9Z70elWknw9FnpusHHBPgQ6VSjBVwRPwrBwrSCcexd9PEkIcArb6sAU8AvorBQ0H4PnGbO09xK4uumVUzkbVjvTdn_fCV6C3zt3UA9pP8NfscpRORmBNnUWHBq6lZ5Qk-9VzN485hJYPzHk&cid=CAASBORo1jM&rfl=2%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed7eec9f4ea4a819a1c8481108a1bf49a7815f4349dd0a8804d488d873163a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1656988765&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988765216&bpp=1&bdt=345&idt=167&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1085221559156&frm=20&pv=1&ga_vid=1145372659.1656988765&ga_sid=1656988765&ga_hid=1152939023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068196%2C44768759%2C42531608&oid=2&pvsid=1520103964203497&tmod=760952956&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=khtphbQ4H2&p=https%3A//subject.com.ua&dtd=171
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16189
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 7EDE
23 KB
9 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1656988765&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988765216&bpp=1&bdt=345&idt=167&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1085221559156&frm=20&pv=1&ga_vid=1145372659.1656988765&ga_sid=1656988765&ga_hid=1152939023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068196%2C44768759%2C42531608&oid=2&pvsid=1520103964203497&tmod=760952956&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=khtphbQ4H2&p=https%3A//subject.com.ua&dtd=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:19:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8749
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 21:33:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 05 Jul 2022 03:19:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 7EDE
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1656988765&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988765216&bpp=1&bdt=345&idt=167&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1085221559156&frm=20&pv=1&ga_vid=1145372659.1656988765&ga_sid=1656988765&ga_hid=1152939023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068196%2C44768759%2C42531608&oid=2&pvsid=1520103964203497&tmod=760952956&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=khtphbQ4H2&p=https%3A//subject.com.ua&dtd=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
833
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 02:25:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7EDE
138 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1656988765&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988765216&bpp=1&bdt=345&idt=167&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1085221559156&frm=20&pv=1&ga_vid=1145372659.1656988765&ga_sid=1656988765&ga_hid=1152939023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068196%2C44768759%2C42531608&oid=2&pvsid=1520103964203497&tmod=760952956&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=khtphbQ4H2&p=https%3A//subject.com.ua&dtd=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Jul 2022 02:39:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 7EDE
17 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1656988765&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988765216&bpp=1&bdt=345&idt=167&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1085221559156&frm=20&pv=1&ga_vid=1145372659.1656988765&ga_sid=1656988765&ga_hid=1152939023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068196%2C44768759%2C42531608&oid=2&pvsid=1520103964203497&tmod=760952956&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=khtphbQ4H2&p=https%3A//subject.com.ua&dtd=171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 01:51:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2861
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 01:51:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7EDE
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CcrudI44WZmAf3BVlLRSg5l_IEWFjj_ka4XjU1Zoo70Qooh9E01mL_OIze2XJNzhzxLMLMUphZ0r0haeGoDRvsIkhdDRDE_Xnna87mhr-wAXtRQuw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1656988765&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988765216&bpp=1&bdt=345&idt=167&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1085221559156&frm=20&pv=1&ga_vid=1145372659.1656988765&ga_sid=1656988765&ga_hid=1152939023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068196%2C44768759%2C42531608&oid=2&pvsid=1520103964203497&tmod=760952956&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=khtphbQ4H2&p=https%3A//subject.com.ua&dtd=171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adagio.js
script.4dex.io/
72 KB
23 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2380635
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx1f3e446f9050492a97853-00629f4c08
x-amz-id-2
tx1f3e446f9050492a97853-00629f4c08
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MP7wC8wx7pdOhcJxBnczlvCdpiDQTzPcRH3Zg7f2YutgPZ4YSjXQkPVcC6S1BtphkMs%2BY6DsxqOzI4baI1oU6jfgKaV3Xw91gmnNzFJ82RXYQP%2BB9V0UJ4yLGAHAaKBKQwdDPNiab3OgLaRL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
725cbaeaab3b71bd-LHR
access-control-allow-headers
Authorization
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/
149 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&easpi=true&asro=false&easai=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6482fabea16c1ee1b3760921888758f279eaccc47fe8563f0c10dccc5752d333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54411
x-xss-protection
0
server
cafe
etag
1015871417208199371
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Jul 2022 02:39:25 GMT
ca-pub-2062463022593482
fundingchoicesmessages.google.com/i/
104 KB
36 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-2062463022593482?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&easpi=true&asro=false&easai=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6642d84d3a35e0afb73e52a48164c3813939ddf62cc1f29a743f2272382f0696
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-E8fZdT00o_6fdHJEEb78EA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-E8fZdT00o_6fdHJEEb78EA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-E8fZdT00o_6fdHJEEb78EA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-E8fZdT00o_6fdHJEEb78EA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Tue, 05 Jul 2022 02:39:25 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5687
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOFFEbvIABBYhyfudPRLIKg&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOFFEbvIABBYhyfudPRLIKg&google_cver=1&C=1
43 B
941 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOFFEbvIABBYhyfudPRLIKg&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWKYRD0-PABGPXrsskBMAE&v=APEucNVCPf5Cjwh3mS_qn4KXfd3uIhRMeXVfVXDOKB3oP3fg6Nnui5Hno3DSFM-h5SAb_BcvVeT0ub-2Hgt7F17Ot8WjHBnfxA
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
725cbaed7b05774d-LHR
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EKDjFFOSzWmO9SeHT%2Bq9OYrLDZ9A2moU2jciZ7Ogu0FAfeJwx0L7u8XKzf1STV3JDqwXech0%2FUpkljnrdb6nAXOXG8crYucutlEtbHdogauiQV1u52UAgOYagRlvM5R1YhBthYEydZAAg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47uGeu8n1cepmq6VVrsvi43rqbl8%2BOfElNaQUPs%2BL0pslEgmOoI5CJu6HmeNRSVOdluBWMbGFxYV8%2Bwm1z3wUWgFw%2FgDYg1t8AeyjIorY%2B1bwjpuOo9TwHjwGtNv8rCM6B6MZfqmoTcutQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEOFFEbvIABBYhyfudPRLIKg&google_cver=1&C=1
cache-control
no-cache
cf-ray
725cbaec2e567731-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 5687
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsOkXqZha.1iGFYS-EfDlAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAb11kvJe9n9xRHVqUtKm-s&google_cver=1&google_hm=2
43 B
915 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAb11kvJe9n9xRHVqUtKm-s&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWKYRD0-PABGPXrsskBMAE&v=APEucNVCPf5Cjwh3mS_qn4KXfd3uIhRMeXVfVXDOKB3oP3fg6Nnui5Hno3DSFM-h5SAb_BcvVeT0ub-2Hgt7F17Ot8WjHBnfxA
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
725cbaf0fe74774d-LHR
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DqHIlayIhpfU4Dzt71OeqZ%2Bcyj7Xjx8YCHIUQUHeCnQ8XFPgngL3YbIGCYgOcuTgDUnZJ%2FE0tgnOZtNJdy4JMUi15BZ2WDrT6wxz8za4mG%2FziFew%2BjVb4h6JV%2BHk%2F1d1SwdXMpDIVz1pw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAb11kvJe9n9xRHVqUtKm-s&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5687
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENeyqbUyQhRqGsNvDOCa5Aw&google_cver=1
43 B
1014 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENeyqbUyQhRqGsNvDOCa5Aw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWKYRD0-PABGPXrsskBMAE&v=APEucNVCPf5Cjwh3mS_qn4KXfd3uIhRMeXVfVXDOKB3oP3fg6Nnui5Hno3DSFM-h5SAb_BcvVeT0ub-2Hgt7F17Ot8WjHBnfxA
Protocol
HTTP/1.1
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:26 GMT
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9ae79d64-2cc1-4464-a58a-f25d88a95e5b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENeyqbUyQhRqGsNvDOCa5Aw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5687
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzMjU4NDQzNjYwNjU5OTUyNw%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzMjU4NDQzNjYwNjU5OTUyNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWKYRD0-PABGPXrsskBMAE&v=APEucNVCPf5Cjwh3mS_qn4KXfd3uIhRMeXVfVXDOKB3oP3fg6Nnui5Hno3DSFM-h5SAb_BcvVeT0ub-2Hgt7F17Ot8WjHBnfxA
Protocol
H2
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:25 GMT
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
587e2096-4533-4032-b9cc-d8f401697e0a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzMjU4NDQzNjYwNjU5OTUyNw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 7EDE
27 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CFNun5lrxzkOEiZsdQBTAU9iL0JMPVTKVrZ3MUazTq6SwSFfG3IVNEtuXmy1N5notZRhAtEYQkyHeYQssHQBOAnz_ddwS5Mn88KI0ul9bKouPMsBXU-0KGVGK9DNtHi4LOQvplPE9eK9NIyN6RafILRIUpNw&cry=1&dbm_d=AKAmf-AfoGGTdQDIbfhLcyu53RV-wbdNcXOM66JZ5kWUH2vppalTiHrca6ZiWFCbqOqR3VGnt3AToKnxW2vQH9DU3t1mguPj8cp8VDmdtHWCVVyjKYd5Nksf4_6J0sc3fpGIyUVMXXZqe3CPf31gJdo4XriEtUTldR8Ig3POb9A8KlqmTu4kZ6E85g5b2bjcBrMl1KyAZWz2a55HrA9Yrd3bj_EujayHXflEGpr7s8y5FsUkNJyr_za02rBu-P-bzdsaUujC8AXjHw4_NoOXyrx_SlrVWYJVJMW8aaC71HrJ6Gu6C5Ww7x0IuJiLWruGQ1LrNv8K5rrC8SYvL9eXcXPrUAN38Vh3kT1HH8O0AAtI88HEmODcsDvaTafERkSUuDhVRp8RT1M1GIgoURN9NNgTU5oCaYPStbFRCG61I4iqrzVYWFNKk2R0AmuP7FGir5jIdRqRKqWFfw3JVxL9lBF0dxnCHBn85S8cxih3JmKqZnHMzXHH3MXOO3oE4rSXfBDviU4-5irX9AcQFUZ136rN072sxgEBjNTLz9qnhAHzh98joIZTlg9EmJ6uO7Qrfazayd3QiltX2Jf-7SnSBrFWZhOkp3wLJ8b9Sogb7nWro40i0yK1O092ucCkBdlaj4-wwHvpZFrw8oCil9jAaovoLtrUY7CQHdOsGOZpJNke0WpXjnpzOZMKP651TalTcFN1fOSjuNinfZ5C6wk5lSzYck73pQrDoLnACN7vFVAifbKWtazWjPSkcIxs0YxKZqAmMx1QZiyiKSVZspi6mogS2I3IqBdpxAZhjz5EX1nl_IpzIn68sD3NmOOYZRQwruSev5sBzSH4WXn3TZe4qwlPJzMWHQ0K6cQY4GIceB9P-9OuAWuqWAqheRTzg3cRms3iNpVcP_a3whqbvr4Phkb_Q17IFN7oDL5mDm63M9yl2LCfFYGswN46rx4ZIrVV9aFi1Gnq5r2Ui2L71QRDJb_mYoHCt_J6sl6KYJjrd9fz4sqmY2QOcb3FCSSlvClFZYSjX7KlYDHjEiZxnOrjJATbefDJiMHfjXYS6EVvJCC67XB0yXM6qXM36CrUNDZomC5MH7gxpnVfeNguCzjLizGqUA9NBaK58aDfQ9W5pu4Te1dHp2_-gdmYU7PBcUXyK8hAG4z-q9tIHYqiEvADhSVjyYLIitnsozs1l8JA16Huv38sqFBihcyThf8NY_JKWHBpbGefutXJ8xRr3gRkDl9qMJsSQJlIRcPeX1PD0_iT0kgCdH0u18AGQcOPpoK3mIAY4Y4kVwnX5QxLBwrSyH0O0WJmWA3dohX4rOY-WE8Wj8HiY816TjpFtuG_hdhw6aEzDupR_Q43mE3LcuEts1DOGHw1MDY1jyBiwzUavN7QY0ntMIaOJK0N3Zhb0Tw8CINlAxGljwWtL-HW7k3xjxBu5R1saNABoG7Vn_10HY72urs6T3mFQWDz_hU5cunK-dUt7p34X6yY7LZmbgBTRwBynJ8ZlHradyNzGpcxI4fqLFhmJLfMsTnuUpmcLL4osiOqEWnWNb3nx93PqS7wJVXynL_Yk8s31ZMEa8NhGggG0rEYVhs5u0pNkjcLw8vfUkEN7OVqqRwwYhBeACBjO5kg92BEBYkrT2xI5U634ydM6ciTOMwKoC19eRei5vN2i3OP9BLLq0_98mF4oZ6XSL3XBUurgWVrFkkMYmXG83H1wSen__MtCMbjwi8r0iwl7Lc1hYFWKEWTAXZHmEY6CTRAFKwZ4pjCXTe2_k4DTMbIPl-B4OhG68AJGnylBsdILZ9W8scGr2LrOp98wvgkq-pVJ_FrhE6Li2-8_zmXvj-oCfOZzXvlOaBwObO02zgFK4BQGU3fW8hSxKvPFmGD5XcYZPF_tMfa1w02KNdhqyUCorTIWeI8mocQVMDTDvETqE_vkMdCgPAdPKLFRjV-ad0yOrOnY7nfYd-ml-UXcvlaDdYInM7cui27zwSAPMfhoczc5O4Q6k2lnt5cLE0OHWUlEfJWztKjR5RvDYdTt35jDf76HRIQ2P4I9B1onrwrdNOGBnK82Nvyc1evLVUP2RADTHHP6dwShBnbpqskKTiHEfQ_vdmd_8-34xZUp991xVCpnWBI1ht3KJ8myNA3JB2I7YF7z1DON6ZVb5KDjbkznLZ7x98Pct_G3bFbZ4h9fKpQaH7ea2eXSz4HpgsfDCRh_m50f7f2cHekygM_36DV3QK43qLIVL_Ol9qEPy_5D7rDyot6D7Cxy12d5pH1XaMeue2F2fgfKsAmBt4x2ZptjndSroPmfYlLhJpd7YuMBAoqlkQEFy2OO-OOksUQDfDLyjoVyx2oxOC4ibLpRbx4IefqMOfXgTrM2QbWBKa8EqYGFO_fgoLvfX-xFOpfJIQYNn4CMoe2aoo5R39mpOSmT9scS97zL7p9ydvwdmWfEPS67E4UQNzDPCGwhz8EfLFA_LMH5AlNZb0oAwvyv3swkvNjBgQeyB6q3Y1s1wyRI-EPEF0TmZHd0wvpmRym9j-j07AY-iSLxE5fd0Y_rGcvDL0O1zuryRnwkJxaGkXV1ux5QtkilBpi1cILrmDFvpLPmcsDglfL5SGpEb0L5ZbMZNFLLQFlNRz9e6c7cCbCerSn0dA6UxENGxfDwoLyyYcvkOS6YtESW5yTJkL--NsMUy46HgMRmMqsZ6klUhiMbMQmfkPyow6vyykc8UKnSL5GdKU3D6mE7syUTx-b3E649iCjvoofPCtdbmpHaEI8lrecfSnAFBJNXDje2xz-SQ2kaveq_2sVxdzb6kK7W13v8gwoAshk8bLpSgSAshhZWX4qTfH2BTv0poV9i20w3VbW8RK8oUcqPJAQoToZMiqeA8kKSCrxjCJGajXng4f3SHKYO4v-AYgIRFtDKl-w3g50B69orLXwgBUNcvisFVZGHteKXgPRmykvQAoJIMZvDbNDqZDMNXqTuekVyH07LuapzM4EiX5omfmaDaTNpo-XVfpO0FxGZjLNdOrLbLukXK2Ywo3TyEZZaB7xALugDLqhi32khbEBT9U9okv9VsgoinpwlpJNRU0xhhdQTSBCYKeTaajPrXn9YzEKlsy_l1Pyp8s2f5njBLvur9yl877qYqlEsEbFdtcn01x2994AAQuKJFfSeeBSB0B9b9kqOP_PACzY7pBVliuqCMpKePgnHnv2V-cJUG80KjUyOyaFla8WZvPOh0oPjCfBEIMmftN2Jq61GLh5S9lmLnupJC2pjS2S3wNIVJG-CW0xZwasETK67L9qFR9_nRecLrMS_LYHAMeh_EHahIjnu3Pa5QWuncGqLEinfscBNDpqLgE9iyu5KvMToONS5VO5Jaa1CQnJPq6HoR3fHH2QcEK3Kgplyy7oJrMF5CwQMRsiI49xV4gQzEDaoL8AV7ZYQ6hKr0bzCg1MdnoLsh7gk0PWjAztBVGB2GdFUscPJqle7vyWbcslHbbmB4rKRZIp_Ck4Zq4JtCE-c4Z_EoB3HgXR9Z70elWknw9FnpusHHBPgQ6VSjBVwRPwrBwrSCcexd9PEkIcArb6sAU8AvorBQ0H4PnGbO09xK4uumVUzkbVjvTdn_fCV6C3zt3UA9pP8NfscpRORmBNnUWHBq6lZ5Qk-9VzN485hJYPzHk&cid=CAASBORo1jM&rfl=2%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
508
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10545
x-xss-protection
0
server
cafe
etag
4672069523611413616
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 02:30:57 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7EDE
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CFNun5lrxzkOEiZsdQBTAU9iL0JMPVTKVrZ3MUazTq6SwSFfG3IVNEtuXmy1N5notZRhAtEYQkyHeYQssHQBOAnz_ddwS5Mn88KI0ul9bKouPMsBXU-0KGVGK9DNtHi4LOQvplPE9eK9NIyN6RafILRIUpNw&cry=1&dbm_d=AKAmf-AfoGGTdQDIbfhLcyu53RV-wbdNcXOM66JZ5kWUH2vppalTiHrca6ZiWFCbqOqR3VGnt3AToKnxW2vQH9DU3t1mguPj8cp8VDmdtHWCVVyjKYd5Nksf4_6J0sc3fpGIyUVMXXZqe3CPf31gJdo4XriEtUTldR8Ig3POb9A8KlqmTu4kZ6E85g5b2bjcBrMl1KyAZWz2a55HrA9Yrd3bj_EujayHXflEGpr7s8y5FsUkNJyr_za02rBu-P-bzdsaUujC8AXjHw4_NoOXyrx_SlrVWYJVJMW8aaC71HrJ6Gu6C5Ww7x0IuJiLWruGQ1LrNv8K5rrC8SYvL9eXcXPrUAN38Vh3kT1HH8O0AAtI88HEmODcsDvaTafERkSUuDhVRp8RT1M1GIgoURN9NNgTU5oCaYPStbFRCG61I4iqrzVYWFNKk2R0AmuP7FGir5jIdRqRKqWFfw3JVxL9lBF0dxnCHBn85S8cxih3JmKqZnHMzXHH3MXOO3oE4rSXfBDviU4-5irX9AcQFUZ136rN072sxgEBjNTLz9qnhAHzh98joIZTlg9EmJ6uO7Qrfazayd3QiltX2Jf-7SnSBrFWZhOkp3wLJ8b9Sogb7nWro40i0yK1O092ucCkBdlaj4-wwHvpZFrw8oCil9jAaovoLtrUY7CQHdOsGOZpJNke0WpXjnpzOZMKP651TalTcFN1fOSjuNinfZ5C6wk5lSzYck73pQrDoLnACN7vFVAifbKWtazWjPSkcIxs0YxKZqAmMx1QZiyiKSVZspi6mogS2I3IqBdpxAZhjz5EX1nl_IpzIn68sD3NmOOYZRQwruSev5sBzSH4WXn3TZe4qwlPJzMWHQ0K6cQY4GIceB9P-9OuAWuqWAqheRTzg3cRms3iNpVcP_a3whqbvr4Phkb_Q17IFN7oDL5mDm63M9yl2LCfFYGswN46rx4ZIrVV9aFi1Gnq5r2Ui2L71QRDJb_mYoHCt_J6sl6KYJjrd9fz4sqmY2QOcb3FCSSlvClFZYSjX7KlYDHjEiZxnOrjJATbefDJiMHfjXYS6EVvJCC67XB0yXM6qXM36CrUNDZomC5MH7gxpnVfeNguCzjLizGqUA9NBaK58aDfQ9W5pu4Te1dHp2_-gdmYU7PBcUXyK8hAG4z-q9tIHYqiEvADhSVjyYLIitnsozs1l8JA16Huv38sqFBihcyThf8NY_JKWHBpbGefutXJ8xRr3gRkDl9qMJsSQJlIRcPeX1PD0_iT0kgCdH0u18AGQcOPpoK3mIAY4Y4kVwnX5QxLBwrSyH0O0WJmWA3dohX4rOY-WE8Wj8HiY816TjpFtuG_hdhw6aEzDupR_Q43mE3LcuEts1DOGHw1MDY1jyBiwzUavN7QY0ntMIaOJK0N3Zhb0Tw8CINlAxGljwWtL-HW7k3xjxBu5R1saNABoG7Vn_10HY72urs6T3mFQWDz_hU5cunK-dUt7p34X6yY7LZmbgBTRwBynJ8ZlHradyNzGpcxI4fqLFhmJLfMsTnuUpmcLL4osiOqEWnWNb3nx93PqS7wJVXynL_Yk8s31ZMEa8NhGggG0rEYVhs5u0pNkjcLw8vfUkEN7OVqqRwwYhBeACBjO5kg92BEBYkrT2xI5U634ydM6ciTOMwKoC19eRei5vN2i3OP9BLLq0_98mF4oZ6XSL3XBUurgWVrFkkMYmXG83H1wSen__MtCMbjwi8r0iwl7Lc1hYFWKEWTAXZHmEY6CTRAFKwZ4pjCXTe2_k4DTMbIPl-B4OhG68AJGnylBsdILZ9W8scGr2LrOp98wvgkq-pVJ_FrhE6Li2-8_zmXvj-oCfOZzXvlOaBwObO02zgFK4BQGU3fW8hSxKvPFmGD5XcYZPF_tMfa1w02KNdhqyUCorTIWeI8mocQVMDTDvETqE_vkMdCgPAdPKLFRjV-ad0yOrOnY7nfYd-ml-UXcvlaDdYInM7cui27zwSAPMfhoczc5O4Q6k2lnt5cLE0OHWUlEfJWztKjR5RvDYdTt35jDf76HRIQ2P4I9B1onrwrdNOGBnK82Nvyc1evLVUP2RADTHHP6dwShBnbpqskKTiHEfQ_vdmd_8-34xZUp991xVCpnWBI1ht3KJ8myNA3JB2I7YF7z1DON6ZVb5KDjbkznLZ7x98Pct_G3bFbZ4h9fKpQaH7ea2eXSz4HpgsfDCRh_m50f7f2cHekygM_36DV3QK43qLIVL_Ol9qEPy_5D7rDyot6D7Cxy12d5pH1XaMeue2F2fgfKsAmBt4x2ZptjndSroPmfYlLhJpd7YuMBAoqlkQEFy2OO-OOksUQDfDLyjoVyx2oxOC4ibLpRbx4IefqMOfXgTrM2QbWBKa8EqYGFO_fgoLvfX-xFOpfJIQYNn4CMoe2aoo5R39mpOSmT9scS97zL7p9ydvwdmWfEPS67E4UQNzDPCGwhz8EfLFA_LMH5AlNZb0oAwvyv3swkvNjBgQeyB6q3Y1s1wyRI-EPEF0TmZHd0wvpmRym9j-j07AY-iSLxE5fd0Y_rGcvDL0O1zuryRnwkJxaGkXV1ux5QtkilBpi1cILrmDFvpLPmcsDglfL5SGpEb0L5ZbMZNFLLQFlNRz9e6c7cCbCerSn0dA6UxENGxfDwoLyyYcvkOS6YtESW5yTJkL--NsMUy46HgMRmMqsZ6klUhiMbMQmfkPyow6vyykc8UKnSL5GdKU3D6mE7syUTx-b3E649iCjvoofPCtdbmpHaEI8lrecfSnAFBJNXDje2xz-SQ2kaveq_2sVxdzb6kK7W13v8gwoAshk8bLpSgSAshhZWX4qTfH2BTv0poV9i20w3VbW8RK8oUcqPJAQoToZMiqeA8kKSCrxjCJGajXng4f3SHKYO4v-AYgIRFtDKl-w3g50B69orLXwgBUNcvisFVZGHteKXgPRmykvQAoJIMZvDbNDqZDMNXqTuekVyH07LuapzM4EiX5omfmaDaTNpo-XVfpO0FxGZjLNdOrLbLukXK2Ywo3TyEZZaB7xALugDLqhi32khbEBT9U9okv9VsgoinpwlpJNRU0xhhdQTSBCYKeTaajPrXn9YzEKlsy_l1Pyp8s2f5njBLvur9yl877qYqlEsEbFdtcn01x2994AAQuKJFfSeeBSB0B9b9kqOP_PACzY7pBVliuqCMpKePgnHnv2V-cJUG80KjUyOyaFla8WZvPOh0oPjCfBEIMmftN2Jq61GLh5S9lmLnupJC2pjS2S3wNIVJG-CW0xZwasETK67L9qFR9_nRecLrMS_LYHAMeh_EHahIjnu3Pa5QWuncGqLEinfscBNDpqLgE9iyu5KvMToONS5VO5Jaa1CQnJPq6HoR3fHH2QcEK3Kgplyy7oJrMF5CwQMRsiI49xV4gQzEDaoL8AV7ZYQ6hKr0bzCg1MdnoLsh7gk0PWjAztBVGB2GdFUscPJqle7vyWbcslHbbmB4rKRZIp_Ck4Zq4JtCE-c4Z_EoB3HgXR9Z70elWknw9FnpusHHBPgQ6VSjBVwRPwrBwrSCcexd9PEkIcArb6sAU8AvorBQ0H4PnGbO09xK4uumVUzkbVjvTdn_fCV6C3zt3UA9pP8NfscpRORmBNnUWHBq6lZ5Qk-9VzN485hJYPzHk&cid=CAASBORo1jM&rfl=2%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 11:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53347
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Jul 2023 11:50:18 GMT
iframe_api
www.youtube.com/
980 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
071404725633a55031a90aac1b637158dd67b9ab9f140100d22f8e69f9fdaed2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Tue, 05 Jul 2022 02:39:26 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1152939023&t=timing&_s=4&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_vdo.player.js&utl=subject&utt=218&_u=aAjAAUABCAAAAC~&jid=&gjid=&cid=1145372659.1656988765&tid=UA-113932176-39&_gid=605402542.1656988765&gtm=2ou6t0&z=952586808
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 21:38:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18078
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1152939023&t=timing&_s=5&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_rtb_v6.24.1.js&utl=subject&utt=254&_u=aAjAAUABCAAAAC~&jid=&gjid=&cid=1145372659.1656988765&tid=UA-113932176-39&_gid=605402542.1656988765&gtm=2ou6t0&z=208063399
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 21:38:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18078
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
16379029125961a06a40c0a87.png
h5.vdo.ai/media_file/subject/source/uploads/thumbnails/
54 KB
55 KB
Image
General
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/thumbnails/16379029125961a06a40c0a87.png
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash
024bc9124560f00b84ad3d590e757ee1d0624bdc56f04ec16061bca327036aae

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 05 Jul 2022 02:39:26 GMT
Last-Modified
Fri, 26 Nov 2021 05:02:05 GMT
Server
nginx/1.16.1
ETag
"61a06a4d-d8f2"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
55538
Expires
Wed, 05 Jul 2023 02:39:26 GMT
impl_v90.js
www.googletagservices.com/dcm/ Frame 7EDE
54 KB
21 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/impl_v90.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21331
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 13:07:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Jul 2023 13:29:47 GMT
integrator.js
adservice.google.ae/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.ae/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&easpi=true&asro=false&easai=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 02:39:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&easpi=true&asro=false&easai=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 02:39:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
AGSKWxWjW-lAcVNbzSbwjhO4nW_uvlO7UmxLjNvqvnQ_7xjUSSv7QvMfJY2WkkRNnMs21e_JXVX9gt9eqtOB1-BJTQ==
fundingchoicesmessages.google.com/f/
43 KB
16 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWjW-lAcVNbzSbwjhO4nW_uvlO7UmxLjNvqvnQ_7xjUSSv7QvMfJY2WkkRNnMs21e_JXVX9gt9eqtOB1-BJTQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjU2OTg4NzY2LDcwMDAwMDAwXSwiNUVENEQyNEMtNzlDMC00QzMwLUJDMTgtNjcxNTc3QzM5NUM4IiwiRDQ3NjhFNDEtNTkwMC00NjM0LUEzQTYtRjg0MTkxMzk2RkREIixudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vc3ViamVjdC5jb20udWEvIixudWxsLFtdXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.uvjz2xtmMtA.es5.O/d=1/rs=AJlcJMyGvKIsEwrs4u9LDYuVte8oh89LvA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
55df4e1176549ff382928e1124034d576c028fd75c2d08907a4905aeda9af805
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bX06kfk_E_q4PN6Ymh7VSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-bX06kfk_E_q4PN6Ymh7VSg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-bX06kfk_E_q4PN6Ymh7VSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-bX06kfk_E_q4PN6Ymh7VSg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/ Frame E2B4
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&easpi=true&asro=false&easai=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
33864
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 17:15:02 GMT
etag
10429905676100781186
expires
Mon, 18 Jul 2022 17:15:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
16379029125961a06a40c0a87.m3u8
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame
0
0
Preflight
General
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/16379029125961a06a40c0a87.m3u8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Tue, 05 Jul 2022 02:39:26 GMT
Expires
Wed, 05 Jul 2023 02:39:26 GMT
Server
nginx/1.16.1
16379029125961a06a40c0a87.m3u8
h5.vdo.ai/media_file/subject/source/uploads/videos/
48 KB
8 KB
XHR
General
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/16379029125961a06a40c0a87.m3u8
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash
c2ec1d1a24341f75c3de87b40a90cb16c8a36763a4c07f363e8aa4f4a5d8eb39

Request headers

Referer
https://subject.com.ua/
vdoai
true
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 05 Jul 2022 02:39:26 GMT
Content-Encoding
gzip
Last-Modified
Fri, 26 Nov 2021 05:10:16 GMT
Server
nginx/1.16.1
ETag
W/"61a06c38-c039"
Transfer-Encoding
chunked
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 05 Jul 2023 02:39:26 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 30A9
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
53347
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 11:50:19 GMT
expires
Tue, 04 Jul 2023 11:50:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
a8ac48b7-ae2a-4172-83e3-ee63d47a16b2
https://subject.com.ua/
5 KB
0
Other
General
Full URL
blob:https://subject.com.ua/a8ac48b7-ae2a-4172-83e3-ee63d47a16b2
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13578d1af4231b0fe1dce97d8c588932ffd2f70cd593575640a8315463bd2c37

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
5417
Content-Type
application/javascript
1580890f-b377-4b1d-b74f-c20a7bbb0073
https://subject.com.ua/
75 KB
0
Other
General
Full URL
blob:https://subject.com.ua/1580890f-b377-4b1d-b74f-c20a7bbb0073
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
77017
Content-Type
application/javascript
d4471a59-383d-4960-ae27-a8b3c4f886ff
https://subject.com.ua/
75 KB
0
Other
General
Full URL
blob:https://subject.com.ua/d4471a59-383d-4960-ae27-a8b3c4f886ff
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
77017
Content-Type
application/javascript
bridge3.520.0_en.html
imasdk.googleapis.com/js/core/ Frame 013C
632 KB
204 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.520.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aba363da63c154691250d5daa4dfa09d2b026bd99245c76e64031390dc6609bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1197
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209114
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Jul 2022 02:19:29 GMT
expires
Wed, 05 Jul 2023 02:19:29 GMT
last-modified
Wed, 29 Jun 2022 19:20:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Jul 2022 02:39:26 GMT
logger
analytics.vdo.ai/
0
344 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns568718.ip-51-79-79.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 05 Jul 2022 02:39:26 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=2
logo.svg
a.vdo.ai/core/assets/img/
1 KB
1 KB
Image
General
Full URL
https://a.vdo.ai/core/assets/img/logo.svg
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:26 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
cf-ray
725cbaec6c61771d-LHR
x-cache
HIT
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 02 Mar 2020 08:12:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HtDQbML9Fy6iKK9bzRG4nHb7wFzgRVDPafMquPydcqT9EMPmLrkVYtuZ5V3UIBSXrgfOU6sTdU35xtGv20LkSXAM4bzj%2Bi6AUv1A0kelFeqbVu%2FkOPCzsU%2BLxzS0c4DSikicKr2Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
6157830 6154121
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=1800
access-control-allow-credentials
true
content-type
image/svg+xml
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
www-widgetapi.js
www.youtube.com/s/player/0e7373c2/www-widgetapi.vflset/
155 KB
50 KB
Script
General
Full URL
https://www.youtube.com/s/player/0e7373c2/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1758268a169457ec7c2601d5c148715d5442a9cf20a465ff05b42cc556aa2259
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 20:08:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
23462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51437
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 00:22:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 04 Jul 2023 20:08:24 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E2B4
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CtUBfXaTDYp6YHbS17_UPz-i_sA3rvb3eaumJjNXmD7_Zor3AARABILCesgNgkQagAea4m8kDyAECqQL6y5bkoQpiPqgDAcgDyQSqBMcBT9Bt5d861L3yjb_RuOXp_QUOgmE5zOQUG2sRm8uKIC-SQaAaYmO8XixKawmGx_1jeN1eKVbTXaDRUe48M6PL1L8w52EeayoXk83tyYTqSRgu811AEQPf1BwyLktM_GT7ZqlKLkzI0mjEfCICSSLS8fg6c_MmR-4Q-XjtOWfVIZ2_lnQulHSzjKjlKl4-BFBNPKI6qJhKsiYoNSSG97HLKekDN9LLRPwtOYIMIoACqwXy37O_H1og4OOrwzrpuTZZcOPu4-DAUMAEqrbe-IwEkgUECAQYAZIFBAgFGASgBgKAB8GJqTeoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCX7gHSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItMjA2MjQ2MzAyMjU5MzQ4MhgA&sigh=r4ZkiOqok_M&uach_m=[UACH]
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 05 Jul 2022 02:39:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame E2B4
21 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
399
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 02:32:47 GMT
2460044203312629496
tpc.googlesyndication.com/simgad/ Frame E2B4
33 KB
33 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/2460044203312629496?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnirVAwRmqSFXxhS_Hz6v1BF69GRg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
071dc20e06959975ff8f1cdd8495247ee85c6dc3616cb494446a0c5457517c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 14:13:19 GMT
x-content-type-options
nosniff
age
303967
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34057
x-xss-protection
0
last-modified
Mon, 20 Jun 2022 09:48:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 01 Jul 2023 14:13:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame E2B4
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
834
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 02:25:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E2B4
138 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Jul 2022 02:39:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame E2B4
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 01:51:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2862
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 01:51:44 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame E2B4
31 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 19:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12985
x-xss-protection
0
server
cafe
etag
7466239315051897255
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Jul 2022 19:23:27 GMT
logger
analytics.vdo.ai/
0
344 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns568718.ip-51-79-79.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 05 Jul 2022 02:39:26 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=2
logger
analytics.vdo.ai/
0
344 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns568718.ip-51-79-79.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 05 Jul 2022 02:39:26 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=2
logger
analytics.vdo.ai/
0
344 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns568718.ip-51-79-79.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 05 Jul 2022 02:39:26 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=2
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1152939023&t=event&_s=6&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=pageview&el=subject&_u=aAjAAUABCAAAAC~&jid=&gjid=&cid=1145372659.1656988765&tid=UA-113932176-39&_gid=605402542.1656988765&gtm=2ou6t0&z=51239743
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 21:38:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18079
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1152939023&t=event&_s=7&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=website_pageview&el=subject&_u=aAjAAUABCAAAAC~&jid=&gjid=&cid=1145372659.1656988765&tid=UA-113932176-39&_gid=605402542.1656988765&gtm=2ou6t0&z=1707343650
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 21:38:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18079
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/
4 KB
4 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a

Request headers

Referer
Origin
https://subject.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
logger
analytics.vdo.ai/
0
344 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns568718.ip-51-79-79.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 05 Jul 2022 02:39:26 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=2
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1152939023&t=event&_s=8&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=began_atf&el=subject&_u=aAjAAUABCAAAAC~&jid=&gjid=&cid=1145372659.1656988765&tid=UA-113932176-39&_gid=605402542.1656988765&gtm=2ou6t0&z=791284451
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 21:38:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18079
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWYz48PBlLTxgovGbQr90zMmgTjlVu_5i5F0DG1TiNprNx46jH7cSeWStmjRJYNRsA_hWu_ve4Ewr-RKuISUEWk-29sEG6G0IefJI9rJAk9kOJImroIQTYeD4OWZEYJoTrh9i_VW_rnXbSBMIoJ_dIa8fT5nzZjjw-C4MgpSGIUQmqQqq_5K1z0rk0=
fundingchoicesmessages.google.com/f/
66 KB
24 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWYz48PBlLTxgovGbQr90zMmgTjlVu_5i5F0DG1TiNprNx46jH7cSeWStmjRJYNRsA_hWu_ve4Ewr-RKuISUEWk-29sEG6G0IefJI9rJAk9kOJImroIQTYeD4OWZEYJoTrh9i_VW_rnXbSBMIoJ_dIa8fT5nzZjjw-C4MgpSGIUQmqQqq_5K1z0rk0=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjU2OTg4NzY2LDE5ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vc3ViamVjdC5jb20udWEvIixudWxsLFtdXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2SignalJs.en_GB.vOFzMDqJCy0.es5.O/d=1/rs=AJlcJMyU9lXuTyeAt2irOt8GxBR4jV_vaw/m=iabtcfv2signalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
936a87120ddbcda13815561f58e4f45294e8c49939b645adac52704346e4777c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DUVnB1F9oXxFzFZDkLWt9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-DUVnB1F9oXxFzFZDkLWt9w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-DUVnB1F9oXxFzFZDkLWt9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-DUVnB1F9oXxFzFZDkLWt9w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Tue, 05 Jul 2022 02:39:26 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 7EDE
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04b4d4105ce4479cc23d28d8adabeff167c8a3450f8ceec95fc24177f4e33c18

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3E1D
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
2917
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Tue, 05 Jul 2022 01:50:49 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
pagead2.googlesyndication.com/bg/ Frame 30A9
36 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 04:35:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
79460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13786
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Jul 2023 04:35:06 GMT
px.gif
fundingchoicesmessages.google.com/img/
43 B
68 B
Image
General
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=9.326309225343685
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kou0NFD6oOS6D9aJk4tniQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-kou0NFD6oOS6D9aJk4tniQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-kou0NFD6oOS6D9aJk4tniQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-kou0NFD6oOS6D9aJk4tniQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Tue, 05 Jul 2022 02:39:26 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
image/gif
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/
43 B
68 B
Image
General
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=2.1712844225250327
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MUVeWKzOSoyqxL_5OHwphg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-MUVeWKzOSoyqxL_5OHwphg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-MUVeWKzOSoyqxL_5OHwphg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-MUVeWKzOSoyqxL_5OHwphg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Tue, 05 Jul 2022 02:39:26 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
image/gif
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame E2B4
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13de32ec960c3a7e900b2701b494603dd3d78cb8985cfba045a0a9dddd9744f9

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3E1D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 05 Jul 2022 02:39:26 GMT
expires
Tue, 05 Jul 2022 02:39:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 05 Jul 2022 02:39:26 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
pagead2.googlesyndication.com/bg/ Frame 57F5
36 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 04:35:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
79460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13786
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Jul 2023 04:35:06 GMT
AGSKWxXDp_eakwHPRP3p76v82CHfB_LADtiiJKSwfnPBAqAFI_HjBEZS14cyB9l-bCF34iSjaMY54KlYG3oH7rxY7DoOuwojGi6bVrgbDW0jieR3U0-lr867dWvBV-kwFHbS4uKWRa-tSdRBYQ7zcJYGiSS78qZjlTH8VtQEaq2aFKeMIxRpUhJj8WhTxu4=
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXDp_eakwHPRP3p76v82CHfB_LADtiiJKSwfnPBAqAFI_HjBEZS14cyB9l-bCF34iSjaMY54KlYG3oH7rxY7DoOuwojGi6bVrgbDW0jieR3U0-lr867dWvBV-kwFHbS4uKWRa-tSdRBYQ7zcJYGiSS78qZjlTH8VtQEaq2aFKeMIxRpUhJj8WhTxu4=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_GB.9h1biNLw_Es.es5.O/d=1/rs=AJlcJMzVIFzX61r_AE1xaIXECKGvlhhxZg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mPRfr8UExtpMCgk7DWevIw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-mPRfr8UExtpMCgk7DWevIw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:26 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://subject.com.ua
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-mPRfr8UExtpMCgk7DWevIw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-mPRfr8UExtpMCgk7DWevIw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
16379029125961a06a40c0a87.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/
569 KB
569 KB
XHR
General
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/16379029125961a06a40c0a87.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash
0b9d71929cec28c4265975fbab37e6864dea67957b1f8c5b1635d5d9998950b1

Request headers

Referer
https://subject.com.ua/
vdoai
true
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-582611

Response headers

Date
Tue, 05 Jul 2022 02:39:26 GMT
Last-Modified
Fri, 26 Nov 2021 05:10:16 GMT
Server
nginx/1.16.1
Access-Control-Allow-Origin
*
ETag
"61a06c38-1cb3c944"
Content-Type
video/mp2t
Content-Range
bytes 0-582611/481544516
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
582612
Expires
Wed, 05 Jul 2023 02:39:26 GMT
16379029125961a06a40c0a87.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame
0
0
Preflight
General
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/16379029125961a06a40c0a87.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Tue, 05 Jul 2022 02:39:26 GMT
Expires
Wed, 05 Jul 2023 02:39:26 GMT
Server
nginx/1.16.1
gen_204
pagead2.googlesyndication.com/pagead/ Frame 30A9
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BctctXaTDYo_YMujk7_UPodWv8AIAAAAAOAHgBAI&bg=!qqmlqe3NAAaLlKKnq5Q7ACkAdvg8Wgd-AfdNa22QC51L4xdOqHbMGyTR3pEAObtWcXudtiCndis1kAIAAACkUgAAAAJoAQcKAI4DFWOq0K4WN6W2GDseSXMfFFOJCSUWxSqBgo7Cz7fntnSbYhfddJIsWBR4iFjxVLPegFsWDra22aTdIOgCF2b1uswlo0WigomMY56s_EghbjFdNY2GrKBdWXsxOjJI0hT-PI_zgRtfW71why2L8BZsWrGYvZZvCkk1DkSJ6lnw6qAZFmXZjB0EaOc5tgjjmQLoRbl_koRHeQ5QwN4k7TKBOR5outmuk8elwNhddUZfC1Cbf9sAqpF-isGkovSA5wFGWgnlU_4vU7YR6m4cvyWmTn9j1kb5yq_XsMO2HBDRpRNO02eVD8ozzPNhIx-82J7JSdJPWSmrHMZR3-7c0XoZ7DTLOiBqm6MwWPLbhlbY8GJ194xvyOYEJpoFMHxm3LedJb6esGf1-YMb3ktrmc9dPMHZHA4IiP117TcwBmbask0XE6q5Lu_ZqWIzd4pGPJ2d-hU2YzCIrN6R-exkTUFyu0YxTxy3_KDhuoK9xRSHUgWl-OOLyKGlL6zqqJW2EV42tK2tM5Kp7MnyYsIJ10oDsalmPnSHNALkydzxLx1rJKQzBD5yWzBAjted8ldskebBQWFn1VnI8faXkDtzgPQB-y679_hbGDyRtsFyOa5uwf8hMBitO6nquv6nvmejHYOf3b4lJGcVxcsW_L4pNnejmgfxR0y9AR8RtNRYpLqJGRKXPEuJK-csHPoYNUuhNhKOn8BMqiyzNeMMzu4cZT_i-CUOXAvmVA4Ipmcy-B64-oZ3lkrK1Bi6uh6v0ldg8zqtKbSrN4_z79VJNEzPjVBNjkUjTyD5TJ82tDgGfnlZY9Jl2vk7mnIqZwvnJ2wc_7vxpWmUs54_UVPPkbqrwveK0RnQbyJ7b-ThupImRvwIlOQV-IG8TvK0MXhDghzOI5y3h2fT6M35bLmvZpE8RYlwk9O8fsXEkpCgglXKa3uc9Mi8_yMNg58ai1HzJ1Z8g6dinea2lCrRlkfnGx9GC30v9DmYIsxawbIaxFvmQ1mlplwjfPtr-FHKGfv4TCKC80FoAWFQ2LjXWm9luXgB2WI7ZtBR7Yf5KCWbPIEXIyuy4EIuNaRRQMHBp1yISBZLPqZKT0Fqtde4reLw5QpTi0QvbxkHIcAtRwqedCMG9cBNs0GBpnPBcCAjhokjOsE8pFNoIL0YVIoW4znolu_YFF75JAslcIGsEuOV
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1656988765&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656988765216&bpp=1&bdt=345&idt=167&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1085221559156&frm=20&pv=1&ga_vid=1145372659.1656988765&ga_sid=1656988765&ga_hid=1152939023&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068196%2C44768759%2C42531608&oid=2&pvsid=1520103964203497&tmod=760952956&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=khtphbQ4H2&p=https%3A//subject.com.ua&dtd=171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.co.uk/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 02:39:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 02:39:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
17 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1520103964203497&correlator=2212393373919345&eid=44742767%2C42531608&output=ldjh&gdfp_req=1&vrg=2022062701&ptt=17&impl=fif&gdpr=0&iu_parts=121764058%3A22587791099%2Csubject.com.ua_adi_W2&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x400%7C240x600%7C160x600&ifi=4&adks=1811209177&sfv=1-0-38&ecs=20220705&fsapi=false&cust_params=pubcid%3D6fbe9639-2af9-4a3d-a6d7-495dfdec5ea3&sc=1&cookie=ID%3D1fb775364e7dbffd-22c2cbe4c5cd00bf%3AT%3D1656988765%3ART%3D1656988765%3AS%3DALNI_MYEZcarMJtbkGn918X-9Q7t-iJA5Q&gpic=UID%3D00000833580fd4fc%3AT%3D1656988765%3ART%3D1656988765%3AS%3DALNI_Mbeqp_qurm1Lw2qRO059dZ5uWhgkg&abxe=1&dt=1656988766636&lmt=1656988766&dlt=1656988764872&idt=1147&biw=1600&bih=1200&adxs=14&adys=1577&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fsubject.com.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=240x-1&fws=640&ohw=0&ga_vid=1145372659.1656988765&ga_sid=1656988765&ga_hid=1152939023&ga_fc=true&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
5e6345c14a6d04f0ce2cef1b3c110dd9a3ba4ac47a2c11486feb7ba2b2c66d55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9697
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6C95
6 KB
4 KB
Document
General
Full URL
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Jul 2022 02:39:26 GMT
expires
Wed, 05 Jul 2023 02:39:26 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:26 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 06 Jul 2022 02:39:26 GMT
openrtb
adx.adform.net/adx/ Frame
0
0
Preflight
General
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://subject.com.ua
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 05 Jul 2022 02:39:26 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
176 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Tue, 05 Jul 2022 02:39:26 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
apacdex
useast.quantumdex.io/auction/
0
157 B
XHR
General
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
cf-ray
725cbaefaa44888b-LHR
/
ssp.wp.pl/bidder/
0
80 B
XHR
General
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.13.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:26 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
uber-trace-id
00000000000000005ced13b4daadc787:02cdfcb8e6d1ff38:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
translator
hbopenbid.pubmatic.com/
0
115 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Tue, 05 Jul 2022 02:39:26 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
rtb.adxpremium.services/openrtb2/
465 B
789 B
XHR
General
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
91ef8166c2ff080dd811e40848305898e75cb74aaa0a02b3262239cbd55fd1ab

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:26 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
465
expires
0
prebid-request
onetag-sys.com/
15 B
361 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://subject.com.ua
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
openrtb
adx.adform.net/adx/
0
407 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:26 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
c
prebid.a-mo.net/a/
0
132 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Tue, 05 Jul 2022 02:39:25 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
v2
i.connectad.io/api/
0
326 B
XHR
General
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
725cbaefda297731-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdb
bidder.criteo.com/
0
215 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.13.0&cb=69455674947
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:26 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/
146 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
71e56ba1151fc6fd2f518785ef40441c7f5dab85b6dbb3e809b63e88597bdc3d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:26 GMT
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
db002f0b-967c-4b2d-8abb-738c11a954c3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
146
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
25 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1520103964203497&correlator=2212393373919345&eid=44742767%2C42531608&output=ldjh&gdfp_req=1&vrg=2022062701&ptt=17&impl=fif&gdpr=0&iu_parts=121764058%3A22587791099%2Csubject.com.ua_am_co_S2&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C750x100%7C728x90%7C750x200%7C750x300%7C580x400%7C360x300&ifi=5&adks=3746599878&sfv=1-0-38&ecs=20220705&fsapi=false&cust_params=pubcid%3D6fbe9639-2af9-4a3d-a6d7-495dfdec5ea3&sc=1&cookie=ID%3D1fb775364e7dbffd-22c2cbe4c5cd00bf%3AT%3D1656988765%3ART%3D1656988765%3AS%3DALNI_MYEZcarMJtbkGn918X-9Q7t-iJA5Q&gpic=UID%3D00000833580fd4fc%3AT%3D1656988765%3ART%3D1656988765%3AS%3DALNI_Mbeqp_qurm1Lw2qRO059dZ5uWhgkg&abxe=1&dt=1656988766658&lmt=1656988766&dlt=1656988764872&idt=1147&biw=1600&bih=1200&adxs=636&adys=1945&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fsubject.com.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=336x-1&fws=644&ohw=1086&ga_vid=1145372659.1656988765&ga_sid=1656988765&ga_hid=1152939023&ga_fc=true&btvi=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
fc3098b1038bd0775c25e0de1839ef26063716bae22a95354f9a61425551c1f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11343
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
18 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1520103964203497&correlator=2212393373919345&eid=44742767%2C42531608&output=ldjh&gdfp_req=1&vrg=2022062701&ptt=17&impl=fif&gdpr=0&iu_parts=121764058%3A22587791099%2Csubject.com.ua_adi_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C970x300%7C1200x300%7C1000x250%7C1000x300%7C1000x100%7C580x400&ifi=6&adks=1300255713&sfv=1-0-38&ecs=20220705&fsapi=false&cust_params=pubcid%3D6fbe9639-2af9-4a3d-a6d7-495dfdec5ea3&sc=1&cookie=ID%3D1fb775364e7dbffd-22c2cbe4c5cd00bf%3AT%3D1656988765%3ART%3D1656988765%3AS%3DALNI_MYEZcarMJtbkGn918X-9Q7t-iJA5Q&gpic=UID%3D00000833580fd4fc%3AT%3D1656988765%3ART%3D1656988765%3AS%3DALNI_Mbeqp_qurm1Lw2qRO059dZ5uWhgkg&abxe=1&dt=1656988766667&lmt=1656988766&dlt=1656988764872&idt=1147&biw=1600&bih=1200&adxs=315&adys=28&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fsubject.com.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=970x-1&fws=640&ohw=0&ga_vid=1145372659.1656988765&ga_sid=1656988765&ga_hid=1152939023&ga_fc=true&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ad42e83d93190ee8fd75d4e430ffc4449e946cf63908953f83eb1a8901809306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10237
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
17 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1520103964203497&correlator=2212393373919345&eid=44742767%2C42531608&output=ldjh&gdfp_req=1&vrg=2022062701&ptt=17&impl=fif&gdpr=0&iu_parts=121764058%3A22587791099%2Csubject.com.ua_am_co_S1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C750x100%7C728x90%7C750x200%7C750x300%7C580x400%7C360x300&ifi=7&adks=841399288&sfv=1-0-38&ecs=20220705&fsapi=false&cust_params=pubcid%3D6fbe9639-2af9-4a3d-a6d7-495dfdec5ea3&sc=1&cookie=ID%3D1fb775364e7dbffd-22c2cbe4c5cd00bf%3AT%3D1656988765%3ART%3D1656988765%3AS%3DALNI_MYEZcarMJtbkGn918X-9Q7t-iJA5Q&gpic=UID%3D00000833580fd4fc%3AT%3D1656988765%3ART%3D1656988765%3AS%3DALNI_Mbeqp_qurm1Lw2qRO059dZ5uWhgkg&abxe=1&dt=1656988766675&lmt=1656988766&dlt=1656988764872&idt=1147&biw=1600&bih=1200&adxs=636&adys=895&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fsubject.com.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=336x-1&fws=644&ohw=1086&ga_vid=1145372659.1656988765&ga_sid=1656988765&ga_hid=1152939023&ga_fc=true&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
2412e102b54af446e952d05dd3e5890bd0baa7e5987115e166b54d977d9f37e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9558
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/
87 KB
28 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:26 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 06 Jul 2022 02:39:26 GMT
integrator.js
adservice.google.co.uk/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 02:39:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
18 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1520103964203497&correlator=2212393373919345&eid=44742767%2C42531608&output=ldjh&gdfp_req=1&vrg=2022062701&ptt=17&impl=fif&gdpr=0&iu_parts=121764058%3A22587791099%2Csubject.com.ua_adi_BTF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C970x300%7C1000x250%7C1000x300%7C1000x100%7C580x400&ifi=8&adks=3472914724&sfv=1-0-38&ecs=20220705&fsapi=false&cust_params=pubcid%3D6fbe9639-2af9-4a3d-a6d7-495dfdec5ea3&sc=1&cookie=ID%3D1fb775364e7dbffd-22c2cbe4c5cd00bf%3AT%3D1656988765%3ART%3D1656988765%3AS%3DALNI_MYEZcarMJtbkGn918X-9Q7t-iJA5Q&gpic=UID%3D00000833580fd4fc%3AT%3D1656988765%3ART%3D1656988765%3AS%3DALNI_Mbeqp_qurm1Lw2qRO059dZ5uWhgkg&abxe=1&dt=1656988766924&lmt=1656988766&dlt=1656988764872&idt=1147&biw=1600&bih=1200&adxs=315&adys=2810&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fsubject.com.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=970x-1&fws=640&ohw=0&ga_vid=1145372659.1656988765&ga_sid=1656988765&ga_hid=1152939023&ga_fc=true&btvi=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
d26cc52139807b8f228d2b56eef13b338eb10b05c9f6b844260b30ffad8fee2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10200
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad-serve
fundingchoicesmessages.google.com/f/AGSKWxWntlWBtbfrGficuachi3m4ChdfoV6AJtsMheEpwMo8QYl_27mBqqVS5e7DZoDORv9NAk3cbRCyr34X_9OQEPJA1jY1_OfAsVRzjB1gp0K3MczpbIORtF2p7CILtOlhMrWjZyokvZKC2YJW_8Q3i7m6y7Fbh...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWntlWBtbfrGficuachi3m4ChdfoV6AJtsMheEpwMo8QYl_27mBqqVS5e7DZoDORv9NAk3cbRCyr34X_9OQEPJA1jY1_OfAsVRzjB1gp0K3MczpbIORtF2p7CILtOlhMrWjZyokvZKC2YJW_8Q3i7m6y7FbhPYHS8dJCkKEKuadOu4IWA5X8Wgn1xMljCO8w9dzvBj3v2CS3m4ZZtpwuF-cCwV0HmZzAo7RwJdArhLLKw==/_/ad-serve?/adspot./reporo_/admedia./adrotator.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_GB.9h1biNLw_Es.es5.O/d=1/rs=AJlcJMzVIFzX61r_AE1xaIXECKGvlhhxZg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f38cb6b8fb33adfdb27f4d65750c7147b9e81df52d80abd22d0ccff3cf1a02e0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tvTHJ4tpGC-1pe4gR1KVmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-tvTHJ4tpGC-1pe4gR1KVmQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-tvTHJ4tpGC-1pe4gR1KVmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-tvTHJ4tpGC-1pe4gR1KVmQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Tue, 05 Jul 2022 02:39:27 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/
47 B
93 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_GB.9h1biNLw_Es.es5.O/d=1/rs=AJlcJMzVIFzX61r_AE1xaIXECKGvlhhxZg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 22:32:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14791
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Jul 2022 22:32:56 GMT
AGSKWxXDp_eakwHPRP3p76v82CHfB_LADtiiJKSwfnPBAqAFI_HjBEZS14cyB9l-bCF34iSjaMY54KlYG3oH7rxY7DoOuwojGi6bVrgbDW0jieR3U0-lr867dWvBV-kwFHbS4uKWRa-tSdRBYQ7zcJYGiSS78qZjlTH8VtQEaq2aFKeMIxRpUhJj8WhTxu4=
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXDp_eakwHPRP3p76v82CHfB_LADtiiJKSwfnPBAqAFI_HjBEZS14cyB9l-bCF34iSjaMY54KlYG3oH7rxY7DoOuwojGi6bVrgbDW0jieR3U0-lr867dWvBV-kwFHbS4uKWRa-tSdRBYQ7zcJYGiSS78qZjlTH8VtQEaq2aFKeMIxRpUhJj8WhTxu4=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_GB.9h1biNLw_Es.es5.O/d=1/rs=AJlcJMzVIFzX61r_AE1xaIXECKGvlhhxZg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gmVlbtlUTtYc-vfWoZG6AA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-gmVlbtlUTtYc-vfWoZG6AA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://subject.com.ua
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-gmVlbtlUTtYc-vfWoZG6AA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-gmVlbtlUTtYc-vfWoZG6AA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
container.html
db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BB59
6 KB
3 KB
Document
General
Full URL
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Jul 2022 02:39:26 GMT
expires
Wed, 05 Jul 2023 02:39:26 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxXDp_eakwHPRP3p76v82CHfB_LADtiiJKSwfnPBAqAFI_HjBEZS14cyB9l-bCF34iSjaMY54KlYG3oH7rxY7DoOuwojGi6bVrgbDW0jieR3U0-lr867dWvBV-kwFHbS4uKWRa-tSdRBYQ7zcJYGiSS78qZjlTH8VtQEaq2aFKeMIxRpUhJj8WhTxu4=
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXDp_eakwHPRP3p76v82CHfB_LADtiiJKSwfnPBAqAFI_HjBEZS14cyB9l-bCF34iSjaMY54KlYG3oH7rxY7DoOuwojGi6bVrgbDW0jieR3U0-lr867dWvBV-kwFHbS4uKWRa-tSdRBYQ7zcJYGiSS78qZjlTH8VtQEaq2aFKeMIxRpUhJj8WhTxu4=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_GB.9h1biNLw_Es.es5.O/d=1/rs=AJlcJMzVIFzX61r_AE1xaIXECKGvlhhxZg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cYbbaLRMyQNRidc8xCkI1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-cYbbaLRMyQNRidc8xCkI1g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://subject.com.ua
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cYbbaLRMyQNRidc8xCkI1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-cYbbaLRMyQNRidc8xCkI1g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXDp_eakwHPRP3p76v82CHfB_LADtiiJKSwfnPBAqAFI_HjBEZS14cyB9l-bCF34iSjaMY54KlYG3oH7rxY7DoOuwojGi6bVrgbDW0jieR3U0-lr867dWvBV-kwFHbS4uKWRa-tSdRBYQ7zcJYGiSS78qZjlTH8VtQEaq2aFKeMIxRpUhJj8WhTxu4=
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXDp_eakwHPRP3p76v82CHfB_LADtiiJKSwfnPBAqAFI_HjBEZS14cyB9l-bCF34iSjaMY54KlYG3oH7rxY7DoOuwojGi6bVrgbDW0jieR3U0-lr867dWvBV-kwFHbS4uKWRa-tSdRBYQ7zcJYGiSS78qZjlTH8VtQEaq2aFKeMIxRpUhJj8WhTxu4=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_GB.9h1biNLw_Es.es5.O/d=1/rs=AJlcJMzVIFzX61r_AE1xaIXECKGvlhhxZg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7_kgq9_FJWccS8jAsgjBww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-7_kgq9_FJWccS8jAsgjBww' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://subject.com.ua
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7_kgq9_FJWccS8jAsgjBww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-7_kgq9_FJWccS8jAsgjBww' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW60_kqhigPFZOvUraGhKjePFscfqH_gv9j6ZfCu3H5D8qH8X1nlU2Y59u1RpFz71JTu_oDztUpUUaIB7wlhMhcbS70MYqEwiyjy0-8fzVCuYO8menyLMc3K6I9duH_d9ZxTbpeE6ZZ0L_G1AIeJuNYGbLjFRnRt0BSaGb1ZNnyCMDk2GcPqH3L8aQ=
fundingchoicesmessages.google.com/f/
42 KB
16 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW60_kqhigPFZOvUraGhKjePFscfqH_gv9j6ZfCu3H5D8qH8X1nlU2Y59u1RpFz71JTu_oDztUpUUaIB7wlhMhcbS70MYqEwiyjy0-8fzVCuYO8menyLMc3K6I9duH_d9ZxTbpeE6ZZ0L_G1AIeJuNYGbLjFRnRt0BSaGb1ZNnyCMDk2GcPqH3L8aQ=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjU2OTg4NzY3LDE0NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9zdWJqZWN0LmNvbS51YS8iLG51bGwsW11d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_GB.9h1biNLw_Es.es5.O/d=1/rs=AJlcJMzVIFzX61r_AE1xaIXECKGvlhhxZg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d6c8b4aac5dcdf5143c84aecf95492c462aed75d12ba2ed897417a7d3117d729
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dTM7_FU1_ucAgLOMDbW5nA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-dTM7_FU1_ucAgLOMDbW5nA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dTM7_FU1_ucAgLOMDbW5nA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-dTM7_FU1_ucAgLOMDbW5nA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Tue, 05 Jul 2022 02:39:27 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXDp_eakwHPRP3p76v82CHfB_LADtiiJKSwfnPBAqAFI_HjBEZS14cyB9l-bCF34iSjaMY54KlYG3oH7rxY7DoOuwojGi6bVrgbDW0jieR3U0-lr867dWvBV-kwFHbS4uKWRa-tSdRBYQ7zcJYGiSS78qZjlTH8VtQEaq2aFKeMIxRpUhJj8WhTxu4=
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXDp_eakwHPRP3p76v82CHfB_LADtiiJKSwfnPBAqAFI_HjBEZS14cyB9l-bCF34iSjaMY54KlYG3oH7rxY7DoOuwojGi6bVrgbDW0jieR3U0-lr867dWvBV-kwFHbS4uKWRa-tSdRBYQ7zcJYGiSS78qZjlTH8VtQEaq2aFKeMIxRpUhJj8WhTxu4=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_GB.9h1biNLw_Es.es5.O/d=1/rs=AJlcJMzVIFzX61r_AE1xaIXECKGvlhhxZg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bWWSbUX2hk3ommi-txHnbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-bWWSbUX2hk3ommi-txHnbA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://subject.com.ua
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bWWSbUX2hk3ommi-txHnbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-bWWSbUX2hk3ommi-txHnbA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
logger
analytics.vdo.ai/
0
344 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns568718.ip-51-79-79.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 05 Jul 2022 02:39:27 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=2
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1152939023&t=event&_s=9&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_mcm&el=subject&_u=aAjAAUABCAAAAC~&jid=&gjid=&cid=1145372659.1656988765&tid=UA-113932176-39&_gid=605402542.1656988765&gtm=2ou6t0&z=931449330
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 21:38:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18080
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.co.uk/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_v6.24.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ac59bf2ef1bcff84c51376f56f9a50de1e13f10525ffa8f2864c30b077e11e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
41906
x-jsd-version
1.0.1392
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19149-FRA, cache-itm18843-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"668-IFvMYUAOsllzUO6ZFQRl0JmnUfg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O93vVDa%2BKnd3%2FEzLgBAOoIFqfySCWNk67Qyln2mRiPaMu7%2BLA1JD6E9fVh%2BNV1%2BFzIMBeQv4JyApvGZ%2FuHCcekba7pSM0Yx6Q7kyUr8lR6sKHL3XFo%2B4qjQkw8KiunDPzRRsJAXpk37KW7%2FjJfA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
725cbaf34bab0635-LHR
access-control-expose-headers
*
ads
pubads.g.doubleclick.net/gampad/ Frame 013C
156 B
523 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C22587791099%2Fvdoai-dfp-parent-adunit%2Fz1_dfp_subject_v_pre_1v&description_url=https%3A%2F%2Fsubject.com.ua%2F&tfcd=0&npa=0&correlator=140750531789232&vpos=preroll&sz=288x162%7C300x250%7C400x300%7C419x236%7C640x360%7C640x480%7C1x1%7C800x450%7C444x250%7C635x357%7C640x360%7C400x300%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fsubject.com.ua%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26medianet_ebda%3Dtrue%26openx_ebda%3Dtrue%26rubicon_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.520.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&gdpr=0&sdki=44d&ptt=20&adk=2401209937&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.520.0&media_url=blob%3Ahttps%253a%2F%2Fsubject.com.ua%2Ff2982a04-1d58-443f-92d2-f1a0fd5f109d&sid=188AC43A-026F-4617-A6BA-D7AC0CFA2ACB&nel=0&eid=44754420%2C44760950%2C44761692%2C44762904&dlt=1656988764872&idt=1541&dt=1656988767208&cookie=ID%3D1fb775364e7dbffd%3AT%3D1656988765%3AS%3DALNI_MZchJsKGDgj5ZW6IaBSbjluH3n0qQ&scor=213034527427985&ged=ve4_td2_tt1_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.520.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxXCY5tpa-ikCitSRZ5AGzGVNuNQSqvIYZlkVNIVHxosi1VXfQ5qU4P3qGCPelDu-7UGZ1HwhnOXRR1Kju_E3jMmUCeAT9u-y8xOeCiMKZem1TPrsrtMrLf8pi30pmgTNPNKnjGQuHb1339xqr62vZJDfeL69RzqXx2xN32237JfMgEttcy59ZblcTY=
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXCY5tpa-ikCitSRZ5AGzGVNuNQSqvIYZlkVNIVHxosi1VXfQ5qU4P3qGCPelDu-7UGZ1HwhnOXRR1Kju_E3jMmUCeAT9u-y8xOeCiMKZem1TPrsrtMrLf8pi30pmgTNPNKnjGQuHb1339xqr62vZJDfeL69RzqXx2xN32237JfMgEttcy59ZblcTY=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.en_GB.b760e7AB1yg.es5.O/d=1/rs=AJlcJMywqDO_ayBqIJMVjJ1aJs5m6K32IA/m=cookie_refresh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KqvML0svcPPULJHKCpifVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-KqvML0svcPPULJHKCpifVg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://subject.com.ua
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KqvML0svcPPULJHKCpifVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-KqvML0svcPPULJHKCpifVg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXCY5tpa-ikCitSRZ5AGzGVNuNQSqvIYZlkVNIVHxosi1VXfQ5qU4P3qGCPelDu-7UGZ1HwhnOXRR1Kju_E3jMmUCeAT9u-y8xOeCiMKZem1TPrsrtMrLf8pi30pmgTNPNKnjGQuHb1339xqr62vZJDfeL69RzqXx2xN32237JfMgEttcy59ZblcTY=
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXCY5tpa-ikCitSRZ5AGzGVNuNQSqvIYZlkVNIVHxosi1VXfQ5qU4P3qGCPelDu-7UGZ1HwhnOXRR1Kju_E3jMmUCeAT9u-y8xOeCiMKZem1TPrsrtMrLf8pi30pmgTNPNKnjGQuHb1339xqr62vZJDfeL69RzqXx2xN32237JfMgEttcy59ZblcTY=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.en_GB.b760e7AB1yg.es5.O/d=1/rs=AJlcJMywqDO_ayBqIJMVjJ1aJs5m6K32IA/m=cookie_refresh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YnjUv9HorMn__mnrz5G-YA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-YnjUv9HorMn__mnrz5G-YA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://subject.com.ua
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-YnjUv9HorMn__mnrz5G-YA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-YnjUv9HorMn__mnrz5G-YA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 66B8
645 B
306 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQvNLfAhj39cO7ATAB&v=APEucNWBrlJhMh08vLaO9igxB1YoesnShOm73jPokpWRb-6HCjRwK5ZVGjYCWwAj2UdibeO54kjwz1voQiX7knqjNGpd6YnizahCZy9-aUP4N8srTmX3R5c
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
285
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Jul 2022 02:39:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame BB59
84 KB
34 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aq2J6VlQZmm_aEhbiRriABHmtk5Pxk89_3JOlGx8fh1ZAQxVg8QayiiCKBDOOmiBy_PLjY_Eix7GrQF2ZIaJVnE3vY9N2D0Z8mPdW0qYYKmw75nJyeKmbtKqvB133V1JcDTy3WkZ3OHVH9ubDxOh2N2ZbHig&dbm_d=AKAmf-AwzG7Boz_tqoqM81xTBgSJo9H5Y61MKnnyQbhbZcq4EBNg9yQJSTqnQXqjvob-ZNHjEsOfECOxHLsncXaueII4RQDl58vOpBAwDejF-QsFwmz9G-LMtBlopbbIdXqbTW68PNlRUfcaqjiAay3KQkxx_GnWz2MhLk1toLvmENDYt5_V10sN358yTvdhfNOKVzkIwW0I9CceHWnTYM_7olKB4Nbb4wu1Tn5ouLc3tmJHUPf3BaWssdgNtNWY0j73dUSymCPfpJFvCfbXA-YTu8_mWocRkiaIR_nP3XE-_wrh2K7o8l0KrHthaaFKJEbLRIFZ55muM61lBcw08QHVhJ9HgpUtIA5A2-NTDFGqvy90emqFv5rZ4KcJgQFxlYFnar-6NPhdirx0uLKq2i8yM42aS_A-Y3HAhRrAp7N-53sKa0BMDNGIKk90_Dte-TnBJh-dcLEPuAyf6p7ZClO6SzHNJebqFCBbnECpblLyibwfbKRaYUguYlmmTvePZJn4sTTuyaTqq7509SGLzd9pAYob5UbVk_H_eSMPUqwKF9a8TV1-TSbnQxXhMlpG2CEWP0ZqWMmVRG7Q03uvsaWPoqJh9sFvtDDscaXAcKeDM4MNN0nXMCFbzZvN2jtn_rePsXwkitc6eHHGJ6TCLbdyz8iShAl5wuorOBwOFp_kvqbh2HO7GHvAlLVzkFaWU-n4AhJYt1NCyZBj8lyiXQHh3uU8daUsVHuSyoejWbXyvzlvYjcz7SdYt2aHAj7usqNubYD140Ivs6K0RSeD1JNc0g9tL7z1GcM2mc5leMtuP30HbBsAhOw748KOdjsNN1nYhecrznRh1rLuW9pq6SoE_v75z-J-jGxTH5NNhJLOFAqxsPKTdLGOpRJJvRSKiV6nwh6gPKy7gqCqdCsqPXXPtIbc_8GKmXpF3C70JGa73tc1jLIuHlpvo_aizEkRrubdqzK-HBjI-9zGnBUbBXmprqlxnD_OzCrCeYLQe_0_97yUa7Mk7WTj7t8OAjeSJbX7x4qP3F-UPVM8Z92xzyPWjV8VZd_GR89PNwhZ8YpRyaCKwLn5OZ0PV_HC2c61RSRZi3lVTKO3dhxkr0hJvF5fKbulNiKZ-1qJRSynTtOoUYW3NXLbOKIPFR5nNxCeti7yLO9IYiXOUiJbyQq1EgTBFZVD6oxgJusI0Cngfl-xi8LAvmR7pCvtqFbVM7Reqp93t-i54fXLtCTMmdKvrNs4GJHchJcKSjFntFyOuIvUtn3-mdA86zYrG5Q2UK1MN-d-5-2pTaQBWktFaPiZw__1YhtSd6Kv0qV496ieBbXl2DmfbMohpquCP5XN7M_PegW1ALgSebi83P4cF97mkbJBP0HhtMWWGr--JDnePXYB2Qm-F31vRMAKks5j0p66TP1ZW2Y7JQ_rktnL349HQj8YqszpCDlIigyWsRTBw65Ee2vbnJJI0eNeFMPwkzYVWNgX8EALCe-biEvb7SyMak7zyJJAYOLVhYLLcD6HlHVL4Z5LmmKPqZRMDbQ_fjjMvAA28wCGxPAX1fAHYfKH5q2WJJG-ubhd2UunR-XFQLfpvctOL7BLB1TTL6ZbiMF_Y6xWZYnGqYP0WBUFo4Dc10qef8AAjUJx7Fheg3xIEkMDu90GfElR3AFNWF9QEDfs8XD0SWfcizs4ytBuIzWzCeQ3__zKDbSiraFEpE3sBhhyKY9WR1YHWwVCKR0qCzzaC-IFLroYyyGXORrdnlaBbalvdZ8UA0tcu4XBQi4_M-5a0mrD2c34KGZFf_CW99z0DfMtDG94JW02_AaCzW6pDSuA4f6m47uRfdV4uORa-CHwDqqJ7ZINTwgQXAfaa8WOsSvLf8s6dZwDt15g1Aw_CaE_OkxXlOKPJPqlOruoQz4y5AtY_vthOWv8t7i8R3Z-G4RXYfACTAbYT2o9w2cCQb8oTCnzzOkZ5eHF85zgkZZc5mgWaLGr1a-nvDVK3m0fzb19xI2avKLUbSV4OYX0XQDxkLRRWDq_IfwJCZ35BiyyphgspmWHbHg6nFtaxfowR5TmCt3WOhjy4O9vk0VjMF7Hi8q0EuEf5yO5uS5H800rOq4Eu6n8u3TCTwuLPTpZwkmvHNvSc9XiGiS15hDXNAzsDeFjrV-BwAsTCe9jiW6na9cjlbCvwUMxEWYOiU-H31pIAQHOdf4Mg8uTjHExiw2bdinPg2XJcAWlE_qnZ9uSZqjTORNwnl3yuOu4Uoyg7MbMr5VsfGisfXXJE2szJO6ZfYcORD621HfHUaOb8tPRSfGGHbH2TB7o5bWtPITeyaLVvtywXnZoNFH0YCDw2RSQ58cPmJTyNTfWrEWwz9yPXcj1oSr458JSttD3597zTbOcmHTiEWl1vlEl-lDCbqN5_G0eP_ZOIPeGoEdRuYhHX5jSp_O7AHQ-s5IceaeYQlW9QOL5bTJbIMRob3GdirfTWgzrENXnM3DUgcLHjR8GWaaLn3oB-YwTGHWypazldi4KXBa4nCgdL6zg7xzCtEpGz74M3EiPX-AbdRRjiy_GpDWdx9g05DqKwBrbak2dVRxYMYrJWnj8ZcNGaPn0__dXutV4NkmibG2Ceu3cNt-s1x5uLvO-tMQrSRqM4r96VdKv2SevLHXg6q1fiHOcKwWkGhyIXGswovarN_Gz8CeiDX1jfACZ80C1umpttnRQfiRefqeOi9CJJF3mWb8xT_CbieFR50jXsxgduwjvMMF2AubnLkDDjuU8aqGisOm93YqEbMTs3w3Nta7AnAbJsTKb_yUqExWZAUACqckcdmCAzumn7px__7sb16YbZ1KoVUsFJ0JiDsIyLsSS9FFRwLwb5XXs8o4j6bKX6lpxQTotR8lu0vH9gNWcjkgij4DgbnnPAucLdXpU9c_2pa5nHdobraY_pZDFgYD4rq2SFN4hVAI1tTR2jZ2Dbt9lBLmjxzq_A5tRutpYKR47oq7mrBgThQ1Jf4ElDXmfqzfgXDw8EaRPYMpZ5XhCLcVhRwHOWQpld3j95U-OYn3nWoBcZyK8YxUAPVI4KYi4Caw4DIlpsk2XF_gQSJQRJeCHFO4kQOKM6PueJQfydOExUkZ-tJuNfl13pSXu_YRNSO8jLlwZSwvlLQPr0LQq8Rh8m4SjMLjjReitHHkpWiTX6uj0GlUbfS7iVEoHyGhR9AsKasX2KAW8hQaWqn4JWt86To1uV6uNhYa13WzJl3PFLXsAk_mb3k6qypdGRx8Bw6ZOsYQZr0gPnUccJ5wWQI5-yjP2z_NVf5HJyD8Onb9iZcwMGNnOrPzL4HabpPlgur1aPDlYwsqQ7Om-brGK3Pc1WO-kNf9N9vk3rNP_a3SFgHpakzKhRjIAGrebnCtjwE62yu13KOMDa9eqaWh3MNCvGmdMQwNZOm8P-QAA&cid=CAASJORoadDI4kbdQMJV6HCnifV_-JPiStsYCuTn9lc6GSJ_0CoTMw&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
32d799564052a88013ec97af2ac28cb5b5132d00c62fa3acd8a4732e7ddede24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34852
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BB59
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DCYfmpa0UiJ2tY0i2Q08OTm6L3gQq-yhE3QCwhaoxIoCriJcIzMUXVikaEIqV8-192ymeDVtKr0ZCZSEnhpRf3eNoAbxGCrk--BEILKJF_BGSoMWY
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jload
pixel.adsafeprotected.com/ Frame BB59
47 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=930701&advId=5761340&campId=49720581&pubId=1&placementId=393280247&adsafe_par&bundleId=&dealId=&bidurl=https://subject.com.ua/
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.241.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-241-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9472cd52932b3f1b59130879dcee9dec0795ff30da99d22c3fb708086705f116

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame BB59
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
835
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 02:25:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BB59
138 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Jul 2022 02:39:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame BB59
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 01:51:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2863
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 01:51:44 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1152939023&t=timing&_s=10&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_h5.vdo.ai_ContentStart&utl=subject&utt=1316&_u=aAjAAUABCAAAAC~&jid=&gjid=&cid=1145372659.1656988765&tid=UA-113932176-39&_gid=605402542.1656988765&gtm=2ou6t0&z=1424000424
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 21:38:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18080
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 66B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAb11kvJe9n9xRHVqUtKm-s&google_cver=1&gdpr=0
43 B
914 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAb11kvJe9n9xRHVqUtKm-s&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQvNLfAhj39cO7ATAB&v=APEucNWBrlJhMh08vLaO9igxB1YoesnShOm73jPokpWRb-6HCjRwK5ZVGjYCWwAj2UdibeO54kjwz1voQiX7knqjNGpd6YnizahCZy9-aUP4N8srTmX3R5c
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
725cbaf449e9774d-LHR
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTWONw9Bog6Vafhbv2mpOPJcoR8l%2BrWOWGpSjnVlALO5i9GggJDq0S%2BrRLHzXeWk8zdSb%2BR1Mg8j6vOuz0S%2BN1QTJZS1Mhm4NaD8LvC%2BBBSMnyF9SP0Grpvp%2FG6tuccfkLaOnCYgJg%2F37g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAb11kvJe9n9xRHVqUtKm-s&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 66B8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsOkXqZha.1iGFYS-EfDlAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAb11kvJe9n9xRHVqUtKm-s&google_cver=1&gdpr=0&google_hm=2
43 B
910 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAb11kvJe9n9xRHVqUtKm-s&google_cver=1&gdpr=0&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQvNLfAhj39cO7ATAB&v=APEucNWBrlJhMh08vLaO9igxB1YoesnShOm73jPokpWRb-6HCjRwK5ZVGjYCWwAj2UdibeO54kjwz1voQiX7knqjNGpd6YnizahCZy9-aUP4N8srTmX3R5c
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
725cbaf8ef84774d-LHR
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6NS5X6HDeRy65pb4vJcyWYL%2FdcJlNmVugFB0peagyj3s8UfbZu%2B3n9jkvvwqAJpIWO2%2BNVgFw%2Bo4N47Vj2wBeK9oE4Pg6gCUw1mpXSJfQt12AVzQEh1tefCq102%2BAgnzGnzsDZceQULBA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAb11kvJe9n9xRHVqUtKm-s&google_cver=1&gdpr=0&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
340
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 66B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEM9SQn_PRtzvJte6QGedQlk&google_cver=1
43 B
1014 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEM9SQn_PRtzvJte6QGedQlk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQvNLfAhj39cO7ATAB&v=APEucNWBrlJhMh08vLaO9igxB1YoesnShOm73jPokpWRb-6HCjRwK5ZVGjYCWwAj2UdibeO54kjwz1voQiX7knqjNGpd6YnizahCZy9-aUP4N8srTmX3R5c
Protocol
HTTP/1.1
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:27 GMT
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9f77251e-b39c-440e-9651-c9052a85d434
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEM9SQn_PRtzvJte6QGedQlk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 66B8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzMjU4NDQzNjYwNjU5OTUyNw%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzMjU4NDQzNjYwNjU5OTUyNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQvNLfAhj39cO7ATAB&v=APEucNWBrlJhMh08vLaO9igxB1YoesnShOm73jPokpWRb-6HCjRwK5ZVGjYCWwAj2UdibeO54kjwz1voQiX7knqjNGpd6YnizahCZy9-aUP4N8srTmX3R5c
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:27 GMT
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
951e92f9-fd54-4d06-9fce-b7aaa61cc1d3
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzMjU4NDQzNjYwNjU5OTUyNw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
16379029125961a06a40c0a87.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/
576 KB
577 KB
XHR
General
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/16379029125961a06a40c0a87.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash
1267053f2b37e1929526550215621883787b4a2250a27c8655df8d43a9ca99ba

Request headers

Referer
https://subject.com.ua/
vdoai
true
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=582612-1172743

Response headers

Date
Tue, 05 Jul 2022 02:39:27 GMT
Last-Modified
Fri, 26 Nov 2021 05:10:16 GMT
Server
nginx/1.16.1
Access-Control-Allow-Origin
*
ETag
"61a06c38-1cb3c944"
Content-Type
video/mp2t
Content-Range
bytes 582612-1172743/481544516
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
590132
Expires
Wed, 05 Jul 2023 02:39:27 GMT
16379029125961a06a40c0a87.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame
0
0
Preflight
General
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/16379029125961a06a40c0a87.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Tue, 05 Jul 2022 02:39:27 GMT
Expires
Wed, 05 Jul 2023 02:39:27 GMT
Server
nginx/1.16.1
container.html
db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7755
6 KB
3 KB
Document
General
Full URL
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Jul 2022 02:39:26 GMT
expires
Wed, 05 Jul 2023 02:39:26 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame E2B4
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvGYzyqvb8V1WV9pyaMwEtwdsYT9Kgsfz9lZ4iCx3P1Ihz1uTUut_rp-qp1I899x4IvJEG_Tf8HI41f91H8m2sqYww0unLWAWgCk3neHMdSGeMtwFZP86PGG69Ujn5kb_Z4to&sai=AMfl-YS5fOlikZ0Yt7HTeoC0R0HAEvPgxzEVD35corReIch1Oh9VOMm-lipk9lufZPFFQHsxVyb27QLPG7qr&sig=Cg0ArKJSzFf46m8tZhYhEAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=91,770,1001,1064,1064&tos=91,679,231,63,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656988766072&rpt=223&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame BB59
170 KB
59 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
Origin
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 19:43:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24950
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Jul 2022 19:43:37 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/ Frame BB59
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aq2J6VlQZmm_aEhbiRriABHmtk5Pxk89_3JOlGx8fh1ZAQxVg8QayiiCKBDOOmiBy_PLjY_Eix7GrQF2ZIaJVnE3vY9N2D0Z8mPdW0qYYKmw75nJyeKmbtKqvB133V1JcDTy3WkZ3OHVH9ubDxOh2N2ZbHig&dbm_d=AKAmf-AwzG7Boz_tqoqM81xTBgSJo9H5Y61MKnnyQbhbZcq4EBNg9yQJSTqnQXqjvob-ZNHjEsOfECOxHLsncXaueII4RQDl58vOpBAwDejF-QsFwmz9G-LMtBlopbbIdXqbTW68PNlRUfcaqjiAay3KQkxx_GnWz2MhLk1toLvmENDYt5_V10sN358yTvdhfNOKVzkIwW0I9CceHWnTYM_7olKB4Nbb4wu1Tn5ouLc3tmJHUPf3BaWssdgNtNWY0j73dUSymCPfpJFvCfbXA-YTu8_mWocRkiaIR_nP3XE-_wrh2K7o8l0KrHthaaFKJEbLRIFZ55muM61lBcw08QHVhJ9HgpUtIA5A2-NTDFGqvy90emqFv5rZ4KcJgQFxlYFnar-6NPhdirx0uLKq2i8yM42aS_A-Y3HAhRrAp7N-53sKa0BMDNGIKk90_Dte-TnBJh-dcLEPuAyf6p7ZClO6SzHNJebqFCBbnECpblLyibwfbKRaYUguYlmmTvePZJn4sTTuyaTqq7509SGLzd9pAYob5UbVk_H_eSMPUqwKF9a8TV1-TSbnQxXhMlpG2CEWP0ZqWMmVRG7Q03uvsaWPoqJh9sFvtDDscaXAcKeDM4MNN0nXMCFbzZvN2jtn_rePsXwkitc6eHHGJ6TCLbdyz8iShAl5wuorOBwOFp_kvqbh2HO7GHvAlLVzkFaWU-n4AhJYt1NCyZBj8lyiXQHh3uU8daUsVHuSyoejWbXyvzlvYjcz7SdYt2aHAj7usqNubYD140Ivs6K0RSeD1JNc0g9tL7z1GcM2mc5leMtuP30HbBsAhOw748KOdjsNN1nYhecrznRh1rLuW9pq6SoE_v75z-J-jGxTH5NNhJLOFAqxsPKTdLGOpRJJvRSKiV6nwh6gPKy7gqCqdCsqPXXPtIbc_8GKmXpF3C70JGa73tc1jLIuHlpvo_aizEkRrubdqzK-HBjI-9zGnBUbBXmprqlxnD_OzCrCeYLQe_0_97yUa7Mk7WTj7t8OAjeSJbX7x4qP3F-UPVM8Z92xzyPWjV8VZd_GR89PNwhZ8YpRyaCKwLn5OZ0PV_HC2c61RSRZi3lVTKO3dhxkr0hJvF5fKbulNiKZ-1qJRSynTtOoUYW3NXLbOKIPFR5nNxCeti7yLO9IYiXOUiJbyQq1EgTBFZVD6oxgJusI0Cngfl-xi8LAvmR7pCvtqFbVM7Reqp93t-i54fXLtCTMmdKvrNs4GJHchJcKSjFntFyOuIvUtn3-mdA86zYrG5Q2UK1MN-d-5-2pTaQBWktFaPiZw__1YhtSd6Kv0qV496ieBbXl2DmfbMohpquCP5XN7M_PegW1ALgSebi83P4cF97mkbJBP0HhtMWWGr--JDnePXYB2Qm-F31vRMAKks5j0p66TP1ZW2Y7JQ_rktnL349HQj8YqszpCDlIigyWsRTBw65Ee2vbnJJI0eNeFMPwkzYVWNgX8EALCe-biEvb7SyMak7zyJJAYOLVhYLLcD6HlHVL4Z5LmmKPqZRMDbQ_fjjMvAA28wCGxPAX1fAHYfKH5q2WJJG-ubhd2UunR-XFQLfpvctOL7BLB1TTL6ZbiMF_Y6xWZYnGqYP0WBUFo4Dc10qef8AAjUJx7Fheg3xIEkMDu90GfElR3AFNWF9QEDfs8XD0SWfcizs4ytBuIzWzCeQ3__zKDbSiraFEpE3sBhhyKY9WR1YHWwVCKR0qCzzaC-IFLroYyyGXORrdnlaBbalvdZ8UA0tcu4XBQi4_M-5a0mrD2c34KGZFf_CW99z0DfMtDG94JW02_AaCzW6pDSuA4f6m47uRfdV4uORa-CHwDqqJ7ZINTwgQXAfaa8WOsSvLf8s6dZwDt15g1Aw_CaE_OkxXlOKPJPqlOruoQz4y5AtY_vthOWv8t7i8R3Z-G4RXYfACTAbYT2o9w2cCQb8oTCnzzOkZ5eHF85zgkZZc5mgWaLGr1a-nvDVK3m0fzb19xI2avKLUbSV4OYX0XQDxkLRRWDq_IfwJCZ35BiyyphgspmWHbHg6nFtaxfowR5TmCt3WOhjy4O9vk0VjMF7Hi8q0EuEf5yO5uS5H800rOq4Eu6n8u3TCTwuLPTpZwkmvHNvSc9XiGiS15hDXNAzsDeFjrV-BwAsTCe9jiW6na9cjlbCvwUMxEWYOiU-H31pIAQHOdf4Mg8uTjHExiw2bdinPg2XJcAWlE_qnZ9uSZqjTORNwnl3yuOu4Uoyg7MbMr5VsfGisfXXJE2szJO6ZfYcORD621HfHUaOb8tPRSfGGHbH2TB7o5bWtPITeyaLVvtywXnZoNFH0YCDw2RSQ58cPmJTyNTfWrEWwz9yPXcj1oSr458JSttD3597zTbOcmHTiEWl1vlEl-lDCbqN5_G0eP_ZOIPeGoEdRuYhHX5jSp_O7AHQ-s5IceaeYQlW9QOL5bTJbIMRob3GdirfTWgzrENXnM3DUgcLHjR8GWaaLn3oB-YwTGHWypazldi4KXBa4nCgdL6zg7xzCtEpGz74M3EiPX-AbdRRjiy_GpDWdx9g05DqKwBrbak2dVRxYMYrJWnj8ZcNGaPn0__dXutV4NkmibG2Ceu3cNt-s1x5uLvO-tMQrSRqM4r96VdKv2SevLHXg6q1fiHOcKwWkGhyIXGswovarN_Gz8CeiDX1jfACZ80C1umpttnRQfiRefqeOi9CJJF3mWb8xT_CbieFR50jXsxgduwjvMMF2AubnLkDDjuU8aqGisOm93YqEbMTs3w3Nta7AnAbJsTKb_yUqExWZAUACqckcdmCAzumn7px__7sb16YbZ1KoVUsFJ0JiDsIyLsSS9FFRwLwb5XXs8o4j6bKX6lpxQTotR8lu0vH9gNWcjkgij4DgbnnPAucLdXpU9c_2pa5nHdobraY_pZDFgYD4rq2SFN4hVAI1tTR2jZ2Dbt9lBLmjxzq_A5tRutpYKR47oq7mrBgThQ1Jf4ElDXmfqzfgXDw8EaRPYMpZ5XhCLcVhRwHOWQpld3j95U-OYn3nWoBcZyK8YxUAPVI4KYi4Caw4DIlpsk2XF_gQSJQRJeCHFO4kQOKM6PueJQfydOExUkZ-tJuNfl13pSXu_YRNSO8jLlwZSwvlLQPr0LQq8Rh8m4SjMLjjReitHHkpWiTX6uj0GlUbfS7iVEoHyGhR9AsKasX2KAW8hQaWqn4JWt86To1uV6uNhYa13WzJl3PFLXsAk_mb3k6qypdGRx8Bw6ZOsYQZr0gPnUccJ5wWQI5-yjP2z_NVf5HJyD8Onb9iZcwMGNnOrPzL4HabpPlgur1aPDlYwsqQ7Om-brGK3Pc1WO-kNf9N9vk3rNP_a3SFgHpakzKhRjIAGrebnCtjwE62yu13KOMDa9eqaWh3MNCvGmdMQwNZOm8P-QAA&cid=CAASJORoadDI4kbdQMJV6HCnifV_-JPiStsYCuTn9lc6GSJ_0CoTMw&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 19:43:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24946
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Jul 2022 19:43:41 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame BB59
27 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aq2J6VlQZmm_aEhbiRriABHmtk5Pxk89_3JOlGx8fh1ZAQxVg8QayiiCKBDOOmiBy_PLjY_Eix7GrQF2ZIaJVnE3vY9N2D0Z8mPdW0qYYKmw75nJyeKmbtKqvB133V1JcDTy3WkZ3OHVH9ubDxOh2N2ZbHig&dbm_d=AKAmf-AwzG7Boz_tqoqM81xTBgSJo9H5Y61MKnnyQbhbZcq4EBNg9yQJSTqnQXqjvob-ZNHjEsOfECOxHLsncXaueII4RQDl58vOpBAwDejF-QsFwmz9G-LMtBlopbbIdXqbTW68PNlRUfcaqjiAay3KQkxx_GnWz2MhLk1toLvmENDYt5_V10sN358yTvdhfNOKVzkIwW0I9CceHWnTYM_7olKB4Nbb4wu1Tn5ouLc3tmJHUPf3BaWssdgNtNWY0j73dUSymCPfpJFvCfbXA-YTu8_mWocRkiaIR_nP3XE-_wrh2K7o8l0KrHthaaFKJEbLRIFZ55muM61lBcw08QHVhJ9HgpUtIA5A2-NTDFGqvy90emqFv5rZ4KcJgQFxlYFnar-6NPhdirx0uLKq2i8yM42aS_A-Y3HAhRrAp7N-53sKa0BMDNGIKk90_Dte-TnBJh-dcLEPuAyf6p7ZClO6SzHNJebqFCBbnECpblLyibwfbKRaYUguYlmmTvePZJn4sTTuyaTqq7509SGLzd9pAYob5UbVk_H_eSMPUqwKF9a8TV1-TSbnQxXhMlpG2CEWP0ZqWMmVRG7Q03uvsaWPoqJh9sFvtDDscaXAcKeDM4MNN0nXMCFbzZvN2jtn_rePsXwkitc6eHHGJ6TCLbdyz8iShAl5wuorOBwOFp_kvqbh2HO7GHvAlLVzkFaWU-n4AhJYt1NCyZBj8lyiXQHh3uU8daUsVHuSyoejWbXyvzlvYjcz7SdYt2aHAj7usqNubYD140Ivs6K0RSeD1JNc0g9tL7z1GcM2mc5leMtuP30HbBsAhOw748KOdjsNN1nYhecrznRh1rLuW9pq6SoE_v75z-J-jGxTH5NNhJLOFAqxsPKTdLGOpRJJvRSKiV6nwh6gPKy7gqCqdCsqPXXPtIbc_8GKmXpF3C70JGa73tc1jLIuHlpvo_aizEkRrubdqzK-HBjI-9zGnBUbBXmprqlxnD_OzCrCeYLQe_0_97yUa7Mk7WTj7t8OAjeSJbX7x4qP3F-UPVM8Z92xzyPWjV8VZd_GR89PNwhZ8YpRyaCKwLn5OZ0PV_HC2c61RSRZi3lVTKO3dhxkr0hJvF5fKbulNiKZ-1qJRSynTtOoUYW3NXLbOKIPFR5nNxCeti7yLO9IYiXOUiJbyQq1EgTBFZVD6oxgJusI0Cngfl-xi8LAvmR7pCvtqFbVM7Reqp93t-i54fXLtCTMmdKvrNs4GJHchJcKSjFntFyOuIvUtn3-mdA86zYrG5Q2UK1MN-d-5-2pTaQBWktFaPiZw__1YhtSd6Kv0qV496ieBbXl2DmfbMohpquCP5XN7M_PegW1ALgSebi83P4cF97mkbJBP0HhtMWWGr--JDnePXYB2Qm-F31vRMAKks5j0p66TP1ZW2Y7JQ_rktnL349HQj8YqszpCDlIigyWsRTBw65Ee2vbnJJI0eNeFMPwkzYVWNgX8EALCe-biEvb7SyMak7zyJJAYOLVhYLLcD6HlHVL4Z5LmmKPqZRMDbQ_fjjMvAA28wCGxPAX1fAHYfKH5q2WJJG-ubhd2UunR-XFQLfpvctOL7BLB1TTL6ZbiMF_Y6xWZYnGqYP0WBUFo4Dc10qef8AAjUJx7Fheg3xIEkMDu90GfElR3AFNWF9QEDfs8XD0SWfcizs4ytBuIzWzCeQ3__zKDbSiraFEpE3sBhhyKY9WR1YHWwVCKR0qCzzaC-IFLroYyyGXORrdnlaBbalvdZ8UA0tcu4XBQi4_M-5a0mrD2c34KGZFf_CW99z0DfMtDG94JW02_AaCzW6pDSuA4f6m47uRfdV4uORa-CHwDqqJ7ZINTwgQXAfaa8WOsSvLf8s6dZwDt15g1Aw_CaE_OkxXlOKPJPqlOruoQz4y5AtY_vthOWv8t7i8R3Z-G4RXYfACTAbYT2o9w2cCQb8oTCnzzOkZ5eHF85zgkZZc5mgWaLGr1a-nvDVK3m0fzb19xI2avKLUbSV4OYX0XQDxkLRRWDq_IfwJCZ35BiyyphgspmWHbHg6nFtaxfowR5TmCt3WOhjy4O9vk0VjMF7Hi8q0EuEf5yO5uS5H800rOq4Eu6n8u3TCTwuLPTpZwkmvHNvSc9XiGiS15hDXNAzsDeFjrV-BwAsTCe9jiW6na9cjlbCvwUMxEWYOiU-H31pIAQHOdf4Mg8uTjHExiw2bdinPg2XJcAWlE_qnZ9uSZqjTORNwnl3yuOu4Uoyg7MbMr5VsfGisfXXJE2szJO6ZfYcORD621HfHUaOb8tPRSfGGHbH2TB7o5bWtPITeyaLVvtywXnZoNFH0YCDw2RSQ58cPmJTyNTfWrEWwz9yPXcj1oSr458JSttD3597zTbOcmHTiEWl1vlEl-lDCbqN5_G0eP_ZOIPeGoEdRuYhHX5jSp_O7AHQ-s5IceaeYQlW9QOL5bTJbIMRob3GdirfTWgzrENXnM3DUgcLHjR8GWaaLn3oB-YwTGHWypazldi4KXBa4nCgdL6zg7xzCtEpGz74M3EiPX-AbdRRjiy_GpDWdx9g05DqKwBrbak2dVRxYMYrJWnj8ZcNGaPn0__dXutV4NkmibG2Ceu3cNt-s1x5uLvO-tMQrSRqM4r96VdKv2SevLHXg6q1fiHOcKwWkGhyIXGswovarN_Gz8CeiDX1jfACZ80C1umpttnRQfiRefqeOi9CJJF3mWb8xT_CbieFR50jXsxgduwjvMMF2AubnLkDDjuU8aqGisOm93YqEbMTs3w3Nta7AnAbJsTKb_yUqExWZAUACqckcdmCAzumn7px__7sb16YbZ1KoVUsFJ0JiDsIyLsSS9FFRwLwb5XXs8o4j6bKX6lpxQTotR8lu0vH9gNWcjkgij4DgbnnPAucLdXpU9c_2pa5nHdobraY_pZDFgYD4rq2SFN4hVAI1tTR2jZ2Dbt9lBLmjxzq_A5tRutpYKR47oq7mrBgThQ1Jf4ElDXmfqzfgXDw8EaRPYMpZ5XhCLcVhRwHOWQpld3j95U-OYn3nWoBcZyK8YxUAPVI4KYi4Caw4DIlpsk2XF_gQSJQRJeCHFO4kQOKM6PueJQfydOExUkZ-tJuNfl13pSXu_YRNSO8jLlwZSwvlLQPr0LQq8Rh8m4SjMLjjReitHHkpWiTX6uj0GlUbfS7iVEoHyGhR9AsKasX2KAW8hQaWqn4JWt86To1uV6uNhYa13WzJl3PFLXsAk_mb3k6qypdGRx8Bw6ZOsYQZr0gPnUccJ5wWQI5-yjP2z_NVf5HJyD8Onb9iZcwMGNnOrPzL4HabpPlgur1aPDlYwsqQ7Om-brGK3Pc1WO-kNf9N9vk3rNP_a3SFgHpakzKhRjIAGrebnCtjwE62yu13KOMDa9eqaWh3MNCvGmdMQwNZOm8P-QAA&cid=CAASJORoadDI4kbdQMJV6HCnifV_-JPiStsYCuTn9lc6GSJ_0CoTMw&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
510
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10545
x-xss-protection
0
server
cafe
etag
4672069523611413616
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 02:30:57 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7755
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CPHZwX6TDYr_IBf3i7_UPmN-iwArkj9KxXKeS4YiIAcCNtwEQASAAYLu-roPQCoIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAG91IjrA8gBCakCfWA6DVlQtD7gAgCoAwGqBPQBT9DB6bdKXH35cnICF2wFV7P8CHNsy003E8nsbsbkVUoGVa461pbC2OJF30GwdBYGeI1baVUXVurHHaxpyAOMeG4oFXscoMKQXQhm5mQXUwgJP6e_oQt-vHP0Jwr22hquD18iAQ9G1EZFnbyXxjV4p6abk1GOs5EGrNkhThuAOxCJQKgMRJMFakNNdMjdgsIWgKANFNxkh8FjhfHAXVsoZnlzP3BwPtWU1d6Mh9zErHfv8tZuS2bD_7wQYPciR6J7b3gorG-iRwVh15K86XQD9VKD74fTDD71TZiFceF9jmfg3zhPP5_jf-wKrKwdBWhwVCnBV-AEAYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi05MTkyMjIxNzc2MDk1MjIzgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU1MTIzOTA3MDUxMzc1MDcYku8h&sigh=ks4Zbh3AUz8&uach_m=[UACH]&cid=CAQSOwCNIrLMvkmyR4BSa5-Pqj2iwCgZR2DrktobARVHflr5d08BsqP1XSRVDoY9HWN8quEgvJroPXEFpkesGAE
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

notify
rtb.fr.eu.criteo.com/google/auction/ Frame 7755
0
0
Fetch
General
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kOrgEsG9E8QEkAOH-lcYAgAAAMF8aGkvy7OOEF6kw2IIgZe73VBLEUoSywASAAA&wp=YsOkXwABZD8Iu_F9AAivmAr-TcEGJWUvIkJcYw
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
server
Kestrel
server-processing-duration-in-ticks
365264
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 93D1
141 KB
48 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YsOkXwABZD8Iu_F9AAivmAr-TcEGJWUvIkJcYw&u=%7C3KzpqDx1Bo%2FUE%2B04%2BvMrLZjvMj6O%2F7g29GuaOlHwS4o%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQQfSwGU1sppLCzv2iiOS9LkPiw93sZyzprpcBW_Kd9DE6XzmaMRJbrT_2NzhcdyW6A2Mj1DXlPfZUcc2XqZigEn5UxmziCPwX6kiNuHpjsFsoAtfeCQvHw4240EUM52N89x8y8WHGRo3MmOV6zbMyzoX2Y0ihCcIVd4d-RVNldOXWICc8oj1YZh9S8YZwpacmeEyJmwFczAxM7nK02GNdKrTzRaXfnmM9rHz0yU8yXyQSkHPWCgeVtolyeGN8GC8AzIu_kxjUgIe3WH3ewWJrdyzDrktK3pP0-z8dvYC2qYxRZvatpkYE77bYdHXAwz8iB7KOnoSB-ElG_VenLyHTN7n-jbo0mRf2_FuOvBgAqMre5xKN3H7mxVhwmr9bY-dZ3wajW8i3HnKQ0HvWiPGNbp_Gx4X51F53O-oSOCznS9Mufy8Txo5HT1EQ19pShrKEQsRTtKk81KA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqetZX6TDYr_IBf3i7_UPmN-iwArkj9KxXKeS4YiIAcCNtwEQASAAYLu-roPQCoIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAG91IjrA8gBCakCfWA6DVlQtD7gAgCoAwGqBPcBT9DB6bdKXH35cnICF2wFV7P8CHNsy003E8nsbsbkVUoGVa461pbC2OJF30GwdBYGeI1baVUXVurHHaxpyAOMeG4oFXscoMKQXQhm5mQXUwgJP6e_oQt-vHP0Jwr22hquD18iAQ9G1EZFnbyXxjV4p6abk1GOs5EGrNkhThuAOxCJQKgMRJMFakNNdMjdgsIWgKANFNxkh8FjhfHAXVsoZnlzP3BwPtWU1d6Mh9zErHfv8tZuS2bD_7wQYPciR6J7b3gorG-iRwVh15K86XRB93MRPCUhCa0HQgAGFX3WjXPqYzJhJ0Rt5IiWDRMDKXCh08PExM4klOAEAYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi05MTkyMjIxNzc2MDk1MjIz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1zoljkdA-KQweL4tw6ifyt8asAnA%26client%3Dca-pub-5512390705137507%26adurl%3D
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2a6013662acabfedbe9e84ddcf9d8569dd9a31dae23ab5f80c18ae0650929fd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 05 Jul 2022 02:39:26 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Jntgi-4CXXGRBJ0GJJv5ZVo4v6RYlyIcfVpO0hNfq6uhydSSJbYXT2nHjBJgjL13XYB_ML0I1gGZ6KCVLcVyLE9hTjQIgeAd2R9sc6pYDtJlHv8wupRhRQWNJArWbzw6i0-uDveeoD_fTV1_7yvrWwrdO6vm9UdpG8QKIjB2elhU_kTVvGKeg3zaJZ6Pvl8FX8ljjMInRIl-o8oM6AQ0PXQV_Cn_gSWWeUhUOvUMQqtaX4_opnbohcRAfquDlcHMxPAg7A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
94085717
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 7755
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
835
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 02:25:32 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AC0C
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
47595
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 13:26:12 GMT
etag
48472445140208031
expires
Tue, 05 Jul 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7755
138 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Jul 2022 02:39:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 7755
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 01:51:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2863
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 01:51:44 GMT
l
www.google.com/ads/measurement/ Frame 7755
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS2-KjH928Ye63l6cvfj_BHDbcbWvhzanY1o5k8LDf0N-02NCpiv-dkXbeXim_sTgmo_l9uK6bQiji4eMOu1EnWRE4rpA
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7755
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68004
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 04 Jul 2023 07:46:03 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BB59
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 11:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Jul 2023 11:50:18 GMT
pixel
cm.g.doubleclick.net/ Frame AC0C
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEFF6gxhJbD4LLWx3ddvVLdM&google_cver=1&google_push=ARnp8GB4w8JrCTDjpInIcrqjTuiQs98uq7AnbnJ_0QmxTlL8_txbS_Bl0b6hgzUsZvRwZUJHs0a33z9gOKu...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ARnp8GB4w8JrCTDjpInIcrqjTuiQs98uq7AnbnJ_0QmxTlL8_txbS_Bl0b6hgzUsZvRwZUJHs0a33z9gOKubWbDkGmyAVLp_J8KO
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ARnp8GB4w8JrCTDjpInIcrqjTuiQs98uq7AnbnJ_0QmxTlL8_txbS_Bl0b6hgzUsZvRwZUJHs0a33z9gOKubWbDkGmyAVLp_J8KO
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ARnp8GB4w8JrCTDjpInIcrqjTuiQs98uq7AnbnJ_0QmxTlL8_txbS_Bl0b6hgzUsZvRwZUJHs0a33z9gOKubWbDkGmyAVLp_J8KO
Date
Tue, 05 Jul 2022 02:39:27 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame AC0C
Redirect Chain
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEDKxe7Ktv0g8kmDCelPuhn4&google_cver=1&google_push=ARnp8GDkOuuDgVg7qwXCxQm_Q7b0QuiTF1MHcyEpbuqZ6yuEjf-qJCADKK29vqdeJDJjSNztGZY6SSQBpU2H_OtPOEMbtIeOzGWD
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEDKxe7Ktv0g8kmDCelPuhn4&google_cver=1&google_push=ARnp8GDkOuuDgVg7qwXCxQm_Q7b0QuiTF1MHcyEpbuqZ6yuEjf-qJCADKK29vqdeJDJjSNztGZY6SSQBpU2H_OtPOEMbtIeOzGWD&...
  • https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=ARnp8GDkOuuDgVg7qwXCxQm_Q7b0QuiTF1MHcyEpbuqZ6yuEjf-qJCADKK29vqdeJDJjSNztGZY6SSQBpU2H_OtPOEMbtIeOzGWD&google_hm=wgy_yjbgb6oAAikABlGBzDo...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=ARnp8GDkOuuDgVg7qwXCxQm_Q7b0QuiTF1MHcyEpbuqZ6yuEjf-qJCADKK29vqdeJDJjSNztGZY6SSQBpU2H_OtPOEMbtIeOzGWD&google_hm=wgy_yjbgb6oAAikABlGBzDoXdA%3D%3D
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f11-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=ARnp8GDkOuuDgVg7qwXCxQm_Q7b0QuiTF1MHcyEpbuqZ6yuEjf-qJCADKK29vqdeJDJjSNztGZY6SSQBpU2H_OtPOEMbtIeOzGWD&google_hm=wgy_yjbgb6oAAikABlGBzDoXdA%3D%3D
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AC0C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBOYgpz_aOCXMu3nhBXShqE&google_cver=1&google_push=ARnp8GC2917Uzh3M4nsp6M8_strYq-T2ca-I4osyMiTo2o9KpTj7WsBWSDXyfpTLSsNtKGXjuvxXP8NU...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBOYgpz_aOCXMu3nhBXShqE&google_cver=1&google_push=ARnp8GC2917Uzh3M4nsp6M8_strYq-T2ca-I4osyMiTo2o9KpTj7WsBWSDXyfpTLSsNtKGXjuvx...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE3NTU5NDUwNDczNTE0MzY2OA&google_push=ARnp8GC2917Uzh3M4nsp6M8_strYq-T2ca-I4osyMiTo2o9KpTj7WsBWSDXyfpTLSsNtKGXjuvxXP8...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE3NTU5NDUwNDczNTE0MzY2OA&google_push=ARnp8GC2917Uzh3M4nsp6M8_strYq-T2ca-I4osyMiTo2o9KpTj7WsBWSDXyfpTLSsNtKGXjuvxXP8NUOIa40A2zFsomc3AdsCAw
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE3NTU5NDUwNDczNTE0MzY2OA&google_push=ARnp8GC2917Uzh3M4nsp6M8_strYq-T2ca-I4osyMiTo2o9KpTj7WsBWSDXyfpTLSsNtKGXjuvxXP8NUOIa40A2zFsomc3AdsCAw
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame AC0C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEH...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ARnp8GBNpWP8otMvfc7FGxCc2IZXJA3x8tgL_0771ct4_y7IAWXqNic4jLrhFsu8EMUhXz-y-84XA4FDDUkga9V5h-QKyc0skSRi&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-a6bdf7a2-c449-48bd-9f80-00a06f62024e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DARnp8GBNpWP8otMvfc7FGxCc2...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ARnp8GBNpWP8otMvfc7FGxCc2IZXJA3x8tgL_0771ct4_y7IAWXqNic4jLrhFsu8EMUhXz-y-84XA4FDDUkga9V5h-QKyc0skSRi&google_hm=A6a996LESUi9n4AAoG9iAk4
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ARnp8GBNpWP8otMvfc7FGxCc2IZXJA3x8tgL_0771ct4_y7IAWXqNic4jLrhFsu8EMUhXz-y-84XA4FDDUkga9V5h-QKyc0skSRi&google_hm=A6a996LESUi9n4AAoG9iAk4
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ARnp8GBNpWP8otMvfc7FGxCc2IZXJA3x8tgL_0771ct4_y7IAWXqNic4jLrhFsu8EMUhXz-y-84XA4FDDUkga9V5h-QKyc0skSRi&google_hm=A6a996LESUi9n4AAoG9iAk4
date
Tue, 05 Jul 2022 02:39:27 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXa6bdf7a2c44948bd9f8000a06f62024e003
content-type
text/html
sync
rtb2-useast.torchad.com/ Frame AC0C
42 B
233 B
Image
General
Full URL
https://rtb2-useast.torchad.com/sync?exchange=309&google_gid=CAESENedJE7lE1B2Sjv1qi0Ba9c&google_cver=1&google_push=ARnp8GBK_1I-4ZX9mLNJ1arRlvavXLTFGd7a5wZdnhQLZ6JUx5K197FB_7CGBT3gTNfifWhSVjLGofe6u0r-dprCVXSchK97IlkG
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2604:9e00:1:129::2:a01 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:27 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame AC0C
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESENSZwH6KMuvqx_ptXqThVvg&google_cver=1&google_push=ARnp8GBkW5-cj214IVwly3oGsgnyhAnzS7OsN8EpdTYR7iZuSgVWIoGf4xzo7bJfZkQ6u8lP8ZBXoS1ddY4f7fRSn-zKVNw...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ARnp8GBkW5-cj214IVwly3oGsgnyhAnzS7OsN8EpdTYR7iZuSgVWIoGf4xzo7bJfZkQ6u8lP8ZBXoS1ddY4f7fRSn-zKVNwoovAzsQ&google_hm=Mzc5ODYzM...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ARnp8GBkW5-cj214IVwly3oGsgnyhAnzS7OsN8EpdTYR7iZuSgVWIoGf4xzo7bJfZkQ6u8lP8ZBXoS1ddY4f7fRSn-zKVNwoovAzsQ&google_hm=Mzc5ODYzMzc4MjMxMzEwNDIy
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ARnp8GBkW5-cj214IVwly3oGsgnyhAnzS7OsN8EpdTYR7iZuSgVWIoGf4xzo7bJfZkQ6u8lP8ZBXoS1ddY4f7fRSn-zKVNwoovAzsQ&google_hm=Mzc5ODYzMzc4MjMxMzEwNDIy
Date
Tue, 05 Jul 2022 02:39:27 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame AC0C
Redirect Chain
  • https://ads.avads.net/sync/ggl?google_gid=CAESEJ6S8GWnm_4hcajRVqo43Is&google_cver=1&google_push=ARnp8GCuMjzB1mHrqlyryZdvUG_Q2u5GngL24Iu6ceVq2ufpvcvcBV8V_P4DckWRAZ88LzJ0_lrVAQr6nOTxCRsHDxFRhi47QPGRsg
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=MGU2MmNiNzYtNWFlNy00MWU1LWI1NjAtMjhhM2FlYjNiY2Vl&google_push=ARnp8GCuMjzB1mHrqlyryZdvUG_Q2u5GngL24Iu6ceVq2ufpvcvcBV8V_P4DckWRAZ88LzJ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=MGU2MmNiNzYtNWFlNy00MWU1LWI1NjAtMjhhM2FlYjNiY2Vl&google_push=ARnp8GCuMjzB1mHrqlyryZdvUG_Q2u5GngL24Iu6ceVq2ufpvcvcBV8V_P4DckWRAZ88LzJ0_lrVAQr6nOTxCRsHDxFRhi47QPGRsg
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=MGU2MmNiNzYtNWFlNy00MWU1LWI1NjAtMjhhM2FlYjNiY2Vl&google_push=ARnp8GCuMjzB1mHrqlyryZdvUG_Q2u5GngL24Iu6ceVq2ufpvcvcBV8V_P4DckWRAZ88LzJ0_lrVAQr6nOTxCRsHDxFRhi47QPGRsg
date
Tue, 05 Jul 2022 02:39:26 GMT
x-envoy-upstream-service-time
2
server
istio-envoy
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame AC0C
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JqqoHXzZxvqeLx_7KZXKsYIuQtZQAMV5ir-mLvnrhMDbPuPfqIVgmgHNFa8xodr1_5geeI_ec
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
main.gr.19.8.319.js
static.adsafeprotected.com/ Frame BB59
192 KB
61 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.gr.19.8.319.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=930701&advId=5761340&campId=49720581&pubId=1&placementId=393280247&adsafe_par&bundleId=&dealId=&bidurl=https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:ce00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8eee7b34356fcf9fe076bd973b7f78014097060ab9482cb5dcd53628e32e2be0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 15:42:27 GMT
content-encoding
gzip
age
1853821
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 09 Jun 2022 18:01:50 GMT
server
AmazonS3
etag
W/"a1d669bc0776f421280ad4154b1ce523"
vary
Accept-Encoding
x-amz-version-id
mNA7gJwBAdrYqRYSnebG4JRwK6iKHdgs
via
1.1 cd8cc1ff175a63c59feeb56bb3687766.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
content-type
application/javascript
x-amz-cf-id
hNkIdxXgCUHu0VGBzv7Z3gadpdADYeBBXJzzzHQZiF94JheE8nARDA==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4F77
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
47595
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 13:26:12 GMT
etag
48472445140208031
expires
Tue, 05 Jul 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7755
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59f538b98b390530332e4377ce38fda8d639c09219681852731d89966fba299c

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame BB59
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a340a6a97453434cf3b78861f253a28133dea87d8f157dd791b6dd2a8c7ac558

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
container.html
db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3317
6 KB
3 KB
Document
General
Full URL
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Jul 2022 02:39:26 GMT
expires
Wed, 05 Jul 2023 02:39:26 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1667
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
53348
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 11:50:19 GMT
expires
Tue, 04 Jul 2023 11:50:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1152939023&t=event&_s=11&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_mcm_apac&el=subject&_u=aAjAAUABCAAAAC~&jid=&gjid=&cid=1145372659.1656988765&tid=UA-113932176-39&_gid=605402542.1656988765&gtm=2ou6t0&z=1751090975
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 21:38:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18080
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.co.uk/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 013C
30 KB
7 KB
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F22100121508%2C22587791099%2FDFP_APAC_Parent_First_AdBreak%2Fellipsis_dfp_subject_v_pre_1&description_url=https%3A%2F%2Fsubject.com.ua%2F&tfcd=0&npa=0&correlator=1086219637695332&vpos=preroll&sz=288x162%7C300x250%7C400x300%7C419x236%7C640x360%7C640x480%7C1x1%7C800x450%7C444x250%7C635x357%7C640x360%7C400x300%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fsubject.com.ua%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26openx_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.520.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&gdpr=0&sdki=44d&ptt=20&adk=2401209937&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.520.0&media_url=blob%3Ahttps%253a%2F%2Fsubject.com.ua%2Ff2982a04-1d58-443f-92d2-f1a0fd5f109d&sid=188AC43A-026F-4617-A6BA-D7AC0CFA2ACB&nel=0&eid=44754420%2C44760950%2C44761692%2C44762904&dlt=1656988764872&idt=1541&dt=1656988767566&cookie=ID%3D1fb775364e7dbffd%3AT%3D1656988765%3AS%3DALNI_MZchJsKGDgj5ZW6IaBSbjluH3n0qQ&scor=1374997550804495&ged=ve4_td3_tt2_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.520.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
8f550214ade3d7fb0e99b8addf73e82acd22c990eaa82b9c7fbe65e8e81116e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7098
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4F77
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJ-kUWxAboKZ79eXr6swPxs&google_cver=1&google_push=ARnp8GDnAwYl8vhbHQt9WVxZuOAftAP_1tcuwFpW0F2OigO_N368EmWpAkpd-A6JIsM99-jS2ytfYlfuDG85dwNXbO97rSXGKQDI
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=767E77954A84485088CA923552782A67&google_push=ARnp8GDnAwYl8vhbHQt9WVxZuOAftAP_1tcuwFpW0F2OigO_N368EmWpAkpd-A6JIsM99-jS2ytfYlfuDG85dwN...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=767E77954A84485088CA923552782A67&google_push=ARnp8GDnAwYl8vhbHQt9WVxZuOAftAP_1tcuwFpW0F2OigO_N368EmWpAkpd-A6JIsM99-jS2ytfYlfuDG85dwNXbO97rSXGKQDI
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 05 Jul 2022 02:39:27 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=767E77954A84485088CA923552782A67&google_push=ARnp8GDnAwYl8vhbHQt9WVxZuOAftAP_1tcuwFpW0F2OigO_N368EmWpAkpd-A6JIsM99-jS2ytfYlfuDG85dwNXbO97rSXGKQDI
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 04 Jul 2022 02:39:27 GMT
pixel
cm.g.doubleclick.net/ Frame 4F77
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEICo2txcifTcOz7Bd5FBFqU&google_cver=1&google_push=ARnp8GD4JLUUEy0bKgs-usrFl_La9yLiK2SZkGYdPK28VJVlPgPXZcSBQkDWExzTG85qAXBIbVAHW...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ARnp8GD4JLUUEy0bKgs-usrFl_La9yLiK2SZkGYdPK28VJVlPgPXZcSBQkDWExzTG85qAXBIbVAHW99PFV40tkpmefz6Cv7lA7s
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ARnp8GD4JLUUEy0bKgs-usrFl_La9yLiK2SZkGYdPK28VJVlPgPXZcSBQkDWExzTG85qAXBIbVAHW99PFV40tkpmefz6Cv7lA7s
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 05 Jul 2022 02:39:27 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 7421DBE759964A34AD3BC810EFC23D87 Ref B: LTSEDGE0914 Ref C: 2022-07-05T02:39:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ARnp8GD4JLUUEy0bKgs-usrFl_La9yLiK2SZkGYdPK28VJVlPgPXZcSBQkDWExzTG85qAXBIbVAHW99PFV40tkpmefz6Cv7lA7s
x-li-proto
http/2
content-length
0
x-li-uuid
AAXjBcLneSrRY0tEwB5B7w==
pixel
cm.g.doubleclick.net/ Frame 4F77
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELhFA03yj6ZxIpHEAdha_vM&google_cver=1&google_push=ARnp8GA9LqpS3rz3pGh-sXWyaqD2AQjSVVd1enY842YZV9XCi61LRaNhoVYFwbHuHnXXasFsN1OKOo2N5Iq...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ARnp8GA9LqpS3rz3pGh-sXWyaqD2AQjSVVd1enY842YZV9XCi61LRaNhoVYFwbHuHnXXasFsN1OKOo2N5IqOqsfHe_Yd1OlD5_dM&google_hm=KiRSW_vlT2-0tAHnKdGixWY
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ARnp8GA9LqpS3rz3pGh-sXWyaqD2AQjSVVd1enY842YZV9XCi61LRaNhoVYFwbHuHnXXasFsN1OKOo2N5IqOqsfHe_Yd1OlD5_dM&google_hm=KiRSW_vlT2-0tAHnKdGixWY
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ARnp8GA9LqpS3rz3pGh-sXWyaqD2AQjSVVd1enY842YZV9XCi61LRaNhoVYFwbHuHnXXasFsN1OKOo2N5IqOqsfHe_Yd1OlD5_dM&google_hm=KiRSW_vlT2-0tAHnKdGixWY
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
us
sync.go.sonobi.com/ Frame 4F77
0
474 B
Image
General
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DARnp8GAs-jSHlPlZJq0mxN3wqdpUEuwk31WTchB26CGPPr8I3La4qyBYakxsGBu3Vr0RxDrZGZUhpaP7C9d6lVguTTcUZReKaw0%26google_hm%3D%5BUID%5D&google_gid=CAESEBk5yBCSJHEjptvq8WEq4h8&google_cver=1
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:27 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4F77
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJB1gte3IFI-pCzOlOK80dw&google_cver=1&google_push=ARnp8GDpwCLHtZVXoF3eMkiFZE9tbk57tLRrJc5RYQTWJhtr7cDoaf0Yc3JkYTuS-Grj1Et6Zh4mmYkpapH9w3au...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GDpwCLHtZVXoF3eMkiFZE9tbk57tLRrJc5RYQTWJhtr7cDoaf0Yc3JkYTuS-Grj1Et6Zh4mmYkpapH9w3au1VWsNouNF1Y
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GDpwCLHtZVXoF3eMkiFZE9tbk57tLRrJc5RYQTWJhtr7cDoaf0Yc3JkYTuS-Grj1Et6Zh4mmYkpapH9w3au1VWsNouNF1Y
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 05 Jul 2022 02:39:27 GMT
via
1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GDpwCLHtZVXoF3eMkiFZE9tbk57tLRrJc5RYQTWJhtr7cDoaf0Yc3JkYTuS-Grj1Et6Zh4mmYkpapH9w3au1VWsNouNF1Y
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
5nwEu2GAfdL5JTTRIdex5ozPVHItnMbyK2mrhSgjCUVmAbO5wk3C5Q==
exptsync
ads.yieldmo.com/ Frame 4F77
0
35 B
Image
General
Full URL
https://ads.yieldmo.com/exptsync?google_gid=CAESEKgWxZC7zPnOF_mBVtb7g3I&google_cver=1&google_push=ARnp8GBDeO-OseFK7NvSttNCU3S1XPkxD5A5jArnXgAydBf7zfvZ3klOh7T_T5cyvOhYpo2Kwe0XQjQKqeHwXL74QqwMjqCIBhCd
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.12.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-12-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
pixel
cm.g.doubleclick.net/ Frame 4F77
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEPZN2d0hqenv2gaM9x2zdBI&google_cver=1&google_push=ARnp8GARzSF5jpcQ3yO3Tb_4i3N0UvFGBSik4Sg-F_GR5e_S2f6uemunnj6o8_l1dx9EaGp_wLUm-I-_vTe1IUG7SHUocLKQq7Cc
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjk5OTkwMzY3NDY3OTA3NjAwMFYxMA%3d%3d&mn_hm=Mjk5OTkwMzY3NDY3OTA3NjAwMFYxMA%3d%3d&google_sc=1&google_push=ARnp8GARzSF5jpcQ3yO3Tb_4i3N0UvF...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjk5OTkwMzY3NDY3OTA3NjAwMFYxMA%3d%3d&mn_hm=Mjk5OTkwMzY3NDY3OTA3NjAwMFYxMA%3d%3d&google_sc=1&google_push=ARnp8GARzSF5jpcQ3yO3Tb_4i3N0UvFGBSik4Sg-F_GR5e_S2f6uemunnj6o8_l1dx9EaGp_wLUm-I-_vTe1IUG7SHUocLKQq7Cc&gdpr=&gdpr_consent=
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:27 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjk5OTkwMzY3NDY3OTA3NjAwMFYxMA%3d%3d&mn_hm=Mjk5OTkwMzY3NDY3OTA3NjAwMFYxMA%3d%3d&google_sc=1&google_push=ARnp8GARzSF5jpcQ3yO3Tb_4i3N0UvFGBSik4Sg-F_GR5e_S2f6uemunnj6o8_l1dx9EaGp_wLUm-I-_vTe1IUG7SHUocLKQq7Cc&gdpr=&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Tue, 05 Jul 2022 02:39:27 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4F77
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L6VJKlH35VWBNRaW_FNFPdRpWk-cTQJaPuDqfaVYdVSgGDcKzZRWl1ohBQBHNwp7pOk0TO
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0E0C
668 B
325 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJWG2AEQwO_UAhiCmZbOATAB&v=APEucNUF5yHdinfmW6lOHLBIuCXC982M7RMKNV7iMJJpZzcAUFhMjBbFffc889i4kkKjOyPj-bAptNCcOUnBW2s1zeYtayoPEmAQASg9L7Wj6rP_x9GDS1E
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8015a89c7e50b71a6597cfc7bc2be462212ae1f57c37e40878a79e7550768ccd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
304
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Jul 2022 02:39:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 3317
77 KB
32 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DSjwwTW-WwBu6na1tHV8vSiYIbKLoYF4lLkYnsUjbVbN8vYJnw258Cw2NbfBy5mVnlqaJEmPQJzfvX7MzM7lx1IZpcFP2w_t6Mb0mw4mr6r6JZVSOT9iv10-wQ-HC4ywJL-EzbtsnT3nVCcbSSOoKNfo5dwEiH3_ePHAHhoL4pshMe_gY&cry=1&dbm_d=AKAmf-AhfQRCY2cIrWiJk6mTuDQSOLrTXD95_wI6SKV5wx8h-bUtRVmpQbg7yZbd1Ds3u4qOjvuXiORHiTUxE0danIPJMScocYmZp2vV5LSSOYQtrBzClxGYhDtI7E_wNpeYPL_6alt_Ze7nC6FNqfTaDsJEWuYqa78s5JJamkCrh3aeFJZ5F8AT6G7VDG8YVWsvDeqTGH2_zOAXFKD9hMW149Z97PZDm_kyd1O6J26dm5a1m1xerBUXT1ax29qFic9FE8Km2GD86SUWDSyDKRtig4okaA0gFXr-2JhVaUZaAvNBxggqnhpAxIu1tXsDIg2WpMHBVRdk892SgIWjrLidnkF6H_UhgOI3jATnAvUkpayJCMCT94A7dPDpqHhPMyc2T7frXUV-nw0-rAg2EmfOvOC9Pv-YraQ3Z4LCDvdWe8ZVkph9Cf_k9BrXadRoZv2my1AwO4heoobv8cC9S3foj5_6B0ouQ7NPYB_1gC07TRNyWQv0GAL-ZCpO5D9tQYTuaotyVn4z9Nw8WmW61OiiveixRYBZqYkOm3zDJt934tMmVJ90NOIU3KdGtfSrXLrqqbcckkL7mXZv4-ycVqwfmwdHKTSnC-BjEV4DofYk02pxFCZz1IoV49gb1Ec5h8sKkEholRdHf1ruwP-a8ZQi_FicYNGxpU1Ud-BfO5G3T8CJaKj19CwUKEX2H-ylOT5NyUgPcHRBmz-xbhkX2PePh29m3t72FHG1ssHRqPdtwkt76wVZPBd7K0Ja1jBzzK0fAoYtHpvfvq8O2Wbh7jpQcRmxSXnZHjHCHuTjiKQa1L-JgHYwxlD4s6BeRMUKKH3We1hqEw8172Rpi91K8rxUDggtJ2D6mlL2ugTUTDDY4Hlg12IRLpCeyJP7wjgoJFTToAGoF8mLWvz7XfjTC_nnsuuzZ9gzUmwsDsVY7TdxYP9ILGPHiY6wEoP59aBZexlXNLuYeIfc-klUQ2oyp9M5wUd2LBk_yoR6DwN868fTTZHvEABo4WJHRnrvqN4PJCJQQJivOmvrJYw2h66COqMtzs9g-goHBHkNvqAMwPW4GBQhNzZ-hsrRzrpJgm0u1mlYhNOv0BPLjrokyPrhMMn8TTBZQHy4qtgBKcYemLXs1xt98t_QW3kAOD0TOtRG6fDb0fCDHaTVHb9Y1HcZJIVdx4ps5RyDn78sxgTMoBgrikgI-1jQ6W95-2jG_HYrtMFpS0ExeFefBPo9M4_UYhS-bBQfKNktkzV-OE8B73Kt7WHjVW4mjdE6_RGhPpTZ1FzHNhojW4hhfXZQVhxPyDPWPF7vmDa_zUzrznKdem8JSmIqLu1RAzzRlh0IpAoX-eEkTQhaqVw6oIzTJ3QkrLJeDScDBkQqVTL5N04wWmaP-fwsDTTSwWbO54QwyLoPIBar2aLRrGUQ1ReITBMOwQ8MeYsYRuzxXP5j09ldNXgePVCqzfSPbHknL2VpwVUptVUg_pmPRFP0avywztoILDuTOhd1cQ5eI0JAyG3aN2hn69l_tDkW2u4kbHmzl2LV2io9fGIuf4Gp01Gojr5WA-2FZgloAfgyOcezpIOr8jxj0eq48AF9bJcDzvbAsLRP4sjFhtJIzKaB0TfQTjfwI4dsjcB4VjUFVjFMZ2FuH2w0HNPZ5YXzkAAFgwrE8uzk5sh2Pso9cgEoIn_SQKYk53r4fwt-XPz_8ottMr5m5tgaggAfJ85JgmpDaZfv-UM3Wteb5GOs8q22DEmyLIc2qXP1unYHgCeqQq9hZtBICF5hwL2VmQcpPpalcKKcs6uK31Ur2hvgGamk99_0UICwyzXOofw0RgApPXY2Ypw0RJ47R79uUToi5uOtrckUJNqDpfJy-gygeNvJ0-vHqH29EKhok3VvVhxaejHEkRbTeG5MtHTrWRQ-XXNXyosmHe-plAuywIJawDdH8tT_tK8LYosKxWly2MbGXSU8FkFR8qX8BMEmLExgW8dy0xCYBewX8d0aReX1ICYRvut8UAKq-J6wu9yyu8x1LzIKLGxOIURjKx1qPpCAeeY-E6vzD_uDZ9p4YN7QMu_rqSEG8_uY5Qn0E2JCkDGTPdjA9Pln5wr1lBjbZl8bckvDGgxlsN33WBEQfKCDY-VKKqM36V33KJgcGTGKkfXE6qJf9IBTbaRpIgYz20l9QletYVLFyASVfjqqYm6QSOzdskWrNIn-DgtvqLcHhZGgP6mO5ixETheKmVUuE0NpfexTfsFXxOQKJg_ItHjgWMlEPmF23Ob4RD3RLKikN_5z0XpjDzfdpxspjquxdLEV_JBf8_dMnNg8hTKpijkvJHkWiBMoLcfcLRaheDimYqw8bt-Xyf1_38vzNRYP0M-4kQFiqIRgqU1P61buWnOTYoqwf51_3GaChyzQ4fsvg9abRb3op-LjeVf_VQyCScmoqcY8XMIZQnTHSSZC8tL_Ti9txVDqUg-kXF5gqlwrhIL4d08xKHIxHmCnj4zr9iAeOylFqBXcmc4erQrS5roSh9YmhI_2RscjWOnTIs07GvsblWsrgJ1wKXNEUJtVzND02byVhfvhQcws6TkEpobFy2hcTL0O7cDMS7Wl0x4wPewF5-bwFpTrZ7b9IrFO-yNTvNO10VqLjtASSDZ45zLllguTQQKXW3wtbvs2eM6T11XKaY-pWX-qin2PlG4w-oBNl_Ni-xGMFiu6pyXWFS5g5ipfsfYcTXTtLnCZYoG7pkVYbT6JjEJkYAASGpD_rBRAeYuEkl5hxG4K3CYLvCQed69JFgsz2y7IMaS4zY6fy4Fy2_OGNvDxBu-O-QeQf370i1ZA_da0-slc2gwlETUDDgI5YaeO51yf8MTFh4aL328hIg8nG5rip90vUJ-HjG_YX1695u30PH3K_iPcwFnoN_2sZylB4O2xahT9SyBc4eEjZhF-MNLZKz96GurE346KLrv8_Z4PC2UHB0HrJpMQbgrgtLQJD7OApThrBKsh1Tq2Sv16d2wHCtpvESgN4NT4a04fw2rfzmVjdobjE7mmDfkI9y4O1G0q16lqofrArjGiG-AueC0Xsy71tqCS50QUQnuqAwfNusP99I64N8pvZVWgyvQjijmaGmYf_Hk0PTZG9p57cHXC_WmgWYwkgEJ7rjrNKydA6zabJMVdYSf9t469kmfUvUjn5I9kjP07MhmwNecF5bcrpsHHyJGp6Qauz0YYwEHjepqSpuEtFieKwCzxQ5xNEtMPgczwKPPNoiZbKqLnHwSZiGu-nyQtUbgCjDrFsdB-1n2DoMyN822kA8s-MarPDsjCs_OeZTn_PCOmeW91oVNNL4BAI9gy99xUwSeYUFd3zvYovV0PzLcxmqAGk5EzpKRGeKZ0GBPbJn530h9Jtu1flDSNDkSjmP1tCB5JMesDIJ8AD4o_iY0ddYMBFparXG4b1au5b5BjIP7qYZc2nwC_s2BQRue-qS5FDf5wMsOa3i206zIonJRkdw3WvIG30G75rV46N4vplriV5MlSbxorOfXUjrDwYQLbjrTdBK9GwD0wtdoZc3QKhL5bVjni5RD4gFiDmEjweGbuD0Z6I4R-m_b8FXzjjlK7eEzdLLvi-1e3SDqtqfTyLXVXwyumneAAHxsEWCMzSc9ywE_tzvDoDKMkPYG4Lhe5HIKPNdujogeSSMDzOAnlGBQNLapGtUK7DpheC7jXfQFvofpZfH0kpz3yZbj54P-R881-k-2DOcI37gd_xkUyfGRd&cid=CAASJORoncyYFTNq5ExaK0ZsqEC5LXBIqgs03qYQPjT_16xmbCWnPA&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
832c2367a5a0b8b162e1d78f0a6cbbf7cfb30ed67ef8d16da733a97d6094f7d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33156
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3317
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AdxJnbSQsErUdA02ZXySNLmdTkkkJ_9LG1Uf2SUJwerXrIzZHBxh8WKmOOQUYsUQ2cJmMxZ8xtJa8vCqg22eylqDpkEjvYeVTD1OyhGvtAqb3EP9Y
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
count.ashx
run.admost.com/adx/ Frame 3317
48 B
48 B
Image
General
Full URL
https://run.admost.com/adx/count.ashx?pbk=487771-341371-62268
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.54 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-54.cdn77.com
Software
BunnyCDN-AMS-883 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cdn-edgestorageid
883
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cdn-cachedat
07/05/2022 02:39:29
cdn-pullzone
381479
content-length
48
server
BunnyCDN-AMS-883
pragma
no-cache
cdn-proxyver
1.02
cdn-requestpullcode
200
content-type
text/html; charset=utf-8
cdn-cache
BYPASS
cdn-uid
79355934-3932-41c0-9817-733cc0c4d7a6
cache-control
public, max-age=0
cdn-requestid
38e22c6a3b15084a981ecb04e34ff4e6
cdn-requestcountrycode
GB
cdn-status
200
cdn-requestpullsuccess
True
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 3317
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
835
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 02:25:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3317
138 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Jul 2022 02:39:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 3317
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 01:51:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2863
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 01:51:44 GMT
l
www.google.com/ads/measurement/ Frame 3317
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRocbQRuK5Af4V8LvWmys1C9W_OjuWBZZogtl4hObqd9weeIrAH2nkQCfk8p62H-cBofg761v-2o-on4TMdy1U-rBCN6g
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
pagead2.googlesyndication.com/bg/ Frame 1667
36 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 04:35:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
79461
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13786
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Jul 2023 04:35:06 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 93D1
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YsOkXwABZD8Iu_F9AAivmAr-TcEGJWUvIkJcYw&u=%7C3KzpqDx1Bo%2FUE%2B04%2BvMrLZjvMj6O%2F7g29GuaOlHwS4o%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQQfSwGU1sppLCzv2iiOS9LkPiw93sZyzprpcBW_Kd9DE6XzmaMRJbrT_2NzhcdyW6A2Mj1DXlPfZUcc2XqZigEn5UxmziCPwX6kiNuHpjsFsoAtfeCQvHw4240EUM52N89x8y8WHGRo3MmOV6zbMyzoX2Y0ihCcIVd4d-RVNldOXWICc8oj1YZh9S8YZwpacmeEyJmwFczAxM7nK02GNdKrTzRaXfnmM9rHz0yU8yXyQSkHPWCgeVtolyeGN8GC8AzIu_kxjUgIe3WH3ewWJrdyzDrktK3pP0-z8dvYC2qYxRZvatpkYE77bYdHXAwz8iB7KOnoSB-ElG_VenLyHTN7n-jbo0mRf2_FuOvBgAqMre5xKN3H7mxVhwmr9bY-dZ3wajW8i3HnKQ0HvWiPGNbp_Gx4X51F53O-oSOCznS9Mufy8Txo5HT1EQ19pShrKEQsRTtKk81KA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqetZX6TDYr_IBf3i7_UPmN-iwArkj9KxXKeS4YiIAcCNtwEQASAAYLu-roPQCoIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAG91IjrA8gBCakCfWA6DVlQtD7gAgCoAwGqBPcBT9DB6bdKXH35cnICF2wFV7P8CHNsy003E8nsbsbkVUoGVa461pbC2OJF30GwdBYGeI1baVUXVurHHaxpyAOMeG4oFXscoMKQXQhm5mQXUwgJP6e_oQt-vHP0Jwr22hquD18iAQ9G1EZFnbyXxjV4p6abk1GOs5EGrNkhThuAOxCJQKgMRJMFakNNdMjdgsIWgKANFNxkh8FjhfHAXVsoZnlzP3BwPtWU1d6Mh9zErHfv8tZuS2bD_7wQYPciR6J7b3gorG-iRwVh15K86XRB93MRPCUhCa0HQgAGFX3WjXPqYzJhJ0Rt5IiWDRMDKXCh08PExM4klOAEAYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi05MTkyMjIxNzc2MDk1MjIz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1zoljkdA-KQweL4tw6ifyt8asAnA%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 30 Jun 2023 02:39:27 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 93D1
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YsOkXwABZD8Iu_F9AAivmAr-TcEGJWUvIkJcYw&u=%7C3KzpqDx1Bo%2FUE%2B04%2BvMrLZjvMj6O%2F7g29GuaOlHwS4o%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQQfSwGU1sppLCzv2iiOS9LkPiw93sZyzprpcBW_Kd9DE6XzmaMRJbrT_2NzhcdyW6A2Mj1DXlPfZUcc2XqZigEn5UxmziCPwX6kiNuHpjsFsoAtfeCQvHw4240EUM52N89x8y8WHGRo3MmOV6zbMyzoX2Y0ihCcIVd4d-RVNldOXWICc8oj1YZh9S8YZwpacmeEyJmwFczAxM7nK02GNdKrTzRaXfnmM9rHz0yU8yXyQSkHPWCgeVtolyeGN8GC8AzIu_kxjUgIe3WH3ewWJrdyzDrktK3pP0-z8dvYC2qYxRZvatpkYE77bYdHXAwz8iB7KOnoSB-ElG_VenLyHTN7n-jbo0mRf2_FuOvBgAqMre5xKN3H7mxVhwmr9bY-dZ3wajW8i3HnKQ0HvWiPGNbp_Gx4X51F53O-oSOCznS9Mufy8Txo5HT1EQ19pShrKEQsRTtKk81KA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqetZX6TDYr_IBf3i7_UPmN-iwArkj9KxXKeS4YiIAcCNtwEQASAAYLu-roPQCoIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAG91IjrA8gBCakCfWA6DVlQtD7gAgCoAwGqBPcBT9DB6bdKXH35cnICF2wFV7P8CHNsy003E8nsbsbkVUoGVa461pbC2OJF30GwdBYGeI1baVUXVurHHaxpyAOMeG4oFXscoMKQXQhm5mQXUwgJP6e_oQt-vHP0Jwr22hquD18iAQ9G1EZFnbyXxjV4p6abk1GOs5EGrNkhThuAOxCJQKgMRJMFakNNdMjdgsIWgKANFNxkh8FjhfHAXVsoZnlzP3BwPtWU1d6Mh9zErHfv8tZuS2bD_7wQYPciR6J7b3gorG-iRwVh15K86XRB93MRPCUhCa0HQgAGFX3WjXPqYzJhJ0Rt5IiWDRMDKXCh08PExM4klOAEAYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi05MTkyMjIxNzc2MDk1MjIz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1zoljkdA-KQweL4tw6ifyt8asAnA%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 30 Jun 2023 02:39:27 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 93D1
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YsOkXwABZD8Iu_F9AAivmAr-TcEGJWUvIkJcYw&u=%7C3KzpqDx1Bo%2FUE%2B04%2BvMrLZjvMj6O%2F7g29GuaOlHwS4o%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQQfSwGU1sppLCzv2iiOS9LkPiw93sZyzprpcBW_Kd9DE6XzmaMRJbrT_2NzhcdyW6A2Mj1DXlPfZUcc2XqZigEn5UxmziCPwX6kiNuHpjsFsoAtfeCQvHw4240EUM52N89x8y8WHGRo3MmOV6zbMyzoX2Y0ihCcIVd4d-RVNldOXWICc8oj1YZh9S8YZwpacmeEyJmwFczAxM7nK02GNdKrTzRaXfnmM9rHz0yU8yXyQSkHPWCgeVtolyeGN8GC8AzIu_kxjUgIe3WH3ewWJrdyzDrktK3pP0-z8dvYC2qYxRZvatpkYE77bYdHXAwz8iB7KOnoSB-ElG_VenLyHTN7n-jbo0mRf2_FuOvBgAqMre5xKN3H7mxVhwmr9bY-dZ3wajW8i3HnKQ0HvWiPGNbp_Gx4X51F53O-oSOCznS9Mufy8Txo5HT1EQ19pShrKEQsRTtKk81KA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqetZX6TDYr_IBf3i7_UPmN-iwArkj9KxXKeS4YiIAcCNtwEQASAAYLu-roPQCoIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAG91IjrA8gBCakCfWA6DVlQtD7gAgCoAwGqBPcBT9DB6bdKXH35cnICF2wFV7P8CHNsy003E8nsbsbkVUoGVa461pbC2OJF30GwdBYGeI1baVUXVurHHaxpyAOMeG4oFXscoMKQXQhm5mQXUwgJP6e_oQt-vHP0Jwr22hquD18iAQ9G1EZFnbyXxjV4p6abk1GOs5EGrNkhThuAOxCJQKgMRJMFakNNdMjdgsIWgKANFNxkh8FjhfHAXVsoZnlzP3BwPtWU1d6Mh9zErHfv8tZuS2bD_7wQYPciR6J7b3gorG-iRwVh15K86XRB93MRPCUhCa0HQgAGFX3WjXPqYzJhJ0Rt5IiWDRMDKXCh08PExM4klOAEAYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi05MTkyMjIxNzc2MDk1MjIz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1zoljkdA-KQweL4tw6ifyt8asAnA%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 30 Jun 2023 02:39:27 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 93D1
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YsOkXwABZD8Iu_F9AAivmAr-TcEGJWUvIkJcYw&u=%7C3KzpqDx1Bo%2FUE%2B04%2BvMrLZjvMj6O%2F7g29GuaOlHwS4o%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQQfSwGU1sppLCzv2iiOS9LkPiw93sZyzprpcBW_Kd9DE6XzmaMRJbrT_2NzhcdyW6A2Mj1DXlPfZUcc2XqZigEn5UxmziCPwX6kiNuHpjsFsoAtfeCQvHw4240EUM52N89x8y8WHGRo3MmOV6zbMyzoX2Y0ihCcIVd4d-RVNldOXWICc8oj1YZh9S8YZwpacmeEyJmwFczAxM7nK02GNdKrTzRaXfnmM9rHz0yU8yXyQSkHPWCgeVtolyeGN8GC8AzIu_kxjUgIe3WH3ewWJrdyzDrktK3pP0-z8dvYC2qYxRZvatpkYE77bYdHXAwz8iB7KOnoSB-ElG_VenLyHTN7n-jbo0mRf2_FuOvBgAqMre5xKN3H7mxVhwmr9bY-dZ3wajW8i3HnKQ0HvWiPGNbp_Gx4X51F53O-oSOCznS9Mufy8Txo5HT1EQ19pShrKEQsRTtKk81KA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqetZX6TDYr_IBf3i7_UPmN-iwArkj9KxXKeS4YiIAcCNtwEQASAAYLu-roPQCoIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAG91IjrA8gBCakCfWA6DVlQtD7gAgCoAwGqBPcBT9DB6bdKXH35cnICF2wFV7P8CHNsy003E8nsbsbkVUoGVa461pbC2OJF30GwdBYGeI1baVUXVurHHaxpyAOMeG4oFXscoMKQXQhm5mQXUwgJP6e_oQt-vHP0Jwr22hquD18iAQ9G1EZFnbyXxjV4p6abk1GOs5EGrNkhThuAOxCJQKgMRJMFakNNdMjdgsIWgKANFNxkh8FjhfHAXVsoZnlzP3BwPtWU1d6Mh9zErHfv8tZuS2bD_7wQYPciR6J7b3gorG-iRwVh15K86XRB93MRPCUhCa0HQgAGFX3WjXPqYzJhJ0Rt5IiWDRMDKXCh08PExM4klOAEAYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi05MTkyMjIxNzc2MDk1MjIz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1zoljkdA-KQweL4tw6ifyt8asAnA%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 30 Jun 2023 02:39:27 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 93D1
43 B
348 B
Image
General
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=yF90KV7g45Bas3DqLD8oCOI3QY4H0jPqeLTnlC5uf1O7_oaQOD9v9GzJrV7yx6Ef5hc6uhuEb2XyVotq0x4ZFxF4jlV0zf6UxQyiCFXZSYpsTbnLOQ23yIQ6pbjpBYvQVLOFQULY2IzROCtG2rhLYj5o5MEhi7XVo5SQaf7lVhcL_ceYcHjeVbBnEDkvcxbYQy85FAdHwlSCGAqBqrMa8PX1OSNgp8lEtVy7gr6qdoVMk9027SIQTXzdvqvV-oWjskcqFUlHcZpGyBQvVxgFcJt6FtbB05xRhR702WSmAGntC3oMpZ0v0t4aokIEXfqrMAe79YSegbnouzBVJWSLuhpOgm3Rp9TsTS9PMGkuYgotPLf__w4uahTw09_Cfb_dOu55kCLnIPMkupCk1WQbiVaFGUf6A3G8psXA8p1UPhEnd15L-LXqTLEHL084EOVg-yFg8g
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YsOkXwABZD8Iu_F9AAivmAr-TcEGJWUvIkJcYw&u=%7C3KzpqDx1Bo%2FUE%2B04%2BvMrLZjvMj6O%2F7g29GuaOlHwS4o%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQQfSwGU1sppLCzv2iiOS9LkPiw93sZyzprpcBW_Kd9DE6XzmaMRJbrT_2NzhcdyW6A2Mj1DXlPfZUcc2XqZigEn5UxmziCPwX6kiNuHpjsFsoAtfeCQvHw4240EUM52N89x8y8WHGRo3MmOV6zbMyzoX2Y0ihCcIVd4d-RVNldOXWICc8oj1YZh9S8YZwpacmeEyJmwFczAxM7nK02GNdKrTzRaXfnmM9rHz0yU8yXyQSkHPWCgeVtolyeGN8GC8AzIu_kxjUgIe3WH3ewWJrdyzDrktK3pP0-z8dvYC2qYxRZvatpkYE77bYdHXAwz8iB7KOnoSB-ElG_VenLyHTN7n-jbo0mRf2_FuOvBgAqMre5xKN3H7mxVhwmr9bY-dZ3wajW8i3HnKQ0HvWiPGNbp_Gx4X51F53O-oSOCznS9Mufy8Txo5HT1EQ19pShrKEQsRTtKk81KA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqetZX6TDYr_IBf3i7_UPmN-iwArkj9KxXKeS4YiIAcCNtwEQASAAYLu-roPQCoIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAG91IjrA8gBCakCfWA6DVlQtD7gAgCoAwGqBPcBT9DB6bdKXH35cnICF2wFV7P8CHNsy003E8nsbsbkVUoGVa461pbC2OJF30GwdBYGeI1baVUXVurHHaxpyAOMeG4oFXscoMKQXQhm5mQXUwgJP6e_oQt-vHP0Jwr22hquD18iAQ9G1EZFnbyXxjV4p6abk1GOs5EGrNkhThuAOxCJQKgMRJMFakNNdMjdgsIWgKANFNxkh8FjhfHAXVsoZnlzP3BwPtWU1d6Mh9zErHfv8tZuS2bD_7wQYPciR6J7b3gorG-iRwVh15K86XRB93MRPCUhCa0HQgAGFX3WjXPqYzJhJ0Rt5IiWDRMDKXCh08PExM4klOAEAYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi05MTkyMjIxNzc2MDk1MjIz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1zoljkdA-KQweL4tw6ifyt8asAnA%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3118613
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
index.html
s0.2mdn.net/sadbundle/10468941064440532424/ Frame 3A4C
73 KB
52 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/10468941064440532424/index.html?e=69&leftOffset=0&topOffset=0&c=5e5TppNCCg&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c837ac7b2c917ebd9f561133f58f2fb595c37bf1ea1b2733bc93ce1a5b4db6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Jul 2022 02:39:27 GMT
expires
Wed, 05 Jul 2023 02:39:27 GMT
last-modified
Tue, 10 Aug 2021 14:50:50 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame BB59
0
622 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7SSWYy-sFLUgKbqZQjR5cl6mMg3UtbysQ75Uxx1lMScT9u8N4T-3mYjWY_CinGTwIYofbvuRAeV64zrkMWhkFqfz5XP2zv4Vg78qI8qY9SVolrs1JmXGDUKMAqhksoHl96TrH0UrZWx1PXFQZHJBKLXARUL6QWhJFS52G369WOp1dCUSYpVGgGbeLs_AYUOPyxUyT2MbiBYcrXgtna_lKzDY3Nk5uud4tyZVkkQe37Y2d5lL8zVhUAIQYtaN9PJk-ewVPu_CXuiysRp5pgiBEPhcwe1XxyIREO0fpcxpJlT9AN6IClSEIsQkSZiDwC4xuYMKkXwcck7osRq7kEMb4pGs6puAtlV1C7WQYN2xr73B5agzC2y9ZpA2Nip-K5uDb9mEFOFuXOgLdmgqpBryEc4T8TvLhUj9tMx24urqbxaf9a72HU0AFnw_C2gQXGkRVN9phWL5Dd4omenUkXpNXUFPfU_32hfBWti29_Bz0VcMpHsKdYxhwzy9JGsBnZkvv_7FnDQTw106RH4sDkUXOcZTP6vZOgFG2wGWjQKfAyxq-Q-XjAYFJZY1uplw03BlpsdMeHqHbcyZjC2JnBhQynj2KPuXkVtIPCenGkewk1hoJcAYq7mTqmuFO5uCsFe9eDh5fG1kskhF4k0yA05vhL2Op2dyFXwkvqXWCkpmFc5cR-tZ0CWH4jUpZhUoyhB8vHYrfOvjwX5aYX1-1vKKwN51_XP8MkA4e5MjipadFoUQ0vgO3PPMhxYwW56l6eiPn5FXekjbTpo5gyjimE-yTrXXaGgMSay4CHYUFG3OWCjbIRuw0UqnjB6muqFt8V9HJisHgB-d75PyTulMW5Xnq5Q6Et9bDPl0dqaYaMGKdH8qSdYJ_3png4k7QlNHGV8hIq_Bujdtj353SThUqTixBuBqca_h6jXEXJshsM_7y4jARsIluGGXT7zU7BxNCkoGyg6tLWs2H004Uz_uXMAp4uQVXrWNXQmWgFmVNc8vzaHLX_DYLE8we-9PNaTwkydEZH1HY3_5deN4yiIeCusNWNSQRALVwGchGd3KqBhggtYhQ9JLROefEhcHqFntgo2qTrsVfYZpdeJnYUpvUwA_lQK7YZkla5bDoPk5pae-tsnvoUzFGee5_24zQIJUnHypc0PPmunFPEs3IDu2V9HuLNXzdmbT_CGydZrlQkT7Nd600kvrfjgWtVDxCkZF2D5EnxqMoqB6aeLeEvKGC6O65ozpikKkd0ISft-pLbx1B8kkJVpkGXP46ZQfn2V68iFDG8Tjko69mWPleMZFp5FS-gVRYs4GM&sai=AMfl-YQCGjn0Y4G0sssqLRNP3ZtNwT3UbmYx-r43RHmT-Nz9PCNfQBaaUGLNM2w_CUl7_wqdTX8WuMiLsjykue0Zmg1Tb720DUiJKwsYMU2Ih6OEHmIyBuvadZs4R-_IpUAv_9Bn3chyHpTNqTkGCRf9DAH2pvKSSpl7sr9V0Y-0JrqyUcb5a2L9UgQ6kZN1qXATJpzZJMeWdvJRf2i45FZ7ew&sig=Cg0ArKJSzL4j4f4Ppq9lEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=307&cbvp=1&cstd=303&cisv=r20220629.62654&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 05 Jul 2022 02:39:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ai.aspx
m.exactag.com/ Frame BB59
43 B
1 KB
Image
General
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lx-mindshare&extProvApi=lx_ek&extLi=26832050&extCr=149862291&extPm=320923767&gdpr_consent=&gdpr=0
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.202.235.9 Herrischried, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
X-ET-Monitoring
1
Content-Length
43
Pragma
no-cache
X-ET-Code
0
Last-Modified
Di, 05 Jul 2022 02:39:27 GMT
Server
Microsoft-IIS/8.5
Date
Tue, 05 Jul 2022 02:39:27 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1844
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 93D1
12 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YsOkXwABZD8Iu_F9AAivmAr-TcEGJWUvIkJcYw&u=%7C3KzpqDx1Bo%2FUE%2B04%2BvMrLZjvMj6O%2F7g29GuaOlHwS4o%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQQfSwGU1sppLCzv2iiOS9LkPiw93sZyzprpcBW_Kd9DE6XzmaMRJbrT_2NzhcdyW6A2Mj1DXlPfZUcc2XqZigEn5UxmziCPwX6kiNuHpjsFsoAtfeCQvHw4240EUM52N89x8y8WHGRo3MmOV6zbMyzoX2Y0ihCcIVd4d-RVNldOXWICc8oj1YZh9S8YZwpacmeEyJmwFczAxM7nK02GNdKrTzRaXfnmM9rHz0yU8yXyQSkHPWCgeVtolyeGN8GC8AzIu_kxjUgIe3WH3ewWJrdyzDrktK3pP0-z8dvYC2qYxRZvatpkYE77bYdHXAwz8iB7KOnoSB-ElG_VenLyHTN7n-jbo0mRf2_FuOvBgAqMre5xKN3H7mxVhwmr9bY-dZ3wajW8i3HnKQ0HvWiPGNbp_Gx4X51F53O-oSOCznS9Mufy8Txo5HT1EQ19pShrKEQsRTtKk81KA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqetZX6TDYr_IBf3i7_UPmN-iwArkj9KxXKeS4YiIAcCNtwEQASAAYLu-roPQCoIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAG91IjrA8gBCakCfWA6DVlQtD7gAgCoAwGqBPcBT9DB6bdKXH35cnICF2wFV7P8CHNsy003E8nsbsbkVUoGVa461pbC2OJF30GwdBYGeI1baVUXVurHHaxpyAOMeG4oFXscoMKQXQhm5mQXUwgJP6e_oQt-vHP0Jwr22hquD18iAQ9G1EZFnbyXxjV4p6abk1GOs5EGrNkhThuAOxCJQKgMRJMFakNNdMjdgsIWgKANFNxkh8FjhfHAXVsoZnlzP3BwPtWU1d6Mh9zErHfv8tZuS2bD_7wQYPciR6J7b3gorG-iRwVh15K86XRB93MRPCUhCa0HQgAGFX3WjXPqYzJhJ0Rt5IiWDRMDKXCh08PExM4klOAEAYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi05MTkyMjIxNzc2MDk1MjIz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1zoljkdA-KQweL4tw6ifyt8asAnA%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3477808
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2F7wruPHp2%2FJR3zCIAyH3jljbIx6KjfAQF3bs7Zaqy4OYc2f8ZJIOJ0N2T4ey69FadK%2FQgYX%2BsVXDNecSLKo2eZakH2GT5%2B5T8iQZprdrVc1Q49AXwVO4LLLEsaK5qs%2B2n0emkKnZBWmAnXm4F08zv0k"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
725cbaf6adbe768f-LHR
expires
Sun, 25 Jun 2023 02:39:27 GMT
140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff
static.criteo.net/design/dt/ Frame 93D1
27 KB
28 KB
Font
General
Full URL
https://static.criteo.net/design/dt/140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YsOkXwABZD8Iu_F9AAivmAr-TcEGJWUvIkJcYw&u=%7C3KzpqDx1Bo%2FUE%2B04%2BvMrLZjvMj6O%2F7g29GuaOlHwS4o%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQQfSwGU1sppLCzv2iiOS9LkPiw93sZyzprpcBW_Kd9DE6XzmaMRJbrT_2NzhcdyW6A2Mj1DXlPfZUcc2XqZigEn5UxmziCPwX6kiNuHpjsFsoAtfeCQvHw4240EUM52N89x8y8WHGRo3MmOV6zbMyzoX2Y0ihCcIVd4d-RVNldOXWICc8oj1YZh9S8YZwpacmeEyJmwFczAxM7nK02GNdKrTzRaXfnmM9rHz0yU8yXyQSkHPWCgeVtolyeGN8GC8AzIu_kxjUgIe3WH3ewWJrdyzDrktK3pP0-z8dvYC2qYxRZvatpkYE77bYdHXAwz8iB7KOnoSB-ElG_VenLyHTN7n-jbo0mRf2_FuOvBgAqMre5xKN3H7mxVhwmr9bY-dZ3wajW8i3HnKQ0HvWiPGNbp_Gx4X51F53O-oSOCznS9Mufy8Txo5HT1EQ19pShrKEQsRTtKk81KA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqetZX6TDYr_IBf3i7_UPmN-iwArkj9KxXKeS4YiIAcCNtwEQASAAYLu-roPQCoIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAG91IjrA8gBCakCfWA6DVlQtD7gAgCoAwGqBPcBT9DB6bdKXH35cnICF2wFV7P8CHNsy003E8nsbsbkVUoGVa461pbC2OJF30GwdBYGeI1baVUXVurHHaxpyAOMeG4oFXscoMKQXQhm5mQXUwgJP6e_oQt-vHP0Jwr22hquD18iAQ9G1EZFnbyXxjV4p6abk1GOs5EGrNkhThuAOxCJQKgMRJMFakNNdMjdgsIWgKANFNxkh8FjhfHAXVsoZnlzP3BwPtWU1d6Mh9zErHfv8tZuS2bD_7wQYPciR6J7b3gorG-iRwVh15K86XRB93MRPCUhCa0HQgAGFX3WjXPqYzJhJ0Rt5IiWDRMDKXCh08PExM4klOAEAYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi05MTkyMjIxNzc2MDk1MjIz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1zoljkdA-KQweL4tw6ifyt8asAnA%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
34538388fdc926429d1544ddba61ea522cfd4a8ef577b1ae2ca5a0f0e57c8735
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
gzip
last-modified
Thu, 09 Jan 2020 16:51:34 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e175a16-6d58"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 30 Jun 2023 02:39:27 GMT
16379029125961a06a40c0a87.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/
542 KB
542 KB
XHR
General
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/16379029125961a06a40c0a87.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash
794a9e925e80c242e70e27652df3f96be3283c7fea92d139d119713802f46be8

Request headers

Referer
https://subject.com.ua/
vdoai
true
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=1172744-1727719

Response headers

Date
Tue, 05 Jul 2022 02:39:27 GMT
Last-Modified
Fri, 26 Nov 2021 05:10:16 GMT
Server
nginx/1.16.1
Access-Control-Allow-Origin
*
ETag
"61a06c38-1cb3c944"
Content-Type
video/mp2t
Content-Range
bytes 1172744-1727719/481544516
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
554976
Expires
Wed, 05 Jul 2023 02:39:27 GMT
16379029125961a06a40c0a87.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame
0
0
Preflight
General
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/16379029125961a06a40c0a87.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Tue, 05 Jul 2022 02:39:27 GMT
Expires
Wed, 05 Jul 2023 02:39:27 GMT
Server
nginx/1.16.1
animejs.js
static.criteo.net/animejs/ Frame 93D1
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YsOkXwABZD8Iu_F9AAivmAr-TcEGJWUvIkJcYw&u=%7C3KzpqDx1Bo%2FUE%2B04%2BvMrLZjvMj6O%2F7g29GuaOlHwS4o%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQQfSwGU1sppLCzv2iiOS9LkPiw93sZyzprpcBW_Kd9DE6XzmaMRJbrT_2NzhcdyW6A2Mj1DXlPfZUcc2XqZigEn5UxmziCPwX6kiNuHpjsFsoAtfeCQvHw4240EUM52N89x8y8WHGRo3MmOV6zbMyzoX2Y0ihCcIVd4d-RVNldOXWICc8oj1YZh9S8YZwpacmeEyJmwFczAxM7nK02GNdKrTzRaXfnmM9rHz0yU8yXyQSkHPWCgeVtolyeGN8GC8AzIu_kxjUgIe3WH3ewWJrdyzDrktK3pP0-z8dvYC2qYxRZvatpkYE77bYdHXAwz8iB7KOnoSB-ElG_VenLyHTN7n-jbo0mRf2_FuOvBgAqMre5xKN3H7mxVhwmr9bY-dZ3wajW8i3HnKQ0HvWiPGNbp_Gx4X51F53O-oSOCznS9Mufy8Txo5HT1EQ19pShrKEQsRTtKk81KA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqetZX6TDYr_IBf3i7_UPmN-iwArkj9KxXKeS4YiIAcCNtwEQASAAYLu-roPQCoIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAG91IjrA8gBCakCfWA6DVlQtD7gAgCoAwGqBPcBT9DB6bdKXH35cnICF2wFV7P8CHNsy003E8nsbsbkVUoGVa461pbC2OJF30GwdBYGeI1baVUXVurHHaxpyAOMeG4oFXscoMKQXQhm5mQXUwgJP6e_oQt-vHP0Jwr22hquD18iAQ9G1EZFnbyXxjV4p6abk1GOs5EGrNkhThuAOxCJQKgMRJMFakNNdMjdgsIWgKANFNxkh8FjhfHAXVsoZnlzP3BwPtWU1d6Mh9zErHfv8tZuS2bD_7wQYPciR6J7b3gorG-iRwVh15K86XRB93MRPCUhCa0HQgAGFX3WjXPqYzJhJ0Rt5IiWDRMDKXCh08PExM4klOAEAYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi05MTkyMjIxNzc2MDk1MjIz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1zoljkdA-KQweL4tw6ifyt8asAnA%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 30 Jun 2023 02:39:27 GMT
img
pix.eu.criteo.net/img/ Frame 93D1
8 KB
8 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=208&m=0&partner=3034&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3034%2F210625%2F9bfb6bf665ba4d79a54c1ad654323e58_logorgb.jpg&v=3&w=1156&s=htEWMS3xcV0nK7iGZekfggK5
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YsOkXwABZD8Iu_F9AAivmAr-TcEGJWUvIkJcYw&u=%7C3KzpqDx1Bo%2FUE%2B04%2BvMrLZjvMj6O%2F7g29GuaOlHwS4o%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQQfSwGU1sppLCzv2iiOS9LkPiw93sZyzprpcBW_Kd9DE6XzmaMRJbrT_2NzhcdyW6A2Mj1DXlPfZUcc2XqZigEn5UxmziCPwX6kiNuHpjsFsoAtfeCQvHw4240EUM52N89x8y8WHGRo3MmOV6zbMyzoX2Y0ihCcIVd4d-RVNldOXWICc8oj1YZh9S8YZwpacmeEyJmwFczAxM7nK02GNdKrTzRaXfnmM9rHz0yU8yXyQSkHPWCgeVtolyeGN8GC8AzIu_kxjUgIe3WH3ewWJrdyzDrktK3pP0-z8dvYC2qYxRZvatpkYE77bYdHXAwz8iB7KOnoSB-ElG_VenLyHTN7n-jbo0mRf2_FuOvBgAqMre5xKN3H7mxVhwmr9bY-dZ3wajW8i3HnKQ0HvWiPGNbp_Gx4X51F53O-oSOCznS9Mufy8Txo5HT1EQ19pShrKEQsRTtKk81KA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqetZX6TDYr_IBf3i7_UPmN-iwArkj9KxXKeS4YiIAcCNtwEQASAAYLu-roPQCoIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAG91IjrA8gBCakCfWA6DVlQtD7gAgCoAwGqBPcBT9DB6bdKXH35cnICF2wFV7P8CHNsy003E8nsbsbkVUoGVa461pbC2OJF30GwdBYGeI1baVUXVurHHaxpyAOMeG4oFXscoMKQXQhm5mQXUwgJP6e_oQt-vHP0Jwr22hquD18iAQ9G1EZFnbyXxjV4p6abk1GOs5EGrNkhThuAOxCJQKgMRJMFakNNdMjdgsIWgKANFNxkh8FjhfHAXVsoZnlzP3BwPtWU1d6Mh9zErHfv8tZuS2bD_7wQYPciR6J7b3gorG-iRwVh15K86XRB93MRPCUhCa0HQgAGFX3WjXPqYzJhJ0Rt5IiWDRMDKXCh08PExM4klOAEAYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi05MTkyMjIxNzc2MDk1MjIz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1zoljkdA-KQweL4tw6ifyt8asAnA%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
836af53447290f759fcedf2d9dedd5f7f9d556505a23f8d7b812f425fe4a0421
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30864105
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8216
expires
Tue, 27 Jun 2023 08:01:13 GMT
all
csm.eu.criteo.net/ Frame 93D1
0
128 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Jntgi-4CXXGRBJ0GJJv5ZVo4v6RYlyIcfVpO0hNfq6uhydSSJbYXT2nHjBJgjL13XYB_ML0I1gGZ6KCVLcVyLE9hTjQIgeAd2R9sc6pYDtJlHv8wupRhRQWNJArWbzw6i0-uDveeoD_fTV1_7yvrWwrdO6vm9UdpG8QKIjB2elhU_kTVvGKeg3zaJZ6Pvl8FX8ljjMInRIl-o8oM6AQ0PXQV_Cn_gSWWeUhUOvUMQqtaX4_opnbohcRAfquDlcHMxPAg7A&sds=2&rev=81891&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YsOkXwABZD8Iu_F9AAivmAr-TcEGJWUvIkJcYw&u=%7C3KzpqDx1Bo%2FUE%2B04%2BvMrLZjvMj6O%2F7g29GuaOlHwS4o%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQQfSwGU1sppLCzv2iiOS9LkPiw93sZyzprpcBW_Kd9DE6XzmaMRJbrT_2NzhcdyW6A2Mj1DXlPfZUcc2XqZigEn5UxmziCPwX6kiNuHpjsFsoAtfeCQvHw4240EUM52N89x8y8WHGRo3MmOV6zbMyzoX2Y0ihCcIVd4d-RVNldOXWICc8oj1YZh9S8YZwpacmeEyJmwFczAxM7nK02GNdKrTzRaXfnmM9rHz0yU8yXyQSkHPWCgeVtolyeGN8GC8AzIu_kxjUgIe3WH3ewWJrdyzDrktK3pP0-z8dvYC2qYxRZvatpkYE77bYdHXAwz8iB7KOnoSB-ElG_VenLyHTN7n-jbo0mRf2_FuOvBgAqMre5xKN3H7mxVhwmr9bY-dZ3wajW8i3HnKQ0HvWiPGNbp_Gx4X51F53O-oSOCznS9Mufy8Txo5HT1EQ19pShrKEQsRTtKk81KA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqetZX6TDYr_IBf3i7_UPmN-iwArkj9KxXKeS4YiIAcCNtwEQASAAYLu-roPQCoIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAG91IjrA8gBCakCfWA6DVlQtD7gAgCoAwGqBPcBT9DB6bdKXH35cnICF2wFV7P8CHNsy003E8nsbsbkVUoGVa461pbC2OJF30GwdBYGeI1baVUXVurHHaxpyAOMeG4oFXscoMKQXQhm5mQXUwgJP6e_oQt-vHP0Jwr22hquD18iAQ9G1EZFnbyXxjV4p6abk1GOs5EGrNkhThuAOxCJQKgMRJMFakNNdMjdgsIWgKANFNxkh8FjhfHAXVsoZnlzP3BwPtWU1d6Mh9zErHfv8tZuS2bD_7wQYPciR6J7b3gorG-iRwVh15K86XRB93MRPCUhCa0HQgAGFX3WjXPqYzJhJ0Rt5IiWDRMDKXCh08PExM4klOAEAYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi05MTkyMjIxNzc2MDk1MjIz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1zoljkdA-KQweL4tw6ifyt8asAnA%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 05 Jul 2022 02:39:27 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 93D1
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YsOkXwABZD8Iu_F9AAivmAr-TcEGJWUvIkJcYw&u=%7C3KzpqDx1Bo%2FUE%2B04%2BvMrLZjvMj6O%2F7g29GuaOlHwS4o%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQQfSwGU1sppLCzv2iiOS9LkPiw93sZyzprpcBW_Kd9DE6XzmaMRJbrT_2NzhcdyW6A2Mj1DXlPfZUcc2XqZigEn5UxmziCPwX6kiNuHpjsFsoAtfeCQvHw4240EUM52N89x8y8WHGRo3MmOV6zbMyzoX2Y0ihCcIVd4d-RVNldOXWICc8oj1YZh9S8YZwpacmeEyJmwFczAxM7nK02GNdKrTzRaXfnmM9rHz0yU8yXyQSkHPWCgeVtolyeGN8GC8AzIu_kxjUgIe3WH3ewWJrdyzDrktK3pP0-z8dvYC2qYxRZvatpkYE77bYdHXAwz8iB7KOnoSB-ElG_VenLyHTN7n-jbo0mRf2_FuOvBgAqMre5xKN3H7mxVhwmr9bY-dZ3wajW8i3HnKQ0HvWiPGNbp_Gx4X51F53O-oSOCznS9Mufy8Txo5HT1EQ19pShrKEQsRTtKk81KA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqetZX6TDYr_IBf3i7_UPmN-iwArkj9KxXKeS4YiIAcCNtwEQASAAYLu-roPQCoIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAG91IjrA8gBCakCfWA6DVlQtD7gAgCoAwGqBPcBT9DB6bdKXH35cnICF2wFV7P8CHNsy003E8nsbsbkVUoGVa461pbC2OJF30GwdBYGeI1baVUXVurHHaxpyAOMeG4oFXscoMKQXQhm5mQXUwgJP6e_oQt-vHP0Jwr22hquD18iAQ9G1EZFnbyXxjV4p6abk1GOs5EGrNkhThuAOxCJQKgMRJMFakNNdMjdgsIWgKANFNxkh8FjhfHAXVsoZnlzP3BwPtWU1d6Mh9zErHfv8tZuS2bD_7wQYPciR6J7b3gorG-iRwVh15K86XRB93MRPCUhCa0HQgAGFX3WjXPqYzJhJ0Rt5IiWDRMDKXCh08PExM4klOAEAYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi05MTkyMjIxNzc2MDk1MjIz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1zoljkdA-KQweL4tw6ifyt8asAnA%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 30 Jun 2023 02:39:27 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 93D1
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YsOkXwABZD8Iu_F9AAivmAr-TcEGJWUvIkJcYw&u=%7C3KzpqDx1Bo%2FUE%2B04%2BvMrLZjvMj6O%2F7g29GuaOlHwS4o%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQQfSwGU1sppLCzv2iiOS9LkPiw93sZyzprpcBW_Kd9DE6XzmaMRJbrT_2NzhcdyW6A2Mj1DXlPfZUcc2XqZigEn5UxmziCPwX6kiNuHpjsFsoAtfeCQvHw4240EUM52N89x8y8WHGRo3MmOV6zbMyzoX2Y0ihCcIVd4d-RVNldOXWICc8oj1YZh9S8YZwpacmeEyJmwFczAxM7nK02GNdKrTzRaXfnmM9rHz0yU8yXyQSkHPWCgeVtolyeGN8GC8AzIu_kxjUgIe3WH3ewWJrdyzDrktK3pP0-z8dvYC2qYxRZvatpkYE77bYdHXAwz8iB7KOnoSB-ElG_VenLyHTN7n-jbo0mRf2_FuOvBgAqMre5xKN3H7mxVhwmr9bY-dZ3wajW8i3HnKQ0HvWiPGNbp_Gx4X51F53O-oSOCznS9Mufy8Txo5HT1EQ19pShrKEQsRTtKk81KA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqetZX6TDYr_IBf3i7_UPmN-iwArkj9KxXKeS4YiIAcCNtwEQASAAYLu-roPQCoIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAG91IjrA8gBCakCfWA6DVlQtD7gAgCoAwGqBPcBT9DB6bdKXH35cnICF2wFV7P8CHNsy003E8nsbsbkVUoGVa461pbC2OJF30GwdBYGeI1baVUXVurHHaxpyAOMeG4oFXscoMKQXQhm5mQXUwgJP6e_oQt-vHP0Jwr22hquD18iAQ9G1EZFnbyXxjV4p6abk1GOs5EGrNkhThuAOxCJQKgMRJMFakNNdMjdgsIWgKANFNxkh8FjhfHAXVsoZnlzP3BwPtWU1d6Mh9zErHfv8tZuS2bD_7wQYPciR6J7b3gorG-iRwVh15K86XRB93MRPCUhCa0HQgAGFX3WjXPqYzJhJ0Rt5IiWDRMDKXCh08PExM4klOAEAYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi05MTkyMjIxNzc2MDk1MjIz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1zoljkdA-KQweL4tw6ifyt8asAnA%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 30 Jun 2023 02:39:27 GMT
sd
us-u.openx.net/w/1.0/ Frame 0E0C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMV37H1iaEPgfdli_D_B4r0&google_cver=1&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEMV37H1iaEPgfdli_D_B4r0&google_cver=1&gdpr=0
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEMV37H1iaEPgfdli_D_B4r0&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJWG2AEQwO_UAhiCmZbOATAB&v=APEucNUF5yHdinfmW6lOHLBIuCXC982M7RMKNV7iMJJpZzcAUFhMjBbFffc889i4kkKjOyPj-bAptNCcOUnBW2s1zeYtayoPEmAQASg9L7Wj6rP_x9GDS1E
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEMV37H1iaEPgfdli_D_B4r0&google_cver=1&gdpr=0
date
Tue, 05 Jul 2022 02:39:27 GMT
via
1.1 google
server
OXGW/7f1e280
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame 0E0C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmE5NDMxOTItOTVlMi0yNDRlLWZjNGItM2QxOTc0MmM4NjJk
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmE5NDMxOTItOTVlMi0yNDRlLWZjNGItM2QxOTc0MmM4NjJk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJWG2AEQwO_UAhiCmZbOATAB&v=APEucNUF5yHdinfmW6lOHLBIuCXC982M7RMKNV7iMJJpZzcAUFhMjBbFffc889i4kkKjOyPj-bAptNCcOUnBW2s1zeYtayoPEmAQASg9L7Wj6rP_x9GDS1E
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmE5NDMxOTItOTVlMi0yNDRlLWZjNGItM2QxOTc0MmM4NjJk
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 0E0C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0
  • https://sync.teads.tv/um?eid=3&uid=CAESEIX0yEjKXHvRRPx3KWso89U&google_cver=1&gdpr=0
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEIX0yEjKXHvRRPx3KWso89U&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJWG2AEQwO_UAhiCmZbOATAB&v=APEucNUF5yHdinfmW6lOHLBIuCXC982M7RMKNV7iMJJpZzcAUFhMjBbFffc889i4kkKjOyPj-bAptNCcOUnBW2s1zeYtayoPEmAQASg9L7Wj6rP_x9GDS1E
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 05 Jul 2022 02:39:27 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEIX0yEjKXHvRRPx3KWso89U&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
292
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 0E0C
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJWG2AEQwO_UAhiCmZbOATAB&v=APEucNUF5yHdinfmW6lOHLBIuCXC982M7RMKNV7iMJJpZzcAUFhMjBbFffc889i4kkKjOyPj-bAptNCcOUnBW2s1zeYtayoPEmAQASg9L7Wj6rP_x9GDS1E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 05 Jul 2022 02:39:27 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
container.html
db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7140
6 KB
3 KB
Document
General
Full URL
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Jul 2022 02:39:26 GMT
expires
Wed, 05 Jul 2023 02:39:26 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 3317
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
Origin
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:39:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64789
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Jul 2022 08:39:38 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/ Frame 3317
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DSjwwTW-WwBu6na1tHV8vSiYIbKLoYF4lLkYnsUjbVbN8vYJnw258Cw2NbfBy5mVnlqaJEmPQJzfvX7MzM7lx1IZpcFP2w_t6Mb0mw4mr6r6JZVSOT9iv10-wQ-HC4ywJL-EzbtsnT3nVCcbSSOoKNfo5dwEiH3_ePHAHhoL4pshMe_gY&cry=1&dbm_d=AKAmf-AhfQRCY2cIrWiJk6mTuDQSOLrTXD95_wI6SKV5wx8h-bUtRVmpQbg7yZbd1Ds3u4qOjvuXiORHiTUxE0danIPJMScocYmZp2vV5LSSOYQtrBzClxGYhDtI7E_wNpeYPL_6alt_Ze7nC6FNqfTaDsJEWuYqa78s5JJamkCrh3aeFJZ5F8AT6G7VDG8YVWsvDeqTGH2_zOAXFKD9hMW149Z97PZDm_kyd1O6J26dm5a1m1xerBUXT1ax29qFic9FE8Km2GD86SUWDSyDKRtig4okaA0gFXr-2JhVaUZaAvNBxggqnhpAxIu1tXsDIg2WpMHBVRdk892SgIWjrLidnkF6H_UhgOI3jATnAvUkpayJCMCT94A7dPDpqHhPMyc2T7frXUV-nw0-rAg2EmfOvOC9Pv-YraQ3Z4LCDvdWe8ZVkph9Cf_k9BrXadRoZv2my1AwO4heoobv8cC9S3foj5_6B0ouQ7NPYB_1gC07TRNyWQv0GAL-ZCpO5D9tQYTuaotyVn4z9Nw8WmW61OiiveixRYBZqYkOm3zDJt934tMmVJ90NOIU3KdGtfSrXLrqqbcckkL7mXZv4-ycVqwfmwdHKTSnC-BjEV4DofYk02pxFCZz1IoV49gb1Ec5h8sKkEholRdHf1ruwP-a8ZQi_FicYNGxpU1Ud-BfO5G3T8CJaKj19CwUKEX2H-ylOT5NyUgPcHRBmz-xbhkX2PePh29m3t72FHG1ssHRqPdtwkt76wVZPBd7K0Ja1jBzzK0fAoYtHpvfvq8O2Wbh7jpQcRmxSXnZHjHCHuTjiKQa1L-JgHYwxlD4s6BeRMUKKH3We1hqEw8172Rpi91K8rxUDggtJ2D6mlL2ugTUTDDY4Hlg12IRLpCeyJP7wjgoJFTToAGoF8mLWvz7XfjTC_nnsuuzZ9gzUmwsDsVY7TdxYP9ILGPHiY6wEoP59aBZexlXNLuYeIfc-klUQ2oyp9M5wUd2LBk_yoR6DwN868fTTZHvEABo4WJHRnrvqN4PJCJQQJivOmvrJYw2h66COqMtzs9g-goHBHkNvqAMwPW4GBQhNzZ-hsrRzrpJgm0u1mlYhNOv0BPLjrokyPrhMMn8TTBZQHy4qtgBKcYemLXs1xt98t_QW3kAOD0TOtRG6fDb0fCDHaTVHb9Y1HcZJIVdx4ps5RyDn78sxgTMoBgrikgI-1jQ6W95-2jG_HYrtMFpS0ExeFefBPo9M4_UYhS-bBQfKNktkzV-OE8B73Kt7WHjVW4mjdE6_RGhPpTZ1FzHNhojW4hhfXZQVhxPyDPWPF7vmDa_zUzrznKdem8JSmIqLu1RAzzRlh0IpAoX-eEkTQhaqVw6oIzTJ3QkrLJeDScDBkQqVTL5N04wWmaP-fwsDTTSwWbO54QwyLoPIBar2aLRrGUQ1ReITBMOwQ8MeYsYRuzxXP5j09ldNXgePVCqzfSPbHknL2VpwVUptVUg_pmPRFP0avywztoILDuTOhd1cQ5eI0JAyG3aN2hn69l_tDkW2u4kbHmzl2LV2io9fGIuf4Gp01Gojr5WA-2FZgloAfgyOcezpIOr8jxj0eq48AF9bJcDzvbAsLRP4sjFhtJIzKaB0TfQTjfwI4dsjcB4VjUFVjFMZ2FuH2w0HNPZ5YXzkAAFgwrE8uzk5sh2Pso9cgEoIn_SQKYk53r4fwt-XPz_8ottMr5m5tgaggAfJ85JgmpDaZfv-UM3Wteb5GOs8q22DEmyLIc2qXP1unYHgCeqQq9hZtBICF5hwL2VmQcpPpalcKKcs6uK31Ur2hvgGamk99_0UICwyzXOofw0RgApPXY2Ypw0RJ47R79uUToi5uOtrckUJNqDpfJy-gygeNvJ0-vHqH29EKhok3VvVhxaejHEkRbTeG5MtHTrWRQ-XXNXyosmHe-plAuywIJawDdH8tT_tK8LYosKxWly2MbGXSU8FkFR8qX8BMEmLExgW8dy0xCYBewX8d0aReX1ICYRvut8UAKq-J6wu9yyu8x1LzIKLGxOIURjKx1qPpCAeeY-E6vzD_uDZ9p4YN7QMu_rqSEG8_uY5Qn0E2JCkDGTPdjA9Pln5wr1lBjbZl8bckvDGgxlsN33WBEQfKCDY-VKKqM36V33KJgcGTGKkfXE6qJf9IBTbaRpIgYz20l9QletYVLFyASVfjqqYm6QSOzdskWrNIn-DgtvqLcHhZGgP6mO5ixETheKmVUuE0NpfexTfsFXxOQKJg_ItHjgWMlEPmF23Ob4RD3RLKikN_5z0XpjDzfdpxspjquxdLEV_JBf8_dMnNg8hTKpijkvJHkWiBMoLcfcLRaheDimYqw8bt-Xyf1_38vzNRYP0M-4kQFiqIRgqU1P61buWnOTYoqwf51_3GaChyzQ4fsvg9abRb3op-LjeVf_VQyCScmoqcY8XMIZQnTHSSZC8tL_Ti9txVDqUg-kXF5gqlwrhIL4d08xKHIxHmCnj4zr9iAeOylFqBXcmc4erQrS5roSh9YmhI_2RscjWOnTIs07GvsblWsrgJ1wKXNEUJtVzND02byVhfvhQcws6TkEpobFy2hcTL0O7cDMS7Wl0x4wPewF5-bwFpTrZ7b9IrFO-yNTvNO10VqLjtASSDZ45zLllguTQQKXW3wtbvs2eM6T11XKaY-pWX-qin2PlG4w-oBNl_Ni-xGMFiu6pyXWFS5g5ipfsfYcTXTtLnCZYoG7pkVYbT6JjEJkYAASGpD_rBRAeYuEkl5hxG4K3CYLvCQed69JFgsz2y7IMaS4zY6fy4Fy2_OGNvDxBu-O-QeQf370i1ZA_da0-slc2gwlETUDDgI5YaeO51yf8MTFh4aL328hIg8nG5rip90vUJ-HjG_YX1695u30PH3K_iPcwFnoN_2sZylB4O2xahT9SyBc4eEjZhF-MNLZKz96GurE346KLrv8_Z4PC2UHB0HrJpMQbgrgtLQJD7OApThrBKsh1Tq2Sv16d2wHCtpvESgN4NT4a04fw2rfzmVjdobjE7mmDfkI9y4O1G0q16lqofrArjGiG-AueC0Xsy71tqCS50QUQnuqAwfNusP99I64N8pvZVWgyvQjijmaGmYf_Hk0PTZG9p57cHXC_WmgWYwkgEJ7rjrNKydA6zabJMVdYSf9t469kmfUvUjn5I9kjP07MhmwNecF5bcrpsHHyJGp6Qauz0YYwEHjepqSpuEtFieKwCzxQ5xNEtMPgczwKPPNoiZbKqLnHwSZiGu-nyQtUbgCjDrFsdB-1n2DoMyN822kA8s-MarPDsjCs_OeZTn_PCOmeW91oVNNL4BAI9gy99xUwSeYUFd3zvYovV0PzLcxmqAGk5EzpKRGeKZ0GBPbJn530h9Jtu1flDSNDkSjmP1tCB5JMesDIJ8AD4o_iY0ddYMBFparXG4b1au5b5BjIP7qYZc2nwC_s2BQRue-qS5FDf5wMsOa3i206zIonJRkdw3WvIG30G75rV46N4vplriV5MlSbxorOfXUjrDwYQLbjrTdBK9GwD0wtdoZc3QKhL5bVjni5RD4gFiDmEjweGbuD0Z6I4R-m_b8FXzjjlK7eEzdLLvi-1e3SDqtqfTyLXVXwyumneAAHxsEWCMzSc9ywE_tzvDoDKMkPYG4Lhe5HIKPNdujogeSSMDzOAnlGBQNLapGtUK7DpheC7jXfQFvofpZfH0kpz3yZbj54P-R881-k-2DOcI37gd_xkUyfGRd&cid=CAASJORoncyYFTNq5ExaK0ZsqEC5LXBIqgs03qYQPjT_16xmbCWnPA&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 19:43:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24946
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Jul 2022 19:43:41 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 3317
27 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DSjwwTW-WwBu6na1tHV8vSiYIbKLoYF4lLkYnsUjbVbN8vYJnw258Cw2NbfBy5mVnlqaJEmPQJzfvX7MzM7lx1IZpcFP2w_t6Mb0mw4mr6r6JZVSOT9iv10-wQ-HC4ywJL-EzbtsnT3nVCcbSSOoKNfo5dwEiH3_ePHAHhoL4pshMe_gY&cry=1&dbm_d=AKAmf-AhfQRCY2cIrWiJk6mTuDQSOLrTXD95_wI6SKV5wx8h-bUtRVmpQbg7yZbd1Ds3u4qOjvuXiORHiTUxE0danIPJMScocYmZp2vV5LSSOYQtrBzClxGYhDtI7E_wNpeYPL_6alt_Ze7nC6FNqfTaDsJEWuYqa78s5JJamkCrh3aeFJZ5F8AT6G7VDG8YVWsvDeqTGH2_zOAXFKD9hMW149Z97PZDm_kyd1O6J26dm5a1m1xerBUXT1ax29qFic9FE8Km2GD86SUWDSyDKRtig4okaA0gFXr-2JhVaUZaAvNBxggqnhpAxIu1tXsDIg2WpMHBVRdk892SgIWjrLidnkF6H_UhgOI3jATnAvUkpayJCMCT94A7dPDpqHhPMyc2T7frXUV-nw0-rAg2EmfOvOC9Pv-YraQ3Z4LCDvdWe8ZVkph9Cf_k9BrXadRoZv2my1AwO4heoobv8cC9S3foj5_6B0ouQ7NPYB_1gC07TRNyWQv0GAL-ZCpO5D9tQYTuaotyVn4z9Nw8WmW61OiiveixRYBZqYkOm3zDJt934tMmVJ90NOIU3KdGtfSrXLrqqbcckkL7mXZv4-ycVqwfmwdHKTSnC-BjEV4DofYk02pxFCZz1IoV49gb1Ec5h8sKkEholRdHf1ruwP-a8ZQi_FicYNGxpU1Ud-BfO5G3T8CJaKj19CwUKEX2H-ylOT5NyUgPcHRBmz-xbhkX2PePh29m3t72FHG1ssHRqPdtwkt76wVZPBd7K0Ja1jBzzK0fAoYtHpvfvq8O2Wbh7jpQcRmxSXnZHjHCHuTjiKQa1L-JgHYwxlD4s6BeRMUKKH3We1hqEw8172Rpi91K8rxUDggtJ2D6mlL2ugTUTDDY4Hlg12IRLpCeyJP7wjgoJFTToAGoF8mLWvz7XfjTC_nnsuuzZ9gzUmwsDsVY7TdxYP9ILGPHiY6wEoP59aBZexlXNLuYeIfc-klUQ2oyp9M5wUd2LBk_yoR6DwN868fTTZHvEABo4WJHRnrvqN4PJCJQQJivOmvrJYw2h66COqMtzs9g-goHBHkNvqAMwPW4GBQhNzZ-hsrRzrpJgm0u1mlYhNOv0BPLjrokyPrhMMn8TTBZQHy4qtgBKcYemLXs1xt98t_QW3kAOD0TOtRG6fDb0fCDHaTVHb9Y1HcZJIVdx4ps5RyDn78sxgTMoBgrikgI-1jQ6W95-2jG_HYrtMFpS0ExeFefBPo9M4_UYhS-bBQfKNktkzV-OE8B73Kt7WHjVW4mjdE6_RGhPpTZ1FzHNhojW4hhfXZQVhxPyDPWPF7vmDa_zUzrznKdem8JSmIqLu1RAzzRlh0IpAoX-eEkTQhaqVw6oIzTJ3QkrLJeDScDBkQqVTL5N04wWmaP-fwsDTTSwWbO54QwyLoPIBar2aLRrGUQ1ReITBMOwQ8MeYsYRuzxXP5j09ldNXgePVCqzfSPbHknL2VpwVUptVUg_pmPRFP0avywztoILDuTOhd1cQ5eI0JAyG3aN2hn69l_tDkW2u4kbHmzl2LV2io9fGIuf4Gp01Gojr5WA-2FZgloAfgyOcezpIOr8jxj0eq48AF9bJcDzvbAsLRP4sjFhtJIzKaB0TfQTjfwI4dsjcB4VjUFVjFMZ2FuH2w0HNPZ5YXzkAAFgwrE8uzk5sh2Pso9cgEoIn_SQKYk53r4fwt-XPz_8ottMr5m5tgaggAfJ85JgmpDaZfv-UM3Wteb5GOs8q22DEmyLIc2qXP1unYHgCeqQq9hZtBICF5hwL2VmQcpPpalcKKcs6uK31Ur2hvgGamk99_0UICwyzXOofw0RgApPXY2Ypw0RJ47R79uUToi5uOtrckUJNqDpfJy-gygeNvJ0-vHqH29EKhok3VvVhxaejHEkRbTeG5MtHTrWRQ-XXNXyosmHe-plAuywIJawDdH8tT_tK8LYosKxWly2MbGXSU8FkFR8qX8BMEmLExgW8dy0xCYBewX8d0aReX1ICYRvut8UAKq-J6wu9yyu8x1LzIKLGxOIURjKx1qPpCAeeY-E6vzD_uDZ9p4YN7QMu_rqSEG8_uY5Qn0E2JCkDGTPdjA9Pln5wr1lBjbZl8bckvDGgxlsN33WBEQfKCDY-VKKqM36V33KJgcGTGKkfXE6qJf9IBTbaRpIgYz20l9QletYVLFyASVfjqqYm6QSOzdskWrNIn-DgtvqLcHhZGgP6mO5ixETheKmVUuE0NpfexTfsFXxOQKJg_ItHjgWMlEPmF23Ob4RD3RLKikN_5z0XpjDzfdpxspjquxdLEV_JBf8_dMnNg8hTKpijkvJHkWiBMoLcfcLRaheDimYqw8bt-Xyf1_38vzNRYP0M-4kQFiqIRgqU1P61buWnOTYoqwf51_3GaChyzQ4fsvg9abRb3op-LjeVf_VQyCScmoqcY8XMIZQnTHSSZC8tL_Ti9txVDqUg-kXF5gqlwrhIL4d08xKHIxHmCnj4zr9iAeOylFqBXcmc4erQrS5roSh9YmhI_2RscjWOnTIs07GvsblWsrgJ1wKXNEUJtVzND02byVhfvhQcws6TkEpobFy2hcTL0O7cDMS7Wl0x4wPewF5-bwFpTrZ7b9IrFO-yNTvNO10VqLjtASSDZ45zLllguTQQKXW3wtbvs2eM6T11XKaY-pWX-qin2PlG4w-oBNl_Ni-xGMFiu6pyXWFS5g5ipfsfYcTXTtLnCZYoG7pkVYbT6JjEJkYAASGpD_rBRAeYuEkl5hxG4K3CYLvCQed69JFgsz2y7IMaS4zY6fy4Fy2_OGNvDxBu-O-QeQf370i1ZA_da0-slc2gwlETUDDgI5YaeO51yf8MTFh4aL328hIg8nG5rip90vUJ-HjG_YX1695u30PH3K_iPcwFnoN_2sZylB4O2xahT9SyBc4eEjZhF-MNLZKz96GurE346KLrv8_Z4PC2UHB0HrJpMQbgrgtLQJD7OApThrBKsh1Tq2Sv16d2wHCtpvESgN4NT4a04fw2rfzmVjdobjE7mmDfkI9y4O1G0q16lqofrArjGiG-AueC0Xsy71tqCS50QUQnuqAwfNusP99I64N8pvZVWgyvQjijmaGmYf_Hk0PTZG9p57cHXC_WmgWYwkgEJ7rjrNKydA6zabJMVdYSf9t469kmfUvUjn5I9kjP07MhmwNecF5bcrpsHHyJGp6Qauz0YYwEHjepqSpuEtFieKwCzxQ5xNEtMPgczwKPPNoiZbKqLnHwSZiGu-nyQtUbgCjDrFsdB-1n2DoMyN822kA8s-MarPDsjCs_OeZTn_PCOmeW91oVNNL4BAI9gy99xUwSeYUFd3zvYovV0PzLcxmqAGk5EzpKRGeKZ0GBPbJn530h9Jtu1flDSNDkSjmP1tCB5JMesDIJ8AD4o_iY0ddYMBFparXG4b1au5b5BjIP7qYZc2nwC_s2BQRue-qS5FDf5wMsOa3i206zIonJRkdw3WvIG30G75rV46N4vplriV5MlSbxorOfXUjrDwYQLbjrTdBK9GwD0wtdoZc3QKhL5bVjni5RD4gFiDmEjweGbuD0Z6I4R-m_b8FXzjjlK7eEzdLLvi-1e3SDqtqfTyLXVXwyumneAAHxsEWCMzSc9ywE_tzvDoDKMkPYG4Lhe5HIKPNdujogeSSMDzOAnlGBQNLapGtUK7DpheC7jXfQFvofpZfH0kpz3yZbj54P-R881-k-2DOcI37gd_xkUyfGRd&cid=CAASJORoncyYFTNq5ExaK0ZsqEC5LXBIqgs03qYQPjT_16xmbCWnPA&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
510
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10545
x-xss-protection
0
server
cafe
etag
4672069523611413616
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 02:30:57 GMT
Enabler_01_246.js
s0.2mdn.net/879366/ Frame 3A4C
116 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_246.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10468941064440532424/index.html?e=69&leftOffset=0&topOffset=0&c=5e5TppNCCg&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10468941064440532424/index.html?e=69&leftOffset=0&topOffset=0&c=5e5TppNCCg&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 11:21:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55100
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40237
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Jul 2022 11:21:07 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3A4C
236 KB
63 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10468941064440532424/index.html?e=69&leftOffset=0&topOffset=0&c=5e5TppNCCg&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10468941064440532424/index.html?e=69&leftOffset=0&topOffset=0&c=5e5TppNCCg&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Jul 2022 02:39:27 GMT
vF160x600_SWISS.js
s0.2mdn.net/sadbundle/10468941064440532424/ Frame 3A4C
49 KB
34 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/10468941064440532424/vF160x600_SWISS.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10468941064440532424/index.html?e=69&leftOffset=0&topOffset=0&c=5e5TppNCCg&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f40592488e9d1e2f71142e473e9978d04ccb007db7587cfb43057b3a1ce2003
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10468941064440532424/index.html?e=69&leftOffset=0&topOffset=0&c=5e5TppNCCg&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 22:15:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
447822
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34710
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 14:50:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Jun 2023 22:15:45 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 084E
503 B
281 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEJq67dUCGIHZha8BMAE&v=APEucNUDfUP8vNOn35ZjDGGcrpBw8lREQNOaCMrOQvBrik4TV4UqFY9G3MZnFqL3IuGqeSVBpEYd5gAG72En6G-pbzuGR8nXjTr3FRdRLuw5ISP_5QHvI5k
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58644b7dfa826a3291e2e5d6c2974b47906616e1aa03a2f757fdd1bde7796621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
260
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Jul 2022 02:39:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 7140
78 KB
33 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ABiZDXdx0ZkKYmmnFJatPj8UH3-zfR_Qo7I5FgRjSibqPOxTMwC4aRcbp9yhrXLcSAn6PGK1KLyNKPN_nTnw_nX3RH5GDuyS3QA97cUBjT4xFxzwaVgOhyrjklhByr3L6ioNFsxMRliMnSg3ojgxj_Aa_LLg&dbm_d=AKAmf-CHKWjRs3bLkZwp7ejU91eCJgiHqsxhwHZbW5TjWaR61r0dHfV6_Ddt6RQBRzp0T0hKjU3MKewOyR19m77dK4XXOqmsFFV-9hFLQTW-R41i658d7RIzqUYS-vWKdwEM_Wttj6CIBhGjg1tlFRMEnmeMJq0oxapAPawnIiiMyZI2Kz8dXHliZBDmkqUjbypc8j78GdfsqHGPnNYNJq4H55PbS-ZDSm3ZByTvtBeE6MYctJ7NVHrhAlHe3m-xtmI8HJtZQELqp61ynAggMjDmFaBuLcr0FSCl6u_RfZytJMkfJnGbvt9c0AdmPE-_IgEbwEjMPOQ323yI_e9a50fa5zywpjP-CWozNmBUP4BdMa2FRAE8b-Isq3_YAmfyZiW6kbeastrM_gE8NG7avQsfM3LswBbOADL_v3yDvZHIVNBg_6SJTLjVL-3_kmUl7BJrcb3Msm0C1t5UIwZyL-UAmhi28zpO2AvVbdcAraLoRq4NmLAPQVGjmregxCPnZ7NrbieDDx9d5QZp-azAcSl-EufULYUCS1QZE1NAjH0NGDiQYegEkfYiID5-5xEAypEY_fFkbakIsmNtZvzYmtgSQV2hkfqk1XYfjUABOjCOuAKRNECvS57sHq0cyPQettiGVAbDqc7w3reGqnBy3ULDHwVMyYgSiET7yYaVzJPD2GvjZSSlJDBHeUa_24qnEPLyF0sBwRurycNR9OLbQK5X1zu_muRiLLWhsYXWOxPgMhYGiUawe9AAGoNTvy-K0FAo1wsYKI4sEOqKzspLDP7WT_5o8Az8T0XxbaBnZ07eM0_p5kl9bQEiVeCHNve2ZUFJplFVDHLlfakF_gRxF2utCZwANMHQ5UHhChRthkTlVHE9GYtrKaK-i1NplyZqJ3tbWBccbKgoOIF79x4cHv93XqJRc2Mgat2IQzmPXH_3k7HhgiZCLSb7XoqqjBpIjQyBDl6dw47xrHE5z4MrhdevFde0bxLHS9Zf4kCJwtXJ6E7jCMknoAQ4JwFJ__kqDor73tMKQufw1bg7YJGErgdgDB9xZ-xMDUhfxxmpRNvGKSxQdMVTpgJU9gEu-16MeaiXenumY1KUeFoUJG0vnqZ_ehX1CgoyOWd46wA_e8_oBfKZSWanSeSJSw3UtxuCOLW0mXPYB8nqKRog4rA-4YV85qe69fn41t33mtKizpaGzh5p5caLfOHAHPwcOjd_RfKzeYbsygX8emrzV_CrBL78ThFmGXEm7OqqGiAXHXA377uglOa3NN57JDsYzXSUwms2Lm3DwwbLxeHvNa492YB5QEPku9-VHg4JxGnYt4iHfTsPNhFTyHDx3oyd4pveeREsPJ1h8xTQlGSUckRic43WHuuTV_9--aq6E05Jul-8h75wzKrvL-rR2g8NPu5jCRKzgRvVucOA12BAQKHrg5ny5k6jLKktDrT_bkws4I4q5dI-vl1mxVQuTZ0JOMF9vBBrWIFrpgAudzWLi6dxrygs_IjuP2f21l2LGxTQZo2T41c4JpEEMQh-P7_qhYzC-AgMwpmRZ797EdeahDXrQ3b55duUZavf35tnA9UQgC3yxYmvaRjEDh85BCvaw5mSIZYO_wCed1r1ylht7_Ed3SxG5oogrQHQMnTQ22MXuPigt6vV6RPD3Ye_yTGLQgMNRgIk3mL5HcH9WnDwNcJuosOue_NPp9UyIBUBby-TxHvPbyLatJeu5K8v-Y_KhUDdLJrr24JOElNz0vVG_0G1uoHYJtDcv6WDRQfMvhs5wTFgUccz0rDLaFjeW6akeZWnChoAI4SGNswdUlPvLeOyPUWsm_9O2OUZ44US8jUjigTUhYiBpxLGtAV5W-nzHKGX3k3kq3DmDp1yHVzrDknepN3Erv7Q09wT06di6sMSM1Vxau17me4MUJYJC92F8sfDArujwOrK-AOmjkz60BtewcDsF2GwSPNej6IfqnMlgcBcJG96zZLo8PQSEmUj5WMbEKFuHkbvRv99h3TtFaWssRKrlA98Yq7IAZ7l3SDpF0lB9REvUJhT7D-M4eBt8YwnzLs0ThVYzcle-GUu4VP2QqUXH1xUb6Gizma39tVUGiBake82NRiDpExMXILbkUdYFACPXWw8rGJyeaj5azaEyIGCMn91QCArJUs983hyfkrfw3c7xbeMzKDCLGqtmtfC-aLbzCm63mLqoqLgGKmEmMlT-88XeTSH06rYbtnTntJwnQHANC2UHyAA9WFDj71jVu_vNBVu6NEtsXC6DSuZYfrkmA3KmdT5oUOFX3PG-3Z5u83K_KV6aXpD-zoV8VwqFRbxnRY-M4so9Iw_Po4zys6W8G_vKHTtPzIZRfIywRjzEM5FlD-SpptDRkPCW8IQe_6u6cFjuVOrtR240rjxL-FFKvqCStfkVskeqqA77tJF8i_AbLf7R3HuMikCKYbzk-AO_XzxlGjLQiAQbVPrHXf9Gug1AioV_cGrFZ2qUOqA2KOxIFX-rN338OjbfxHoyM2jyDLVWciPR8vpQLMtnfh-oU4KqD7Jhey0YQk29C7ItDVGgIrVVjn5fuxEF8wsA6hglF_D2OMe5mVO5LCXzl1tfj06a9nmQIR-NM9ENFbSG67t8mTXlNxSY0wgiKH9ZYf8eP56CbfeRSpbePQg0m_NTut_HsspKaA9JsaWvzDg58PzNtAUo306NpVrNrBq19NG-PiUTR6U-VgKlWKM9jC_ud1IDZ8_3prL1d1hrOolyJZyyIhRlxZOJDsmJKHG6gRXpW_A2paWjcBIRvBAeBtIvueOPLoKtABoyoY84K_3jZtp2qMC5qDO2A7dUKa3Sho-y48U6SvM2ZzMnLyNhEYqHIuosbdkh_JNvmWtZ6i_EziPmVbBSgwnM8MmJ4Asi7uqVUVQQ30jb9yXSCmq1SUrKjlXyo1tZfQsxSO2XYGE_TgBSjjsnzgy__FDQUr8Xllq5suX_KTdWbJLBHzS6LB-oZWHL6xqkpd8kYHOzQJuYdmfCKYNSsx14sU6gLPJsZQ_2FIOXLl7goPtCnsmbhNYtP7mV1cNVoOycPwi_JXiGRwnsxD1pc0Po19VNG6DoZ0Fn7itHRs4mM4vgybjitKqIEhtHL2hPSQ03quubErQoOgCdvZWL_dmB9rjzYfviLh9E_Wa9o4M-rTvGDcGGRUwKRdo8jmbwg7vf-cXXk8NAoxFcCwTGGb-5EiyBOh6ch0LRI2PZZnoUsRMoKjk8qcLL2YYlo9IRUTdNWhQjL-J_VbPcaU6x4kdkAXV4cNVoO8G4uWEwxn0bznVbB4trlS6aWQy7OQxumdCG7k9KpmJz6SpbaU55zUc69Akt4QJtGk2YnJUKqOFJAlSf2UV6Jh4KAfa88cxJ-I_pno-OWy_zw2Q7EHs0wiAww14XqPbLxqbHvXI0VGcts5VMrQKQziKB-TC47PgW0B2gMhqV8tY_SkURwcF1u_PKwTMkHZUp8AYnVBLjGJm17WoEW1qBCI3lp9TFev67XRrm1F32zb5oGK41zoTPAd7EJLadc0B2y1fFmXXftnNBzbeg51mxbIx49-eJarDD7qCM0-8uA-YEpcE1VcXfCAENMl6ZYb2ItYYDn0KE8DcUfRY1JVsWQjU_s4EbzrZ0RbrIlx4kINu2YMfGhokpP4bL9kNbQelMG5nB36ciLZ8iIGQ4a5RlUoVZTgDQslnovCQwTjk7J_RgrKIOznDdZJmWoEp7qbcvlJ_mOxwXJ4b&cid=CAASJORo4cTYu7rckA_S9drZZlCOkwRboxU4A_GWgE8erU5ZYJf7Bw&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9319cb4af53d49e9dfaf627048b9c09584bae2798dbf5996db792476d86e87f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33344
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7140
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B68fWsIm0I_bLXnem-SDXx9YBwOH3V1gQ5ej9FKDRoIIcVcfFems2VXtGEHkiyGpHhX_DJKEVQbcRydeeBkSIqVn0j9SncjFG91u8Q1uJ3Zmr1jkc
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 7140
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
835
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 02:25:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7140
138 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Jul 2022 02:39:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 7140
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 01:51:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2863
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 01:51:44 GMT
sca.17.5.12.js
static.adsafeprotected.com/ Frame 1DEA
80 KB
21 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:ce00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
4298694
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 cd8cc1ff175a63c59feeb56bb3687766.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
content-type
application/javascript
x-amz-cf-id
riL8RHYt_Obxldn6YzW4BCUoEMYP1_S_iF8-ifCQj0Tn_JzBB0BMgA==
mon
pixel.adsafeprotected.com/ Frame BB59
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=930701&advId=5761340&campId=49720581&pubId=1&placementId=393280247&adsafe_par&bundleId=&dealId=&bidurl=https://subject.com.ua/&adsafe_url=https%3A%2F%2Fsubject.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fdb3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fdb3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:7c2cc259-6959-55cd-5e84-c825e2b2eac1,c:hsnnBU,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-86c8d9dc9d-rw9jd,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:341,fm:taG00ii+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1b%7C1c%7C1d%7C1e*.930701%7C1e1%7C1e2%7C1e31%7C1e4%7C1f1%7C1f2%7C1g1%7C1h1,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:357,oid:b04abaf0-fc0b-11ec-b575-62f9a1a086e6,v:19.8.319,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.241.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-241-185.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
x-server-name
app07.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame BB59
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=930701&asId=7c2cc259-6959-55cd-5e84-c825e2b2eac1&tv=%7Bc:hsnnCx,pingTime:-3,time:395,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:356%7D,%7Bpiv:0,vs:o,r:l,t:394%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:395,n:394,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:356,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B51~1,1~0%5D,as:%5B52~160.600%5D%7D%7D,%7Bsl:o,t:394,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:taG00ii+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1b%7C1c%7C1d%7C1e*.930701%7C1e1%7C1e2%7C1e31%7C1e4%7C1f1%7C1f2%7C1g1%7C1h1,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:1331:3de6:525d:5ddb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame BB59
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=930701&asId=7c2cc259-6959-55cd-5e84-c825e2b2eac1&tv=%7Bc:hsnnCy,pingTime:-6,time:396,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:396,n:394,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:356,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B51~1,1~0%5D,as:%5B52~160.600%5D%7D%7D,%7Bsl:o,t:394,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:taG00ii+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1b%7C1c%7C1d%7C1e*.930701%7C1e1%7C1e2%7C1e31%7C1e4%7C1f1%7C1f2%7C1g1%7C1h1,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&tpiLookup=ao:subject.com.ua*&br=c
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:1331:3de6:525d:5ddb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3317
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 11:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Jul 2023 11:50:18 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9352
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
47595
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 13:26:12 GMT
etag
48472445140208031
expires
Tue, 05 Jul 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3317
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc9a1e41bfcaa09345ca316d5da548632892354bf40b4b3ba69b5a21d40fff4a

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/9268526312242492323/970x250/ Frame FE71
11 KB
4 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac15f8b0203ec1716d5f6582a32002effea867e56808a08901c7ea26c2e3348d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
325336
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3618
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Jul 2022 08:17:11 GMT
expires
Sat, 01 Jul 2023 08:17:11 GMT
last-modified
Mon, 27 Jun 2022 14:08:33 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3317
0
27 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstR7MTKoUgRs8FTdjzsi7wq47FLL7pFgVYAuP5odrS8B7d0X56khPxnwwah-ugeLJBBB1-sTQUk0ySF1pf9Jhp36SVgAlVKRl-HjwJu4UFAPCsfOQtnh9_BOUx6gxN_wPPm1FJ63rwDoXp_Xo_R7SBNJbfbMFrF5znPVnOQ58sQHyJ8gZjg4F5CBZVzAlIDrDEyvZHuSBOzR9gFaYa68lK_TwVWmGiXmG8Zr2Ghin2sKgp1A-HWXF8HwfANKLMrtbCUHVaNOvvdnX-WVs624Kncvs51xWE8CoZj2092w_i0AzHc2_GFplUs79_lWiv8LXicGuBCTt42i-_cejR_X7wteZzw-dfhER5g4h0ZgbP4H9KJkWyrZ_ndHtocEAnHTI6neUz7HZcDpX84l6ycED7rxB0T7uXjfgTVq96gqg709CJP242dvafLBJ1cNW1ciV6c6f0KeWjaGfEzZYm1S93A-XlsWZLRBwo_95G4-Ra8ehypD9J0QkSLX7ghm28bfKOey01ssefF6ggnhuojxCm46DqTbrsUOVVBgccVKZM_vOy5Hqo2mLyhzN2VSVR7vvD0L5ygGawT5Y8dkRwsa4znRryudXIg8XZki5zykN5YIY98jDqCNiJQ9GbB_Oat0r79yj9psPzDNebDRERsqI4YGXSWn-VrA-PgkU-XhDCt3de9JzU9444-EWuMX6h9U2Fw-CNV4-X-EX21OLsXur7njNq7A9zqGR7mwO1rvqOAw7v66p-twH0dM8NwexjeRvELF45cxfte4pshgYD97rbVDMsiWrdZokTtd75duhoEDlk-ZvvXH2IJAgkmFnjaO__ZhhAHdVsQLdEzMQicfe9jrJCb_MQkMnOXq7wMzN7Kpq87sN3F0fK0zn94ELiEIqfsKfLSw2UMWegt6wSKqYFypqi-T21FrQqAOkLk3oK7Ss_lJjyLqAQaeA6tYmSQVq8ey1SRVwMwXIhRyu6Sn3c2rnD0Bd9LhXTmBss9X3glXqNmtmYN61a79u3okvvs6cNwgXKjBEEYAt2rHzKtREmH2-JASvWi6SOBD1lEd2fxaeUHJFgchDvHLE3HO6B7-UaSZDMpGkAPcqnKP3jFOGU0HEc9SoODSRwzfx2HvIEJ4ju6YWuGh7wq3T_xTCMkCmFHHUAIow2BE8g81G0cardWQ01q1nadCEegdh4ukDcDJDqlmHRuLi71Tvxhj8hPRn9jX3CdZ20LPVU&sai=AMfl-YRU8DQM2NyFa8HYEk0V-qtXBR25Yrh96JzGXD4rm7aVqk6Tgpiw5fuvFGdsCTbW-sPWRiNfXysEVrA-3WbTxfLGXHARhbQP5DBaQIQCbj2jJeYwgrcmYr6ycsv-dLrwijsuMycIHaC9SOuNDc3xiHy75fU-i_2N7Z_DpsAPYZtBIROFsE1hPRO8iaz1SmHBWg2lMExyfg-VnEAtcdBirw&sig=Cg0ArKJSzKBr-zs80Iw6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=162&cbvp=1&cstd=159&cisv=r20220629.36608&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 05 Jul 2022 02:39:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dt
dt.adsafeprotected.com/ Frame BB59
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=930701&asId=7c2cc259-6959-55cd-5e84-c825e2b2eac1&tv=%7Bc:hsnnDw,pingTime:-2,time:456,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:370,beZ:371,mfA:710,cmA:712,inA:712,inZ:715,prA:715,prZ:721,si:727,poA:727,poZ:738,cmZ:738,mfZ:738,loA:766,loZ:768,ltA:825,ltZ:826%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:356%7D,%7Bpiv:0,vs:o,r:l,t:394%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:456,n:394,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:356,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B51~1,1~0%5D,as:%5B52~160.600%5D%7D%7D,%7Bsl:o,t:394,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B61~0%5D,as:%5B61~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:taG00ii+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1b%7C1c%7C1d%7C1e*.930701%7C1e1%7C1e2%7C1e31%7C1e4%7C1f1%7C1f2%7C1g1%7C1h1,idMap:1e*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:98,readyFired:true%7D&br=c
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:1331:3de6:525d:5ddb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
vast
bid.g.doubleclick.net/dbm/ Frame 013C
31 KB
16 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BK9LpK3O29Kpfx9LhsiKemgQCdoXLDwnFMyr5ZzeYY86ehqLo5VK5MBLpeD8dSi8YTcab0ms-jtO4AKw2KRhil8ZyRxw&dbm_d=AKAmf-CFRsq66z-RGCROKw_pi032uktPlnGmSfFJa3WlHRoctCIewxyzq_rAIvuRfD1YwUbuGWwx2BAOXp-d-VBSlygNjZf183n4T2l_xbAT1YZqOV0vOPU-KSIUxHG13hj5XNKvRuP8-dNj-SkIriek8MVrt8Ym0oWC6A65ANG2e20g9wNXQI3qnIkHUEynSY45RUUu5VH4GZuoeSW4X23kmElIyO_qCaI9FrM3bGmuxgMpKMfDThGHfJKmzEm3ONvJfgqONIYKRo-WA-zAimTquTWQpLWoquMOmWil9VIhNDGdLA7cr_YyOMaknE6GHY1VWfPeJvbLuyqPhrTpYQ0SZ-PahLwtQ2aarq8r3PMGYaqZ-iCz9FEXnL3_cnE8WpurBj7t0nqM2k5C_pCd01sDdYMXpk9OPbU7yYWLSQuUheFE3eKhiVXbLaBMVUSUDlVP_w_EzoPlvZo67skyF45wGAtkdJRX9cm2SDuWgCs-MdGAJ89k3LqYWaPmNTyt4sDAljbdMnYn3SS1k644OBgEdfMl8pqtleDqhvhkp1DFcSj8gJLImmn0ZV2q_RyE9l2i1bAwFDHePe6HNofJmZBRrNh4UcGZel_KZ4TYVE3d-XkX2XylVxLxxW7kZaz_Tjh2Z8sWQhIT6IgydzBH5uz2OaljcO3_BwTZ_BYkNJX3XRywiGQHmS_ZNyGclOSW_iIq10CnMStD3iY2X6w3S2KQ3clxM2AUJ_BOCSb6I56yVwtYa2_QnPEUNlmBxEkbRnHUcJstNgQPQe-o4jK-WKhmQ0hYNy452gY3A9qwV0AfBC46Ypv0_AxBab8hdv867QsI_OAq8u3qZLzlreNbUNza2DSr5kNlxrp4Is8-0tty-PAvLxrprhxLNdsGyXX-UOeseFirMqUeOPnTHbwCgrKkyZDlYBBkXZRk5AsktTHz6gz7e6MY7RaqbTroBoSygj6zwhfW2VuwuDOHTBjGwi1D3HlOlIhkDhEy0q7wmedSxOonC-7JAOXvfy6aUqgd8Dsnf4noIm4ODLqMao8YL9BvgUFq2SQUgQMjqtZ00U4Po1r7tc0UZ_mMaFz5bRADjUg7Gt1HOBalslaP7ml20gtOUNQ2wDaxIf64O5CWpaNwU__YGu9vgQJHB_XYRUIcuG40SpiOFmE2iFVI51_4k-k5a7Pa6goxzycIQ87mTsqn9FakCD_kBouI3HL7ygavRgWRz5E1ay6s2ddfyu53FMcIkwGu3mMzFultxe3fcORQw-eEMZqRykb5av_4fFmilowVgg83eKCQFNXQWdfSTZx3gVPfAFtznkQYOHpJMYG-OSQo71Bc4Q8Bcgv78TDRZaImGhZxnns2dq4xaZoTdtMQlYPQVStnkU0QhatZsAZmaVOO32LieOP3qiu7X8e1w4K0QkOTebagbv7EgFGPUOMs85eKR-pBBugFak4Hd6tVt0HN8BrB2R0wSxnH6NWOh6p57yvDrcnuV8RkKAs3DIjyU-HfuadLuU2YcvmIyM_KNT_yxk3-tPLK5c0E7zoeZydEch4xSnRyhvKbs3NbgIxBVQi1MB8_V6tM3yOVERTF8bc56qB_2rG0SoeA0DaJxGsKZ0ZGLZd4IQI45FIlqXTjJfvQBNNc4GrUqw_2ItwX7SxWuFAQH1-RidIqhK1VgZExpOjJJ_s-l5bOdjQbIvsKIO4RoMeqi-S7RZh6CXMKPGbjEfuOU4KIW3y5nblh9XYJa4f9emGe8v4GM9TaAJpxTlL_-RDnWmnwflNZwiFRA-4rnKp4ExZLS-kTI1BFs-pHrN_NXz74RwCyTuLq1jY-gZI0JGiM_Sj7_iu-9NNraT1-KQ2KSrvuh6YfhXeY_1JIK-TJjSiokqrd5cwuwno8y9TW-ZfXXL0vrgmstthl-wr7yWjnMF94zL7FIHHQRKsOQXFOMUY42PgV4it1bdcF29n7Rtndk5T9zjbkUbwafRHZIgORWJf71eC7Xlf12S2BoMeKgPhCficqUc-YoH6DwcJGJ2Ipo-KFRVlBzttlZl7WXmOfr0wGnoEdM_N5uEy9z4i5WEgSHaJVXL4H_-WhaFh0Vj-n7XCZ_vyej-Y9qbv2vKJUXf3ewvHk5Xuyd02HTPuAgSE6vvGUa4wmsBPiGI7O-XKzqlLbSiI6J8mFLw_MBP41zgQYxQg1WjPCEUgySuKu8dGSk6DEsiIExIP5ZZX9C8Q9WfT599XVDoV99TCuv_O3B-jhFEtiMK-pe6BaYzz24nn2SLva11P7oj_19qnJ5R-VZ-fKGjjqbaE59CD-1eTBmAacgvlLYE1GslATGkuPlC36zCLS-iHidjiIClrhrriWZiODPoKUxCU3IZmwx8alMIg7DhPg5exRDysXgEynkUJ2Uh1C7FfCPumVgSZx_0kfzo04CzN3LT4BwkCn8OElAp6zpw_J-UQBt43kD_fBBios8H_ahe688asn71o4FoBvSDHP2ScFNvdW4F3Oa1BM55UEzdekpiYE4So82NyQrVQiQnFgxl3BDtX_j9LHT5qXldD-jRKFXf8tFNh44iraztDkegsuVGMLJD3FDv1T7B-r4wwc_M0q75GAs_0p0XmJI4mVqq_1Ghb6-xB6iq34K-qk_5hErHP0O67KoLEUPShDQKeCRgtCy7YOQF5e-8G_2hTxLKPil4e-vgsZsfy3MYG0cnfkaCbf_LTLPa_zH8d30_j5LKt-FmNb63rK4p2xZ5XK9JKQtWf44fjnichskUzTbevx0_-vuCP_uq_unohN2JtiBS7gHks6cXfulY0SrLoe3o5o8XZbtVSN3VrxeC6xLcPUTrox7sah1TFBmxwSG0T3jzFm2hSJlTswPqRRa9evT9xvvQh437mFNCubwsy41BCv1_GiKKjZS7Sga1NGxc0hNSP0CvOZgApvH_-h8074LIEb1BrQEv7zk0ppbZstnGbw8eY2ToP58b6eqflkgUrKqmtcEvqTLYnb-h5CgAROhfflHiaHXhMdya_wAAk3eo8EXIQqH8i_1xWN1RYm_Luv55GkwxEJGMg_NqwhjdR4efBNjaDEE33UBCqO-bHfJTKV2TRmgL_YGlBD-Ni-ofgBRRD7q8aGpcKPWDqDavrVEAkIztx7ED2AW9E3gp7nDYDmVgiSH7Jc5lPTF16sDjq3j2987vjmZwxRIG9hSypJ_iExFdTtAOVTn07lvlnFjxiChnJxbdzsKTmnApFuxRNrPFCiz0wIlbdU360j_e5OT1BC_iPRjb0xOizG-nqaWgdCGmoX4rxs2a1gwvYpK_0YisDyFyEjlqllgMjunSZ02oZs_PQZlD7HDRRQOMgvqilt9ZmltyCUW2f3So653w2zIqTQ9A5OB8I0_InKZnrqUHTkLtIwoAiTA8Gn20oKlNKHV1A78z1lfFydEh6fb3-VmuIr7LHek-7mRcU5iQ&cid=CAASJORo9kByNQxC3l5deFp943djSotQTE4ScrEOU0uZf4_28dkoag&vpa=click&vpmute=0&sdkv=h.3.520.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&gdpr=0&sdki=44d&ptt=20&adk=2401209937&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.520.0&media_url=blob%3Ahttps%253a%2F%2Fsubject.com.ua%2Ff2982a04-1d58-443f-92d2-f1a0fd5f109d&sid=188AC43A-026F-4617-A6BA-D7AC0CFA2ACB&nel=0&eid=44754420%2C44760950%2C44761692%2C44762904&url=https%3A%2F%2Fsubject.com.ua%2F&dlt=1656988764872&idt=1541&dt=1656988767969&ged=ve4_td3_tt2_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.520.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f155.1e100.net
Software
cafe /
Resource Hash
146bf0a1dc3487c76d22ace07fdf3c668f7111c5eb4167d203d22643827b7287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16167
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
partners.tremorhub.com/ Frame 084E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm&gdpr=0
  • https://partners.tremorhub.com/sync?UIGL=CAESEJ9ma6h-eYX7BH_i0cDIP6Y&google_cver=1&gdpr=0
43 B
183 B
Image
General
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEJ9ma6h-eYX7BH_i0cDIP6Y&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEJq67dUCGIHZha8BMAE&v=APEucNUDfUP8vNOn35ZjDGGcrpBw8lREQNOaCMrOQvBrik4TV4UqFY9G3MZnFqL3IuGqeSVBpEYd5gAG72En6G-pbzuGR8nXjTr3FRdRLuw5ISP_5QHvI5k
Protocol
H2
Server
2600:1f18:612b:4264:ca97:405b:dadb:b691 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:28 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://partners.tremorhub.com/sync?UIGL=CAESEJ9ma6h-eYX7BH_i0cDIP6Y&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
294
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 084E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm&gdpr=0
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEGIhIjLaT-DxXGgpvuhU88w&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEGIhIjLaT-DxXGgpvuhU88w&google_cver=1&__user_check__=1&sync_id=b0c7f50b-fc0b-11ec-9505-1fd522ee0206
43 B
548 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEGIhIjLaT-DxXGgpvuhU88w&google_cver=1&__user_check__=1&sync_id=b0c7f50b-fc0b-11ec-9505-1fd522ee0206
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEJq67dUCGIHZha8BMAE&v=APEucNUDfUP8vNOn35ZjDGGcrpBw8lREQNOaCMrOQvBrik4TV4UqFY9G3MZnFqL3IuGqeSVBpEYd5gAG72En6G-pbzuGR8nXjTr3FRdRLuw5ISP_5QHvI5k
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 05 Jul 2022 02:39:28 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
17
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Tue, 05 Jul 2022 02:39:28 GMT
Server
nginx
Location
/partner?adv_id=7025&gdpr=0&uid=CAESEGIhIjLaT-DxXGgpvuhU88w&google_cver=1&__user_check__=1&sync_id=b0c7f50b-fc0b-11ec-9505-1fd522ee0206
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
79
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 084E
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YjBjMGE0NDQtZmMwYi0xMWVjLWIzODQtMTU1ZGE2ZmQwMjA2
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YjBjMGE0NDQtZmMwYi0xMWVjLWIzODQtMTU1ZGE2ZmQwMjA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEJq67dUCGIHZha8BMAE&v=APEucNUDfUP8vNOn35ZjDGGcrpBw8lREQNOaCMrOQvBrik4TV4UqFY9G3MZnFqL3IuGqeSVBpEYd5gAG72En6G-pbzuGR8nXjTr3FRdRLuw5ISP_5QHvI5k
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 05 Jul 2022 02:39:28 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YjBjMGE0NDQtZmMwYi0xMWVjLWIzODQtMTU1ZGE2ZmQwMjA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
129
Connection
keep-alive
Content-Length
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 7140
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
Origin
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:39:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Jul 2022 08:39:38 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/ Frame 7140
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ABiZDXdx0ZkKYmmnFJatPj8UH3-zfR_Qo7I5FgRjSibqPOxTMwC4aRcbp9yhrXLcSAn6PGK1KLyNKPN_nTnw_nX3RH5GDuyS3QA97cUBjT4xFxzwaVgOhyrjklhByr3L6ioNFsxMRliMnSg3ojgxj_Aa_LLg&dbm_d=AKAmf-CHKWjRs3bLkZwp7ejU91eCJgiHqsxhwHZbW5TjWaR61r0dHfV6_Ddt6RQBRzp0T0hKjU3MKewOyR19m77dK4XXOqmsFFV-9hFLQTW-R41i658d7RIzqUYS-vWKdwEM_Wttj6CIBhGjg1tlFRMEnmeMJq0oxapAPawnIiiMyZI2Kz8dXHliZBDmkqUjbypc8j78GdfsqHGPnNYNJq4H55PbS-ZDSm3ZByTvtBeE6MYctJ7NVHrhAlHe3m-xtmI8HJtZQELqp61ynAggMjDmFaBuLcr0FSCl6u_RfZytJMkfJnGbvt9c0AdmPE-_IgEbwEjMPOQ323yI_e9a50fa5zywpjP-CWozNmBUP4BdMa2FRAE8b-Isq3_YAmfyZiW6kbeastrM_gE8NG7avQsfM3LswBbOADL_v3yDvZHIVNBg_6SJTLjVL-3_kmUl7BJrcb3Msm0C1t5UIwZyL-UAmhi28zpO2AvVbdcAraLoRq4NmLAPQVGjmregxCPnZ7NrbieDDx9d5QZp-azAcSl-EufULYUCS1QZE1NAjH0NGDiQYegEkfYiID5-5xEAypEY_fFkbakIsmNtZvzYmtgSQV2hkfqk1XYfjUABOjCOuAKRNECvS57sHq0cyPQettiGVAbDqc7w3reGqnBy3ULDHwVMyYgSiET7yYaVzJPD2GvjZSSlJDBHeUa_24qnEPLyF0sBwRurycNR9OLbQK5X1zu_muRiLLWhsYXWOxPgMhYGiUawe9AAGoNTvy-K0FAo1wsYKI4sEOqKzspLDP7WT_5o8Az8T0XxbaBnZ07eM0_p5kl9bQEiVeCHNve2ZUFJplFVDHLlfakF_gRxF2utCZwANMHQ5UHhChRthkTlVHE9GYtrKaK-i1NplyZqJ3tbWBccbKgoOIF79x4cHv93XqJRc2Mgat2IQzmPXH_3k7HhgiZCLSb7XoqqjBpIjQyBDl6dw47xrHE5z4MrhdevFde0bxLHS9Zf4kCJwtXJ6E7jCMknoAQ4JwFJ__kqDor73tMKQufw1bg7YJGErgdgDB9xZ-xMDUhfxxmpRNvGKSxQdMVTpgJU9gEu-16MeaiXenumY1KUeFoUJG0vnqZ_ehX1CgoyOWd46wA_e8_oBfKZSWanSeSJSw3UtxuCOLW0mXPYB8nqKRog4rA-4YV85qe69fn41t33mtKizpaGzh5p5caLfOHAHPwcOjd_RfKzeYbsygX8emrzV_CrBL78ThFmGXEm7OqqGiAXHXA377uglOa3NN57JDsYzXSUwms2Lm3DwwbLxeHvNa492YB5QEPku9-VHg4JxGnYt4iHfTsPNhFTyHDx3oyd4pveeREsPJ1h8xTQlGSUckRic43WHuuTV_9--aq6E05Jul-8h75wzKrvL-rR2g8NPu5jCRKzgRvVucOA12BAQKHrg5ny5k6jLKktDrT_bkws4I4q5dI-vl1mxVQuTZ0JOMF9vBBrWIFrpgAudzWLi6dxrygs_IjuP2f21l2LGxTQZo2T41c4JpEEMQh-P7_qhYzC-AgMwpmRZ797EdeahDXrQ3b55duUZavf35tnA9UQgC3yxYmvaRjEDh85BCvaw5mSIZYO_wCed1r1ylht7_Ed3SxG5oogrQHQMnTQ22MXuPigt6vV6RPD3Ye_yTGLQgMNRgIk3mL5HcH9WnDwNcJuosOue_NPp9UyIBUBby-TxHvPbyLatJeu5K8v-Y_KhUDdLJrr24JOElNz0vVG_0G1uoHYJtDcv6WDRQfMvhs5wTFgUccz0rDLaFjeW6akeZWnChoAI4SGNswdUlPvLeOyPUWsm_9O2OUZ44US8jUjigTUhYiBpxLGtAV5W-nzHKGX3k3kq3DmDp1yHVzrDknepN3Erv7Q09wT06di6sMSM1Vxau17me4MUJYJC92F8sfDArujwOrK-AOmjkz60BtewcDsF2GwSPNej6IfqnMlgcBcJG96zZLo8PQSEmUj5WMbEKFuHkbvRv99h3TtFaWssRKrlA98Yq7IAZ7l3SDpF0lB9REvUJhT7D-M4eBt8YwnzLs0ThVYzcle-GUu4VP2QqUXH1xUb6Gizma39tVUGiBake82NRiDpExMXILbkUdYFACPXWw8rGJyeaj5azaEyIGCMn91QCArJUs983hyfkrfw3c7xbeMzKDCLGqtmtfC-aLbzCm63mLqoqLgGKmEmMlT-88XeTSH06rYbtnTntJwnQHANC2UHyAA9WFDj71jVu_vNBVu6NEtsXC6DSuZYfrkmA3KmdT5oUOFX3PG-3Z5u83K_KV6aXpD-zoV8VwqFRbxnRY-M4so9Iw_Po4zys6W8G_vKHTtPzIZRfIywRjzEM5FlD-SpptDRkPCW8IQe_6u6cFjuVOrtR240rjxL-FFKvqCStfkVskeqqA77tJF8i_AbLf7R3HuMikCKYbzk-AO_XzxlGjLQiAQbVPrHXf9Gug1AioV_cGrFZ2qUOqA2KOxIFX-rN338OjbfxHoyM2jyDLVWciPR8vpQLMtnfh-oU4KqD7Jhey0YQk29C7ItDVGgIrVVjn5fuxEF8wsA6hglF_D2OMe5mVO5LCXzl1tfj06a9nmQIR-NM9ENFbSG67t8mTXlNxSY0wgiKH9ZYf8eP56CbfeRSpbePQg0m_NTut_HsspKaA9JsaWvzDg58PzNtAUo306NpVrNrBq19NG-PiUTR6U-VgKlWKM9jC_ud1IDZ8_3prL1d1hrOolyJZyyIhRlxZOJDsmJKHG6gRXpW_A2paWjcBIRvBAeBtIvueOPLoKtABoyoY84K_3jZtp2qMC5qDO2A7dUKa3Sho-y48U6SvM2ZzMnLyNhEYqHIuosbdkh_JNvmWtZ6i_EziPmVbBSgwnM8MmJ4Asi7uqVUVQQ30jb9yXSCmq1SUrKjlXyo1tZfQsxSO2XYGE_TgBSjjsnzgy__FDQUr8Xllq5suX_KTdWbJLBHzS6LB-oZWHL6xqkpd8kYHOzQJuYdmfCKYNSsx14sU6gLPJsZQ_2FIOXLl7goPtCnsmbhNYtP7mV1cNVoOycPwi_JXiGRwnsxD1pc0Po19VNG6DoZ0Fn7itHRs4mM4vgybjitKqIEhtHL2hPSQ03quubErQoOgCdvZWL_dmB9rjzYfviLh9E_Wa9o4M-rTvGDcGGRUwKRdo8jmbwg7vf-cXXk8NAoxFcCwTGGb-5EiyBOh6ch0LRI2PZZnoUsRMoKjk8qcLL2YYlo9IRUTdNWhQjL-J_VbPcaU6x4kdkAXV4cNVoO8G4uWEwxn0bznVbB4trlS6aWQy7OQxumdCG7k9KpmJz6SpbaU55zUc69Akt4QJtGk2YnJUKqOFJAlSf2UV6Jh4KAfa88cxJ-I_pno-OWy_zw2Q7EHs0wiAww14XqPbLxqbHvXI0VGcts5VMrQKQziKB-TC47PgW0B2gMhqV8tY_SkURwcF1u_PKwTMkHZUp8AYnVBLjGJm17WoEW1qBCI3lp9TFev67XRrm1F32zb5oGK41zoTPAd7EJLadc0B2y1fFmXXftnNBzbeg51mxbIx49-eJarDD7qCM0-8uA-YEpcE1VcXfCAENMl6ZYb2ItYYDn0KE8DcUfRY1JVsWQjU_s4EbzrZ0RbrIlx4kINu2YMfGhokpP4bL9kNbQelMG5nB36ciLZ8iIGQ4a5RlUoVZTgDQslnovCQwTjk7J_RgrKIOznDdZJmWoEp7qbcvlJ_mOxwXJ4b&cid=CAASJORo4cTYu7rckA_S9drZZlCOkwRboxU4A_GWgE8erU5ZYJf7Bw&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 19:43:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24947
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Jul 2022 19:43:41 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 7140
27 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ABiZDXdx0ZkKYmmnFJatPj8UH3-zfR_Qo7I5FgRjSibqPOxTMwC4aRcbp9yhrXLcSAn6PGK1KLyNKPN_nTnw_nX3RH5GDuyS3QA97cUBjT4xFxzwaVgOhyrjklhByr3L6ioNFsxMRliMnSg3ojgxj_Aa_LLg&dbm_d=AKAmf-CHKWjRs3bLkZwp7ejU91eCJgiHqsxhwHZbW5TjWaR61r0dHfV6_Ddt6RQBRzp0T0hKjU3MKewOyR19m77dK4XXOqmsFFV-9hFLQTW-R41i658d7RIzqUYS-vWKdwEM_Wttj6CIBhGjg1tlFRMEnmeMJq0oxapAPawnIiiMyZI2Kz8dXHliZBDmkqUjbypc8j78GdfsqHGPnNYNJq4H55PbS-ZDSm3ZByTvtBeE6MYctJ7NVHrhAlHe3m-xtmI8HJtZQELqp61ynAggMjDmFaBuLcr0FSCl6u_RfZytJMkfJnGbvt9c0AdmPE-_IgEbwEjMPOQ323yI_e9a50fa5zywpjP-CWozNmBUP4BdMa2FRAE8b-Isq3_YAmfyZiW6kbeastrM_gE8NG7avQsfM3LswBbOADL_v3yDvZHIVNBg_6SJTLjVL-3_kmUl7BJrcb3Msm0C1t5UIwZyL-UAmhi28zpO2AvVbdcAraLoRq4NmLAPQVGjmregxCPnZ7NrbieDDx9d5QZp-azAcSl-EufULYUCS1QZE1NAjH0NGDiQYegEkfYiID5-5xEAypEY_fFkbakIsmNtZvzYmtgSQV2hkfqk1XYfjUABOjCOuAKRNECvS57sHq0cyPQettiGVAbDqc7w3reGqnBy3ULDHwVMyYgSiET7yYaVzJPD2GvjZSSlJDBHeUa_24qnEPLyF0sBwRurycNR9OLbQK5X1zu_muRiLLWhsYXWOxPgMhYGiUawe9AAGoNTvy-K0FAo1wsYKI4sEOqKzspLDP7WT_5o8Az8T0XxbaBnZ07eM0_p5kl9bQEiVeCHNve2ZUFJplFVDHLlfakF_gRxF2utCZwANMHQ5UHhChRthkTlVHE9GYtrKaK-i1NplyZqJ3tbWBccbKgoOIF79x4cHv93XqJRc2Mgat2IQzmPXH_3k7HhgiZCLSb7XoqqjBpIjQyBDl6dw47xrHE5z4MrhdevFde0bxLHS9Zf4kCJwtXJ6E7jCMknoAQ4JwFJ__kqDor73tMKQufw1bg7YJGErgdgDB9xZ-xMDUhfxxmpRNvGKSxQdMVTpgJU9gEu-16MeaiXenumY1KUeFoUJG0vnqZ_ehX1CgoyOWd46wA_e8_oBfKZSWanSeSJSw3UtxuCOLW0mXPYB8nqKRog4rA-4YV85qe69fn41t33mtKizpaGzh5p5caLfOHAHPwcOjd_RfKzeYbsygX8emrzV_CrBL78ThFmGXEm7OqqGiAXHXA377uglOa3NN57JDsYzXSUwms2Lm3DwwbLxeHvNa492YB5QEPku9-VHg4JxGnYt4iHfTsPNhFTyHDx3oyd4pveeREsPJ1h8xTQlGSUckRic43WHuuTV_9--aq6E05Jul-8h75wzKrvL-rR2g8NPu5jCRKzgRvVucOA12BAQKHrg5ny5k6jLKktDrT_bkws4I4q5dI-vl1mxVQuTZ0JOMF9vBBrWIFrpgAudzWLi6dxrygs_IjuP2f21l2LGxTQZo2T41c4JpEEMQh-P7_qhYzC-AgMwpmRZ797EdeahDXrQ3b55duUZavf35tnA9UQgC3yxYmvaRjEDh85BCvaw5mSIZYO_wCed1r1ylht7_Ed3SxG5oogrQHQMnTQ22MXuPigt6vV6RPD3Ye_yTGLQgMNRgIk3mL5HcH9WnDwNcJuosOue_NPp9UyIBUBby-TxHvPbyLatJeu5K8v-Y_KhUDdLJrr24JOElNz0vVG_0G1uoHYJtDcv6WDRQfMvhs5wTFgUccz0rDLaFjeW6akeZWnChoAI4SGNswdUlPvLeOyPUWsm_9O2OUZ44US8jUjigTUhYiBpxLGtAV5W-nzHKGX3k3kq3DmDp1yHVzrDknepN3Erv7Q09wT06di6sMSM1Vxau17me4MUJYJC92F8sfDArujwOrK-AOmjkz60BtewcDsF2GwSPNej6IfqnMlgcBcJG96zZLo8PQSEmUj5WMbEKFuHkbvRv99h3TtFaWssRKrlA98Yq7IAZ7l3SDpF0lB9REvUJhT7D-M4eBt8YwnzLs0ThVYzcle-GUu4VP2QqUXH1xUb6Gizma39tVUGiBake82NRiDpExMXILbkUdYFACPXWw8rGJyeaj5azaEyIGCMn91QCArJUs983hyfkrfw3c7xbeMzKDCLGqtmtfC-aLbzCm63mLqoqLgGKmEmMlT-88XeTSH06rYbtnTntJwnQHANC2UHyAA9WFDj71jVu_vNBVu6NEtsXC6DSuZYfrkmA3KmdT5oUOFX3PG-3Z5u83K_KV6aXpD-zoV8VwqFRbxnRY-M4so9Iw_Po4zys6W8G_vKHTtPzIZRfIywRjzEM5FlD-SpptDRkPCW8IQe_6u6cFjuVOrtR240rjxL-FFKvqCStfkVskeqqA77tJF8i_AbLf7R3HuMikCKYbzk-AO_XzxlGjLQiAQbVPrHXf9Gug1AioV_cGrFZ2qUOqA2KOxIFX-rN338OjbfxHoyM2jyDLVWciPR8vpQLMtnfh-oU4KqD7Jhey0YQk29C7ItDVGgIrVVjn5fuxEF8wsA6hglF_D2OMe5mVO5LCXzl1tfj06a9nmQIR-NM9ENFbSG67t8mTXlNxSY0wgiKH9ZYf8eP56CbfeRSpbePQg0m_NTut_HsspKaA9JsaWvzDg58PzNtAUo306NpVrNrBq19NG-PiUTR6U-VgKlWKM9jC_ud1IDZ8_3prL1d1hrOolyJZyyIhRlxZOJDsmJKHG6gRXpW_A2paWjcBIRvBAeBtIvueOPLoKtABoyoY84K_3jZtp2qMC5qDO2A7dUKa3Sho-y48U6SvM2ZzMnLyNhEYqHIuosbdkh_JNvmWtZ6i_EziPmVbBSgwnM8MmJ4Asi7uqVUVQQ30jb9yXSCmq1SUrKjlXyo1tZfQsxSO2XYGE_TgBSjjsnzgy__FDQUr8Xllq5suX_KTdWbJLBHzS6LB-oZWHL6xqkpd8kYHOzQJuYdmfCKYNSsx14sU6gLPJsZQ_2FIOXLl7goPtCnsmbhNYtP7mV1cNVoOycPwi_JXiGRwnsxD1pc0Po19VNG6DoZ0Fn7itHRs4mM4vgybjitKqIEhtHL2hPSQ03quubErQoOgCdvZWL_dmB9rjzYfviLh9E_Wa9o4M-rTvGDcGGRUwKRdo8jmbwg7vf-cXXk8NAoxFcCwTGGb-5EiyBOh6ch0LRI2PZZnoUsRMoKjk8qcLL2YYlo9IRUTdNWhQjL-J_VbPcaU6x4kdkAXV4cNVoO8G4uWEwxn0bznVbB4trlS6aWQy7OQxumdCG7k9KpmJz6SpbaU55zUc69Akt4QJtGk2YnJUKqOFJAlSf2UV6Jh4KAfa88cxJ-I_pno-OWy_zw2Q7EHs0wiAww14XqPbLxqbHvXI0VGcts5VMrQKQziKB-TC47PgW0B2gMhqV8tY_SkURwcF1u_PKwTMkHZUp8AYnVBLjGJm17WoEW1qBCI3lp9TFev67XRrm1F32zb5oGK41zoTPAd7EJLadc0B2y1fFmXXftnNBzbeg51mxbIx49-eJarDD7qCM0-8uA-YEpcE1VcXfCAENMl6ZYb2ItYYDn0KE8DcUfRY1JVsWQjU_s4EbzrZ0RbrIlx4kINu2YMfGhokpP4bL9kNbQelMG5nB36ciLZ8iIGQ4a5RlUoVZTgDQslnovCQwTjk7J_RgrKIOznDdZJmWoEp7qbcvlJ_mOxwXJ4b&cid=CAASJORo4cTYu7rckA_S9drZZlCOkwRboxU4A_GWgE8erU5ZYJf7Bw&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
511
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10545
x-xss-protection
0
server
cafe
etag
4672069523611413616
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 02:30:57 GMT
container.html
db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 97E6
6 KB
3 KB
Document
General
Full URL
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Jul 2022 02:39:26 GMT
expires
Wed, 05 Jul 2023 02:39:26 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame FE71
186 KB
48 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Jul 2022 02:39:28 GMT
index.js
s0.2mdn.net/sadbundle/9268526312242492323/970x250/ Frame FE71
46 KB
5 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efe8f232291b3ef2a18f647e542c85123f12ea046bf8e0ceeee518cc00f47218
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 20:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22054
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5005
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 14:08:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 20:31:54 GMT
count.ashx
run.admost.com/adx/ Frame FE71
48 B
48 B
Image
General
Full URL
https://run.admost.com/adx/count.ashx?pbk=487771-341371-62268
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.54 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-54.cdn77.com
Software
BunnyCDN-AMS-883 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cdn-edgestorageid
883
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cdn-cachedat
07/05/2022 02:39:29
cdn-pullzone
381479
content-length
48
server
BunnyCDN-AMS-883
pragma
no-cache
cdn-proxyver
1.02
cdn-requestpullcode
200
content-type
text/html; charset=utf-8
cdn-cache
BYPASS
cdn-uid
79355934-3932-41c0-9817-733cc0c4d7a6
cache-control
public, max-age=0
cdn-requestid
2b8aba81876c274e56d8652c681042a2
cdn-requestcountrycode
GB
cdn-status
200
cdn-requestpullsuccess
True
view
googleads4.g.doubleclick.net/pcs/ Frame BB59
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7SSWYy-sFLUgKbqZQjR5cl6mMg3UtbysQ75Uxx1lMScT9u8N4T-3mYjWY_CinGTwIYofbvuRAeV64zrkMWhkFqfz5XP2zv4Vg78qI8qY9SVolrs1JmXGDUKMAqhksoHl96TrH0UrZWx1PXFQZHJBKLXARUL6QWhJFS52G369WOp1dCUSYpVGgGbeLs_AYUOPyxUyT2MbiBYcrXgtna_lKzDY3Nk5uud4tyZVkkQe37Y2d5lL8zVhUAIQYtaN9PJk-ewVPu_CXuiysRp5pgiBEPhcwe1XxyIREO0fpcxpJlT9AN6IClSEIsQkSZiDwC4xuYMKkXwcck7osRq7kEMb4pGs6puAtlV1C7WQYN2xr73B5agzC2y9ZpA2Nip-K5uDb9mEFOFuXOgLdmgqpBryEc4T8TvLhUj9tMx24urqbxaf9a72HU0AFnw_C2gQXGkRVN9phWL5Dd4omenUkXpNXUFPfU_32hfBWti29_Bz0VcMpHsKdYxhwzy9JGsBnZkvv_7FnDQTw106RH4sDkUXOcZTP6vZOgFG2wGWjQKfAyxq-Q-XjAYFJZY1uplw03BlpsdMeHqHbcyZjC2JnBhQynj2KPuXkVtIPCenGkewk1hoJcAYq7mTqmuFO5uCsFe9eDh5fG1kskhF4k0yA05vhL2Op2dyFXwkvqXWCkpmFc5cR-tZ0CWH4jUpZhUoyhB8vHYrfOvjwX5aYX1-1vKKwN51_XP8MkA4e5MjipadFoUQ0vgO3PPMhxYwW56l6eiPn5FXekjbTpo5gyjimE-yTrXXaGgMSay4CHYUFG3OWCjbIRuw0UqnjB6muqFt8V9HJisHgB-d75PyTulMW5Xnq5Q6Et9bDPl0dqaYaMGKdH8qSdYJ_3png4k7QlNHGV8hIq_Bujdtj353SThUqTixBuBqca_h6jXEXJshsM_7y4jARsIluGGXT7zU7BxNCkoGyg6tLWs2H004Uz_uXMAp4uQVXrWNXQmWgFmVNc8vzaHLX_DYLE8we-9PNaTwkydEZH1HY3_5deN4yiIeCusNWNSQRALVwGchGd3KqBhggtYhQ9JLROefEhcHqFntgo2qTrsVfYZpdeJnYUpvUwA_lQK7YZkla5bDoPk5pae-tsnvoUzFGee5_24zQIJUnHypc0PPmunFPEs3IDu2V9HuLNXzdmbT_CGydZrlQkT7Nd600kvrfjgWtVDxCkZF2D5EnxqMoqB6aeLeEvKGC6O65ozpikKkd0ISft-pLbx1B8kkJVpkGXP46ZQfn2V68iFDG8Tjko69mWPleMZFp5FS-gVRYs4GM&sai=AMfl-YQCGjn0Y4G0sssqLRNP3ZtNwT3UbmYx-r43RHmT-Nz9PCNfQBaaUGLNM2w_CUl7_wqdTX8WuMiLsjykue0Zmg1Tb720DUiJKwsYMU2Ih6OEHmIyBuvadZs4R-_IpUAv_9Bn3chyHpTNqTkGCRf9DAH2pvKSSpl7sr9V0Y-0JrqyUcb5a2L9UgQ6kZN1qXATJpzZJMeWdvJRf2i45FZ7ew&sig=Cg0ArKJSzL4j4f4Ppq9lEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=738&vt=11&dtpt=431&dett=3&cstd=303&cisv=r20220629.62654&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 02:39:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 476A
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
53349
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 11:50:19 GMT
expires
Tue, 04 Jul 2023 11:50:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3A4C
7 KB
5 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8318addea8dc98b34232112ba1b5e29751cfeb8c8ac76b61570e2b7c840bef1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 02:39:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5592
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9352
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDlrHDeGNhXmL8ubdH_lesY&google_cver=1&google_push=ARnp8GCz5tG1Xab95RnYU6vpf5YGUrBAeznhu0lYY_xgyKb0s0AUZl6mQhMm9H_GN9iYv5nNmWbAMkK3g0ZCkW1VyuQ-p39xvpc
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzYxNjI2Mjk4NjMwNDgxNzQ3NQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDlrHDeGNhXmL8ubdH_lesY&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDlrHDeGNhXmL8ubdH_lesY&google_cver=1
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDlrHDeGNhXmL8ubdH_lesY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9352
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBO1qa6h7Bxqn5WMycSXsvE&google_push=ARnp8GDAfEV5UzDgaI370b3TZ8ZweVcge8m7vNhxWaCboW8m9nqD9oM4tQ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBO1qa6h7Bxqn5WMycSXsvE&google_push=ARnp8GDAfEV5UzDgaI370b3TZ8ZweVcge8m7vNhxWaCboW8m9nqD9oM4tQz_gP9l4rnUxWtohHf7pMIU7v9bjDCOXWqSrP3qnaIn
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1656988768.237329,VS0,VE80
x-served-by
cache-lcy19243-LCY
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBO1qa6h7Bxqn5WMycSXsvE&google_push=ARnp8GDAfEV5UzDgaI370b3TZ8ZweVcge8m7vNhxWaCboW8m9nqD9oM4tQz_gP9l4rnUxWtohHf7pMIU7v9bjDCOXWqSrP3qnaIn
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
match
um.wbtrk.net/doubleclick/user/ Frame 9352
0
0

pixel
cm.g.doubleclick.net/ Frame 9352
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOsI8qeUdPb0dLQAVi_De_8&google_cver=1&google_push=ARnp8GDYEpPBtqqYe_34-RHIP92yXcRnyy7DHXrjY-dxwUswb9vqYaQurUCiQJMmYRxXw7OJ9f9JzAK_XNYL5f2VxIoFOTx...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GDYEpPBtqqYe_34-RHIP92yXcRnyy7DHXrjY-dxwUswb9vqYaQurUCiQJMmYRxXw7OJ9f9JzAK_XNYL5f2VxIoFOTxseSlx&google_hm=OTMzNjE2MDE4OTk4NjE5NzYx
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GDYEpPBtqqYe_34-RHIP92yXcRnyy7DHXrjY-dxwUswb9vqYaQurUCiQJMmYRxXw7OJ9f9JzAK_XNYL5f2VxIoFOTxseSlx&google_hm=OTMzNjE2MDE4OTk4NjE5NzYx
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 05 Jul 2022 02:39:28 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GDYEpPBtqqYe_34-RHIP92yXcRnyy7DHXrjY-dxwUswb9vqYaQurUCiQJMmYRxXw7OJ9f9JzAK_XNYL5f2VxIoFOTxseSlx&google_hm=OTMzNjE2MDE4OTk4NjE5NzYx
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 9352
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Sws9o6aUT3ivtiswqNX3rw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Sws9o6aUT3ivtiswqNX3rw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GBC1UsGmmJBHxYLe5NVf85tvFM6neWiT_617YDLdRMPUMIJMnMJX_mK8PjzPipz3ZkiqwHm-k1xODaACe0C-hhU-lyJnGM
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Sws9o6aUT3ivtiswqNX3rw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GBC1UsGmmJBHxYLe5NVf85tvFM6neWiT_617YDLdRMPUMIJMnMJX_mK8PjzPipz3ZkiqwHm-k1xODaACe0C-hhU-lyJnGM
date
Tue, 05 Jul 2022 02:39:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
sync
ssbsync.smartadserver.com/api/ Frame 9352
0
75 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBOkVo7SNGpW4T2hjOcuxFk&google_cver=1&google_push=ARnp8GDW2sjoD4ouZ_LbRmPqbRzN0GJEaugN4cHeJOXkPNB8GDHta23cvkqKcHfeFhFA256o1FkJBQJ0AyAqKUFSjjM7WYC5Cyc
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.108 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
content-length
0
v1
match.sharethrough.com/E4rooAtA/ Frame 9352
0
35 B
Image
General
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESECHn6ZtVjiO9imNPZObjwiA&google_cver=1&google_push=ARnp8GDkVMuRQd43VD2M9bzJWFK-b248DKHeprF-R-HuzvXgGwVVb1ScSzzYZO1dHFVSKhhPga0RVCyR9aoBJYl2pUSoYxhJKK1DDg
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.215.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-215-198.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:28 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 9352
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IJizBWROznL5MHVw5E9mW3Yrt70xWqkO06_KOyRDghClUg1BCyn58-429GTubZxfG8k38QfQ
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1667
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-yAAX6TDYpa-EpbN7_UP34-6mAgAAAAAOAHgBAI&bg=!kJOlk9fNAAaLlKKnq5Q7ACkAdvg8WhevVQ2N5pA1q-PYf1swYMhqCl1VN6e73atnFaobRnzTZRFsiwIAAAE-UgAAAAJoAQcKAE3cGXK5cKOxhSnyQOc8pu-Im-O-XlwFKexBmvRYtHeZkB0Ghm9gtslOBPosKoOW82ohdFR5CfzA0UL5zdKtx9u6kIpPkqF01TptlVycupkC3OQetysnK9sl4jD55caFaQumB3O68fhWry1T4JJ7EoS1EJy8QHJpxiwArdVVdiwn6StfXkERsIPokw-yu6n0lsCx4Gu5nktX6FD4r5wHLqepBlX2jBhGeV_kGJBwq2WfK4UGRKWi3PXjqOiwUpmGpBH-9DcY6fpI3sRsamQOZNYfcqiDwDMLS0hnbVg4ROIiy0BqCvUcthDEeX39LkYlgIDThv6RM8fyg8jzdkFHHMvynVuqpgibve_ErWLiPpL-UYw1W4J228O0z4rwdA1hkJTuJRbtMoJtODuNmFaE5A6F8uudZdDQKEV999Im9ixspFUg4N2kceLio_vt5NU7_0QYi0QwjVhnrJvAQcO17g-AGBCEEPhCDl6JVmlqlM3Y2lRaD1c6NtvIyMsLnroL5b45sC1GASDT1J0OXhuatgcVt5ePf_oialbCUElkhaXVzQjhGdjxsqkDiF9NpqaS-snvwWlyqdYXMUpvUmM7D_cI5jG26CwhQD-aUVExziPyqPQyLSGrwfwcSh9422QVdVXIuJMt3U1GHLhEzYmKPltfpumGcvqhVhx2Y7uP067hdJ6zETB-D-lETtSXyLfb8BLC7a86oTccKkjeiJ4Zsc03DbgN2m-ldwnDUswsV_vqbQVGjnfjyHGFU7NnP2EA9WGra5Sv4b-B_Vo9tFArYw0Sk0jpWpxP865fU30hWD8pd_XBZ2rxK6MP4I1eHwnIToONYNHMPntmOOJbSu6J0N2PpCkrpn9vFC6TSV4n-AtZJH5SKuntHDYQzUAkWPvsSybkUFWxYJl5xL6Mf-z709svBtNnnwcfWQKOf9ARHHrfEw7PCb7XiJFu1wQqj3fg1hDdv--SkOHvU4xIH7FoXdvepat0vXpOK4JHZP0zF0h6roPhTTbDAF1e3fKX0EKhvOSo3tzLzvFKShvSkO3udhuIXCserF49m8kxFF2UPGRO4m_lHGUn6P4T5iUktQ
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/14714734884117237288/ Frame 4A97
17 KB
3 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
855141b72447ad59625d3b45984ff3c1e829eb5a15bd5bc0da1f8f7263349a2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
59889
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3503
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 10:01:19 GMT
expires
Tue, 04 Jul 2023 10:01:19 GMT
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7140
0
27 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuRhfiZp0SfZSUzQ2KAc2GkWJii0kzoB1mq3aLeFKrXLHIplcPexA9qX9rvGDbG_11FhJ7xMotsbrHC8AfMNnHs3IObQbExokSaPxuy6SM_SoH25WhrtPECLp21oSezsUmSLKp6XW-uVDh3xCNqpSG1sjMBMrRuo85hfNtiSkD7tJJcUINo5mnLbcPpcdFG6XsIddgG_PEBGkcHKzBLj09rHRW5yd38yL0Ghh40Y9bmQFxMqQH4-kEZ2xjtplp2wpywMLXmVlsrf2mzudSv2T-0zOAqEO5GkVJn4E466Ans_WntoTevpHqEnu6N1Thr-LRhB_5WpyO9AwNLZ3vgmsZPWzRFm98Z6QJVRVDI3lueqkuFfqcPq2E1NHgNLGnDVlHbxmIQoxw38EtLLMRHe7TuvlKlAcd_t1lTxogU_OKsUERbjJlOzJ8eT9fGio9U6ocnHGHF4trIMj4bCZzTpQXYaNrOcKLXz0KU_7VtJwHiR9CyITQ0Z5FqmlbcPF0ijT2DqbPpeN-9EeNY-u9Wm1Rm8yncFGJMbFR7JbJDs5s5zmntq0sNhCfL5zbAW2bPoVl9HVowI_Cd9FCM4w6PvtgBnRaM3ROJsvQTdB8nC_rHwjPELAwK8u69l8gaLmfthpOyQeALIX2cC4HG18xeA7qN6R596h1GNIdlvunYBc8RsO2TrnhdaaT4-lTIRgwfHliTEeeTZOJqXZ1NcDV43q8G1-6RFSIn8dsJ-ZLSTUnvbio0tWmcW3vzWHZ8A5Zz-maPrQrq-fmEYS0cby7jDfB-mFChlAv0P0KZupbBX99IN8WGqXcOc-fgQNISqOX1OUXHkopEa3VlkfkGc4jJjH_hYhFGU9sL6YOXj4l8_O1JnXviFfhE431gWMoOywnrAtfWo7lIGLwsbGyg_oCRqXIKCe5wMQtHHEqCw6qVPd_BdIS1rd55yIJzzor5F2sLXkaiKZ61QwUqVHUqrB5s3Ds4h-5a6Bu0P0sIHT7wKFbek0qGRoxGVGa3prh_fzUUXe_6puVljw3piX7psQigYIf17SIkT4sMIZLkwPUIMH6R2nkkTCdliLKTQUXwyWe88a9VBIaNEMfP39fxZ0VqFJmtyMU3jzJzgV7U1k4Patqc5edfsZSDQbMtDp0dueb230nQdmJCXXtiYGuyVFOC1ldXEZqD2faX2GUZpM0K0p0KD2dsdPIYEJ17HITix0Gr1ZISUty-I3BB_ABqe0d_UIHqeHciwWwtTk2tCGoBZQEkzVi-0rWMX9kVMw9oIERDTTnNiiZXjinSm6VPzX2midvrL9iQ3FNGknhadmvDmxHZzNbu&sai=AMfl-YRowU-qZoFTcb1a5LFTcXU16BXk2YdFmkDuhgM12iAJuK2IL7U82Ubjz91rZMb68vTkJxPL1IYO7U89jWR73D6YGE_Rs0tJxaMpGJ79v7RnwZUzOlrQaUBISl3dzRXHqlUmzpsgULD604GRKgLFbkz-7ssRBml5HIAC69fcvyq_vbWHHT5ccsY4Jkg-noN6q7HELcr_bYdwu8nEpozX5hsF5qlJSsxg7fFd94U3sviU954&sig=Cg0ArKJSzEsWja1xCwgrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=125&cbvp=1&cstd=124&cisv=r20220629.15032&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 05 Jul 2022 02:39:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
googleads.g.doubleclick.net/xbbe/ Frame E961
356 B
240 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COmWlQEQzaudARiP0aTIATAB&v=APEucNXr82p9HD-rqPoyi6uiOj88A0gJwJXpR95cbSg8ICieNZxi7uQPsoArJ8cIRsRwg7DKSt3fmmG_yKcTBtv1Q3OVRyLAi_nH9lQ8BJw8jNRiApxj61I
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55f56026d86468db4135723445d1df3498809ce536fa7a518b2847d7e6a27a96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
219
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Jul 2022 02:39:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 97E6
60 KB
30 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APQ2gQpsQ5Cgo5wLmxK0Pyv9WsI2pz1rPi8uGu2_VETx73FwTjwgJfsTdvY5Ndia7AjDb5h1kS3EqgP0y3VaDgAAVtL5hLGUlz58ORrWpD220mdIaKNkeErfBTU2GK--oKksIlkIKO4cHQc1tnJeaiib4lbw&dbm_d=AKAmf-AEaXYZMwSsDpOZaqzyamfn7mQmli3G38bPxMI3SK4TWrhbXp7RS90uAiKwSZj6I4Efytrm5dyYX1P6BhhKu2L8M9-ADeK570BV-_mJKTb5N9zc_cFTgVybdZLrIxaHdAFMD5HGSHH4ueOti7ZtyueT4-UZD6iqn3TKQgrxPz55UBReq2506ERLTHleV8Jz3Qa17MC3ddUGsbahlBw1AdxWLgt4Sw0vzMdduXIHoBu7m9h410zYc7Rsef95poWpRVwn-gflJixmrkjkZylyoKx8cIt3a9j_OCl96oEd-iS_B98pxKvhOlGXD1DhFYWcsXCqPmy5aAuLj96ATFDT0Q4hcXvJ419aTE7Aj_i8PoR-cfdfepFgoax7DgX3ZqZxCKaemjbl-nOqArS1gwAvxR4ceJVcxf4MUCavwP0hxCe6vePeQ9aIKEESMVFDruBbIlqpMVif6T7PuXFPJbdo63Ws9hokB3DIsnm9AvkyuCk3mf1fc0m9epsB7QZOSq4Z4USRHFDlBB8kIGLQe-bRaz_kliVqpuKphqsS6nmLkvd_lHfxwdGkFZVgcSpBT8BteJstQEfkDxkWsE0haSZg3aU1LEr5iEfM81q1JwPntG_IeBSe5o-t_u1KRL-TuxwGIqaD2qDSARXPtoc4e49tgwO2UYhLY9ujNtXcZ6-5C89XGPmYKDwleqYXy9pfE6mxs-aS1Vhy6Df1w_qg5AA4_X258IzmdzozFWGPeIYAKGIZLAMtm92iWn_daER0Zjc5RhG8LVcbUXYF2_H2whRGvEqFwLtK0riLvUyApvWqyr8tm7jPmFP87I3mi4TeuYPqdzgLObSN8vK6dtWSvjrPC13J8IA-0KOFbvYaMVJfn7yo2O9T82UFFgOGQ9nUAqNaBr7A9wIndOzx9C5NXhpnySKQLbTDlYSG9YL0KHfFeMzEoE7vAWgL4_1YDilQNIimUlb7pKudV0cpweT7B9WVQW9HjNHH_HOdYS5HUW2RtWpXEsFnh2Il3G5EoXj8UHIrzAWwvw8N3EIvPv2YtKtEVomsr2PHfGI_FpHq57GGIpdUvbwvUbmQ9PTK458btV6cTj44PwRGgVVcYpzZmmHO53BzAHUoD-ZzN0z6-5zT95dovDIuXYrXIBr6hsKFQo1cfxjR3okxZSpee_RCNT8Z-oB4XFHYY-Fd-nuWp-JTIi7PiNovLIhWlW7-zCKcpdx6-kgJ3kEM4GeNRdmccg9j25UPDhYfCle9yHsNzB9Bdh1hiiaTXragmsk-IOdTq-pAU4T3SVROAFbrzLzRnh-dc3mzAunWhCl-Fol2FoWAlaflGVogbBKxzV7zWmGZvR9gqHBguEFUZD2PY1iEjSMK1WLQzNzoDN18CQZI1-nQGUB4LQ1BxbbhlTWPNrM5vkDRe2zfDIm5Vz6trDy0UvW3WEqJRqzDlci5jLtxPORIUAFYBmo2Zstu-J3ZEfc-2HwB8SalB7f-envzXDxq9fzzmkKp-7hoorOMVfRFKNuKak8wEbo76jLqcG2VqURRIm30DqSKWl8RDaEjT_3uSYVyqNgu6xmQVnqZ_fdbsx9c51E9kbFQ2rv2ULO1YV4eDBNkMP6sumOn8f7RuL6TMhiRBOl6xDF7o-vdvNvjB_S9UHgCiJQRfgiYspJDOZHm2t7SenUhcF_KyzYa8GdBNxSpcw0OVbuakpTQ1Y1bQbYbgfQyucP92pkiWWD4YS-eDOixdj9W6fUNXeagoS83wiGkjnEZOlj9cP6IRBaHcXh4ll3HP-t9M1QHOLkTLs1MpqiE87P8_4CBsK05Q8PpSzZ0mHUlFjp3qYe_Zma5HziHQkC61-iSPI6s3gbRy3QcNRfSpfVwQggmj06q6oIHCbu95BIqmcZsYs_ipTwbZrxxXbpbflfTuxa8reVZEiOICGcwyQfTo8KX7zf8JQYGALKj0RnWzMmzVho3nkkgnhI1K0eObvCIK3GSWCynu_9yjC1uaHQYwl54OEMPOglBSVARUnhKy8MksevsFUUIcW_E1wvGE-pYOGJG9RPpx1fEfrT21pzxCgDRxf-PeSKXFp9c8k6iMnDNaWPCfIyzUb-hVWKFzR7CTr4RfNRc7JkJRVowW8wB7RV0Knm-CX8xdaAQuxmLBjTlegFxeV9habs3gI-vZXJb7caFT_MfgPsKeO9xaSrmurffo2PA3-y9cw7f2ORFIRZk-HBjrPuC_dG5n_Ap4Iptuh1vkn1hATRl4IzoiUivY-DdY2nngXTWi0b0suofll1k0-Cv9jrfltUj35iRIThrrH5Fbx9HHGALvEiWzwPEKSR1wIjIgIqCAOqjKOcsr61T2mMGgLvYhvAGyFuloqDy31f9dYlK2t01p5KVEINJ83Q2fHOhh8kKFgfIv6w-V-3Oql9geVHrn_zq69rCNNho8aDgbR0-4nDBEcHaTVc9XR6r4IqkXxidLyoPZLs_yr-mWsaoMFxlqOjmia_AfDJvMWtwWH13OQ0NJQqhqxond976m2UOtIawBrZKyDZk8tIWHv0hUzLNyXSwMLUHa2a4vy-p5AkAvkK8M3thr3r52sFERzyorV6KrVrU7dkjff_aNZq3GaFtC0o_khV7OyGAaK5xcDZOQDBypsd6Vk80zBvM1qbgTckrjh9-0Nk9M65aqjr9G5JPsUuaGAH7AiHJTWyGaaymAMwPdxDls-9SVu61AbkL5sd5j1f4kA7i2Td77bLxXjznGJ21uwhvokXp0EN5RPo5pP6NvlHCoZzBmLbZ2kB9ogbWNEkMr1UPluXAZnRfHcBv9WePHydGwMau2cDvXXvv6ECkyQSkNtcn68APOUDBriw562IZub93H9ENidSVb7_SRVU9M8QGFjTwH29I3FDoQB_TxAZYFAY4PzJf88gYcqbSV_caaDKuLM2K1F0JMHMGHBVYc4zYaralTuqtzkhuuvowaq-fig4A3Ka9aDCUXtibhh8T7yx8KpmUvZaiEvQi4KFbE6pDIsBnieJTNwMyVfDlYdrbNOqi0Uj6gELzgJzoImfaDmn4jZkgmS2W0XjZD5oKfpMXStxwhGOznN8Xjs_oXNeSjk47Ct91HHf1IhqmhO4FLNj8GUrN9y7-JmKsjLf1jyZJfdh4oySleaHIM0IpqKjjqi930QGj84omhI9OVnbMuqaE-bUnHJdRiownBgVggIabFTN5hi14v7UM2AKRCd-4LfvVNRGXRIRVAMPASbY0KQOHSYSrLKQ7XK_aPV6VbLUHTlmhbMoIY9ezzIv0h9VQvCSR_4xZI6wB2DsGHBkIanRlMLLkgmz24p_Ci6SwQyRvsZU1rYixGe3s87eJMOhM5_e3HfdIXOI9osNPei3uaYnGU8bKKwe2O7u2BZsadZ5lyRFKJeuULqRGj2Ug7lB1E7_zzWK5-X49kZeOWTtwojU6tSUlmanIYEU9Gir9H6NqfgTsGacnp11I3PxQ7qD6z6proa_LzeUgcGwpTCL2qWAevwoN9FnS2XE4E6GFomByrjEt4nf7jncDy8zXUogiNWztX23GtZeade9Us-d20RZntDVmKiOzvawY2y6xdVyrwZK5xkpH7B4DOhMsPNRM6suv5CZS78migLVd5m4qY3AsJrm8FYQ-b15Ar0URNpCGH9nqodQZOoqSinbtSgeS1Z1vKtWy9rBQylo0wtOtHprw0iMRDs5prEvxDI6ubYsQFPc5VMwWFHBxHDSfdeZEpCo_02aIGCjFOpNT2oJRufGdmXeJSyk24RhtismXVFHmTO9yu5U&cid=CAASJORoiJirsb36gl4zZNupPMKFuuqUrCbi_n8E-oKki0njs9UrAw&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
91d7a8383414f65a849e087a7abcdd6c922159112e83e50f58365ffa6d360014
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30658
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 97E6
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B5YuZsfCPhF6XGKCcKMKFJF-BgyqOY46pOqlXokRrQsVUInMIiUp1MWaT0__qF5hYxoqFgO0d2NDZC5-W3Db-QR-UJ6LSt2fStF5fKofVlIxlcwvI
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 97E6
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
836
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 02:25:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 97E6
138 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Jul 2022 02:39:28 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 97E6
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 01:51:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2864
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 01:51:44 GMT
l
www.google.com/ads/measurement/ Frame 97E6
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSxezWOUkv9eo9Df4ieJKpc7CULlBXNYOUg6odfODJY4OO2WCh5EFWgXfIkhu-82ymmfZOBzqnNhaO16smL6Ydt_PjI9A
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7140
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 11:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53350
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Jul 2023 11:50:18 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A5F5
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
47596
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 13:26:12 GMT
etag
48472445140208031
expires
Tue, 05 Jul 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7140
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
004dfef0578a10ad4309cdf6431d4b74e904f11b5836f3920d9afb8e449c4b39

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3A4C
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Jul 2022 02:39:28 GMT
16379029125961a06a40c0a87.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/
967 KB
967 KB
XHR
General
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/16379029125961a06a40c0a87.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash
aca4b5ab1c4916c0e2a1a42b600a4192a2f2b46c816af60ad14b0b39d7f3e986

Request headers

Referer
https://subject.com.ua/
vdoai
true
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=1727720-2717915

Response headers

Date
Tue, 05 Jul 2022 02:39:28 GMT
Last-Modified
Fri, 26 Nov 2021 05:10:16 GMT
Server
nginx/1.16.1
Access-Control-Allow-Origin
*
ETag
"61a06c38-1cb3c944"
Content-Type
video/mp2t
Content-Range
bytes 1727720-2717915/481544516
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
990196
Expires
Wed, 05 Jul 2023 02:39:28 GMT
16379029125961a06a40c0a87.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame
0
0
Preflight
General
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/16379029125961a06a40c0a87.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Tue, 05 Jul 2022 02:39:28 GMT
Expires
Wed, 05 Jul 2023 02:39:28 GMT
Server
nginx/1.16.1
160x600_generic.jpg_1653073446511_160x600_generic.jpg
s0.2mdn.net/dynamic/2/10799398/dynamicad.ch/swiss_complete/composite/gb/lcy/pro/images/ Frame 3A4C
4 KB
4 KB
Image
General
Full URL
https://s0.2mdn.net/dynamic/2/10799398/dynamicad.ch/swiss_complete/composite/gb/lcy/pro/images/160x600_generic.jpg_1653073446511_160x600_generic.jpg
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b14768fcdee89f4f1239f1f013a3fed89394d7d17c99c191ab6271efa380ee40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10468941064440532424/index.html?e=69&leftOffset=0&topOffset=0&c=5e5TppNCCg&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 15:58:37 GMT
x-content-type-options
nosniff
age
124851
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4116
x-xss-protection
0
last-modified
Fri, 20 May 2022 19:05:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 03 Jul 2023 15:58:37 GMT
csi
csi.gstatic.com/ Frame 013C
0
327 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l57kbuti&c=1085221559156&slotId=542610779578&qqid=CMP_j5fc4PgCFWeH_QcdPDwE7g&gqid=X6TDYuSOJImC9u8PsYSqGA&fb=ima_html5-lima&sdkv=h.3.520.0&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&ghmsh_eids=44754420%2C44760950%2C44761692%2C44762904&wta=1&vmfc=18&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.520.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c0f::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 013C
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CmYUeX6TDYoPUJeeO9u8PvPiQ8A6k0e-UavS_4IDBDc_7kOPXAhABIOXxnH5gu76ug9AKoAHIx7XyAsgBBagDAcgDE5gEAKoEugJP0EJGXk0UkrsqEbOsLUrcOofDR1cut9iwwBxQxrf-N7QGotYP5LGIOJmMzAqqchPc3Hn6GVBYoWR01Pep1jQ1vkuPB_Gs0SefyiLEn-DToMuJc1np2RyUJrddYaIQ5z_FMZ_QT61qxfu1vvYtkRmi3sBfPSIWcH-jMZ8WJR_aO7tHpZx_fECO0sgpmsf9KcunNEvJWAVXWzZ0QoZuut0-MdvGgG5q6aT92rCjlriD8JYDO3oAq3QEtrJNJmMWbCNSKp2IcXW9-BdmHrNyLONtaXslIg4fmmFqep-lv5Up8wRPdBZ0BsgKDrquVZlOR8HTbxI6EVEA6_yQxuAPBEL5J-zlMx-Hy9Wfr6PDTMpP0wbEhoR0-d7OkjGPciza7JPZ5Pcd5L2gpOnVBbMZiSo8Yg27v1l6zyHbNMAEsdT7kLwD4AQDkAYBoAZOgAeguMqNAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTE4NDc5MzQ2NzYzOTAwODeACgOYCwHICwGADAGwE5GLwwrQEwDYEwyIFALYFAHQFQH4FgGAFwE&sigh=gtEwlar98PU&label=show_ad&sdkv=h.3.520.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0OTIxMTU2NzAzODNAtAIKbggBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODcwMDM5OTIyCTE0NDczNjUzOEDdAVIzCPkGEBIlAACIQSgBOgsxNDQ3MzY1MzgtMUIER0RDTVAAWhBDSkVHblpaNTBVdzZnc1RCGAE.
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 013C
0
0
Image
General
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CPvgEX6TDYoPUJeeO9u8PvPiQ8A6k0e-UavS_4IDBDc_7kOPXAhABIOXxnH5gu76ug9AKoAHIx7XyAsgBBagDAZgEAKoEtwJP0EJGXk0UkrsqEbOsLUrcOofDR1cut9iwwBxQxrf-N7QGotYP5LGIOJmMzAqqchPc3Hn6GVBYoWR01Pep1jQ1vkuPB_Gs0SefyiLEn-DToMuJc1np2RyUJrddYaIQ5z_FMZ_QT61qxfu1vvYtkRmi3sBfPSIWcH-jMZ8WJR_aO7tHpZx_fECO0sgpmsf9KcunNEvJWAVXWzZ0QoZuut0-MdvGgG5q6aT92rCjlriD8JYDO3oAq3QEtrJNJmMWbCNSKp2IcXW9-BdmHrNyLONtaXslIg4fmmFqep-lv5Up8wRPdBZ0BsgKDrquVZlOR8HTbxI6EVEA6_yQxuBXBaj9L55rAY00Vzf2EkHh8jImZv6HeztaA0mMjjszeAXCFjw5jULHd6yOvDk1op3jFNQqThUKFqMTcsAEsdT7kLwD4AQDiAXG3L2KLZIFBggDEAEYAZIFBggbEAEYAZIFCggiEAMYA0iLg2GSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB6C4yo0BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwsQpP37Bximj6qbAdIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tMTg0NzkzNDY3NjM5MDA4N4AKA8gLAbATkYvDCsgTrLTMCNATANgTDIgUAtgUAdAVAYAXAbIXHgocCAASFHB1Yi0yNDAzMDE4MjI2NDA0MjEzGIy1dw&sigh=3Vl8IFW9GjQ&cmd=Ch1jYS12aWRlby1wdWItMjQwMzAxODIyNjQwNDIxMxAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&cid=CAQSOwCNIrLMOQQGnJ9CaDudDEXqCwc57qsDe8QEntRWsWJpsHcps9WJtyyqShTdEE9wijlxSC3kTAGNraDC&vt=10&sdkv=h.3.520.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0OTIxMTU2NzAzODNAtAIKbggBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODcwMDM5OTIyCTE0NDczNjUzOEDdAVIzCPkGEBIlAACIQSgBOgsxNDQ3MzY1MzgtMUIER0RDTVAAWhBDSkVHblpaNTBVdzZnc1RCGAE.
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

102370.svg
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 4A97
144 B
168 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/102370.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6babea0ece2c83d3f48544adedeb793677c6ea20343cd6971b608bc8cab571f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 10:01:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59886
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 10:01:22 GMT
12827.jpg
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 4A97
9 KB
9 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/12827.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5dcf4aad520bb2b3a08a85bdeff452b1550ccd9bd297c578607019f895b38ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 10:00:18 GMT
x-content-type-options
nosniff
age
59950
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8896
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 10:00:18 GMT
I12827348103.png
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 4A97
329 KB
329 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I12827348103.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a3d696dffca48ce8b54b1750ba72045e9f1f6221a634356409491c66d6943a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 10:00:20 GMT
x-content-type-options
nosniff
age
59948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
336446
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 10:00:20 GMT
I12827469767.png
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 4A97
182 KB
182 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I12827469767.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bae5fdebbf3eb7ff15fdf90b283afc0b345d3cd37df9fa0e3e0e3166de34180
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 10:00:20 GMT
x-content-type-options
nosniff
age
59948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
186453
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 10:00:20 GMT
I12827349206.svg
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 4A97
171 B
197 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I12827349206.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6266084a52a1a323e230f023c52a34dec272620f00f2468ace6ef10a090948a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 10:01:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59885
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 10:01:23 GMT
I12827348105.svg
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 4A97
25 KB
5 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I12827348105.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbc09799090373dabd4bdd3cfb8470dae9424795d12d6936eabbc23039a7328b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 10:01:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59885
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4731
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 10:01:23 GMT
I12827348106.png
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 4A97
28 KB
28 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I12827348106.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b9d866b7fa495bfba4c09b8a73dd7b0253c04d739a810bc557fb6b3d051ed2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 10:00:20 GMT
x-content-type-options
nosniff
age
59948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28738
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 10:00:20 GMT
I12827348108.svg
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 4A97
6 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I12827348108.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c473141dc73a49904c72500d32938b78834be5772b6dc7ac5a65f48bcc809f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 10:01:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59885
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1677
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 10:01:23 GMT
I12827348109.svg
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 4A97
8 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I12827348109.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78471dab945b59d358db49aaa00518f843820e961dd291e7d3ce7127265134e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 10:01:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59885
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2345
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 10:01:23 GMT
I12827348110.svg
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 4A97
3 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I12827348110.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36eb0e0d0a38e5fb99dbf3b081d4b9ea8aa5822b846047c6dc524fa014788418
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 10:01:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59885
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1198
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 10:01:23 GMT
I12827348113.svg
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 4A97
4 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I12827348113.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67f26bc9668b3122c7e7c8c75e3748597ab4a9623036eaf3a8b60e53afef276a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 10:01:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59885
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1693
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 10:01:23 GMT
I134613022.jpg
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 4A97
86 KB
86 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I134613022.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6b7451606fdcda3eb923c2e26b7f46f2ae959ea6b035204660d1c7714cad9cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 10:00:27 GMT
x-content-type-options
nosniff
age
59941
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88418
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 10:00:27 GMT
I134613023.svg
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 4A97
4 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I134613023.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c2e38fc1eb07a52ed9511df418fa514b7ebf4c6a426dbd8a661472572e1d07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 10:01:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59885
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1854
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 10:01:23 GMT
I13461302139.svg
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 4A97
3 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I13461302139.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5d91e83633543543de8c95bfd761fecca7d2d05dcdf7eef526e75a8139a93b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 10:01:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59885
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1265
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 10:01:23 GMT
csi
csi.gstatic.com/
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~l57kbu5a&c=1085221559156&slotId=542610779578&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c0f::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E961
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&gdpr=0&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&gdpr=0&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1xRVJ6LnBWRTJ1SGpWVlQ5OXFfOFg2M1Fsa2Y0ZjRKM35B&gdpr=0&gdpr_consent=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1xRVJ6LnBWRTJ1SGpWVlQ5OXFfOFg2M1Fsa2Y0ZjRKM35B&gdpr=0&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmWlQEQzaudARiP0aTIATAB&v=APEucNXr82p9HD-rqPoyi6uiOj88A0gJwJXpR95cbSg8ICieNZxi7uQPsoArJ8cIRsRwg7DKSt3fmmG_yKcTBtv1Q3OVRyLAi_nH9lQ8BJw8jNRiApxj61I
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1xRVJ6LnBWRTJ1SGpWVlQ5OXFfOFg2M1Fsa2Y0ZjRKM35B&gdpr=0&gdpr_consent=
date
Tue, 05 Jul 2022 02:39:28 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user-registering
ads.stickyadstv.com/ Frame E961
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESELrGLHOpWGZzQv8UeN_Ms7o&google_cver=1&gdpr=0
43 B
719 B
Image
General
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESELrGLHOpWGZzQv8UeN_Ms7o&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmWlQEQzaudARiP0aTIATAB&v=APEucNXr82p9HD-rqPoyi6uiOj88A0gJwJXpR95cbSg8ICieNZxi7uQPsoArJ8cIRsRwg7DKSt3fmmG_yKcTBtv1Q3OVRyLAi_nH9lQ8BJw8jNRiApxj61I
Protocol
HTTP/1.1
Server
23.35.229.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-117.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:28 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1656988767658077-430
Expires
Tue, 05 Jul 2022 02:39:28 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESELrGLHOpWGZzQv8UeN_Ms7o&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
328
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E961
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YWVmYTM4YjUxMTU2ZjJkY2M3MmUwMWI3Yzc2ZGJkNA==&gdpr=0&gdpr_consent=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YWVmYTM4YjUxMTU2ZjJkY2M3MmUwMWI3Yzc2ZGJkNA==&gdpr=0&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmWlQEQzaudARiP0aTIATAB&v=APEucNXr82p9HD-rqPoyi6uiOj88A0gJwJXpR95cbSg8ICieNZxi7uQPsoArJ8cIRsRwg7DKSt3fmmG_yKcTBtv1Q3OVRyLAi_nH9lQ8BJw8jNRiApxj61I
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:28 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YWVmYTM4YjUxMTU2ZjJkY2M3MmUwMWI3Yzc2ZGJkNA==&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1656988767886061-384
Expires
Tue, 05 Jul 2022 02:39:28 GMT
48
r5---sn-aigl6n7z.c.2mdn.net/videoplayback/id/bec5cba177d59779/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3755281257/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mi...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/bec5cba177d59779/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3755281257/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sign...
  • https://r5---sn-aigl6n7z.c.2mdn.net/videoplayback/id/bec5cba177d59779/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3755281257/sparams/acao,ctier,expire,id,ip,ipbits,it...
2 MB
0
Media
General
Full URL
https://r5---sn-aigl6n7z.c.2mdn.net/videoplayback/id/bec5cba177d59779/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3755281257/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4AF68655622CFBD6EE71DC7E0F59F5518E6F0D9D.28DD7AF2FD1ED1BDAA0F05A62BA328F7A3C95ACC/key/cms1/cms_redirect/yes/mh/RR/mip/2a02:8c8:c10:30::15/mm/42/mn/sn-aigl6n7z/ms/onc/mt/1656987561/mv/u/mvi/5/pl/48?cpn=CJEGnZZ50Uw6gsTB&file=file.webm
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
HTTP/1.1
Server
2a00:1450:401f:3::b , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 05 Jul 2022 02:39:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 16 Jan 2021 21:40:54 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/webm
Content-Range
bytes 0-2417520/2417521
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2417521
Expires
Tue, 05 Jul 2022 02:39:28 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r5---sn-aigl6n7z.c.2mdn.net/videoplayback/id/bec5cba177d59779/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3755281257/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4AF68655622CFBD6EE71DC7E0F59F5518E6F0D9D.28DD7AF2FD1ED1BDAA0F05A62BA328F7A3C95ACC/key/cms1/cms_redirect/yes/mh/RR/mip/2a02:8c8:c10:30::15/mm/42/mn/sn-aigl6n7z/ms/onc/mt/1656987561/mv/u/mvi/5/pl/48?cpn=CJEGnZZ50Uw6gsTB&file=file.webm
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
676
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 988E
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
53349
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 11:50:19 GMT
expires
Tue, 04 Jul 2023 11:50:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 97E6
27 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APQ2gQpsQ5Cgo5wLmxK0Pyv9WsI2pz1rPi8uGu2_VETx73FwTjwgJfsTdvY5Ndia7AjDb5h1kS3EqgP0y3VaDgAAVtL5hLGUlz58ORrWpD220mdIaKNkeErfBTU2GK--oKksIlkIKO4cHQc1tnJeaiib4lbw&dbm_d=AKAmf-AEaXYZMwSsDpOZaqzyamfn7mQmli3G38bPxMI3SK4TWrhbXp7RS90uAiKwSZj6I4Efytrm5dyYX1P6BhhKu2L8M9-ADeK570BV-_mJKTb5N9zc_cFTgVybdZLrIxaHdAFMD5HGSHH4ueOti7ZtyueT4-UZD6iqn3TKQgrxPz55UBReq2506ERLTHleV8Jz3Qa17MC3ddUGsbahlBw1AdxWLgt4Sw0vzMdduXIHoBu7m9h410zYc7Rsef95poWpRVwn-gflJixmrkjkZylyoKx8cIt3a9j_OCl96oEd-iS_B98pxKvhOlGXD1DhFYWcsXCqPmy5aAuLj96ATFDT0Q4hcXvJ419aTE7Aj_i8PoR-cfdfepFgoax7DgX3ZqZxCKaemjbl-nOqArS1gwAvxR4ceJVcxf4MUCavwP0hxCe6vePeQ9aIKEESMVFDruBbIlqpMVif6T7PuXFPJbdo63Ws9hokB3DIsnm9AvkyuCk3mf1fc0m9epsB7QZOSq4Z4USRHFDlBB8kIGLQe-bRaz_kliVqpuKphqsS6nmLkvd_lHfxwdGkFZVgcSpBT8BteJstQEfkDxkWsE0haSZg3aU1LEr5iEfM81q1JwPntG_IeBSe5o-t_u1KRL-TuxwGIqaD2qDSARXPtoc4e49tgwO2UYhLY9ujNtXcZ6-5C89XGPmYKDwleqYXy9pfE6mxs-aS1Vhy6Df1w_qg5AA4_X258IzmdzozFWGPeIYAKGIZLAMtm92iWn_daER0Zjc5RhG8LVcbUXYF2_H2whRGvEqFwLtK0riLvUyApvWqyr8tm7jPmFP87I3mi4TeuYPqdzgLObSN8vK6dtWSvjrPC13J8IA-0KOFbvYaMVJfn7yo2O9T82UFFgOGQ9nUAqNaBr7A9wIndOzx9C5NXhpnySKQLbTDlYSG9YL0KHfFeMzEoE7vAWgL4_1YDilQNIimUlb7pKudV0cpweT7B9WVQW9HjNHH_HOdYS5HUW2RtWpXEsFnh2Il3G5EoXj8UHIrzAWwvw8N3EIvPv2YtKtEVomsr2PHfGI_FpHq57GGIpdUvbwvUbmQ9PTK458btV6cTj44PwRGgVVcYpzZmmHO53BzAHUoD-ZzN0z6-5zT95dovDIuXYrXIBr6hsKFQo1cfxjR3okxZSpee_RCNT8Z-oB4XFHYY-Fd-nuWp-JTIi7PiNovLIhWlW7-zCKcpdx6-kgJ3kEM4GeNRdmccg9j25UPDhYfCle9yHsNzB9Bdh1hiiaTXragmsk-IOdTq-pAU4T3SVROAFbrzLzRnh-dc3mzAunWhCl-Fol2FoWAlaflGVogbBKxzV7zWmGZvR9gqHBguEFUZD2PY1iEjSMK1WLQzNzoDN18CQZI1-nQGUB4LQ1BxbbhlTWPNrM5vkDRe2zfDIm5Vz6trDy0UvW3WEqJRqzDlci5jLtxPORIUAFYBmo2Zstu-J3ZEfc-2HwB8SalB7f-envzXDxq9fzzmkKp-7hoorOMVfRFKNuKak8wEbo76jLqcG2VqURRIm30DqSKWl8RDaEjT_3uSYVyqNgu6xmQVnqZ_fdbsx9c51E9kbFQ2rv2ULO1YV4eDBNkMP6sumOn8f7RuL6TMhiRBOl6xDF7o-vdvNvjB_S9UHgCiJQRfgiYspJDOZHm2t7SenUhcF_KyzYa8GdBNxSpcw0OVbuakpTQ1Y1bQbYbgfQyucP92pkiWWD4YS-eDOixdj9W6fUNXeagoS83wiGkjnEZOlj9cP6IRBaHcXh4ll3HP-t9M1QHOLkTLs1MpqiE87P8_4CBsK05Q8PpSzZ0mHUlFjp3qYe_Zma5HziHQkC61-iSPI6s3gbRy3QcNRfSpfVwQggmj06q6oIHCbu95BIqmcZsYs_ipTwbZrxxXbpbflfTuxa8reVZEiOICGcwyQfTo8KX7zf8JQYGALKj0RnWzMmzVho3nkkgnhI1K0eObvCIK3GSWCynu_9yjC1uaHQYwl54OEMPOglBSVARUnhKy8MksevsFUUIcW_E1wvGE-pYOGJG9RPpx1fEfrT21pzxCgDRxf-PeSKXFp9c8k6iMnDNaWPCfIyzUb-hVWKFzR7CTr4RfNRc7JkJRVowW8wB7RV0Knm-CX8xdaAQuxmLBjTlegFxeV9habs3gI-vZXJb7caFT_MfgPsKeO9xaSrmurffo2PA3-y9cw7f2ORFIRZk-HBjrPuC_dG5n_Ap4Iptuh1vkn1hATRl4IzoiUivY-DdY2nngXTWi0b0suofll1k0-Cv9jrfltUj35iRIThrrH5Fbx9HHGALvEiWzwPEKSR1wIjIgIqCAOqjKOcsr61T2mMGgLvYhvAGyFuloqDy31f9dYlK2t01p5KVEINJ83Q2fHOhh8kKFgfIv6w-V-3Oql9geVHrn_zq69rCNNho8aDgbR0-4nDBEcHaTVc9XR6r4IqkXxidLyoPZLs_yr-mWsaoMFxlqOjmia_AfDJvMWtwWH13OQ0NJQqhqxond976m2UOtIawBrZKyDZk8tIWHv0hUzLNyXSwMLUHa2a4vy-p5AkAvkK8M3thr3r52sFERzyorV6KrVrU7dkjff_aNZq3GaFtC0o_khV7OyGAaK5xcDZOQDBypsd6Vk80zBvM1qbgTckrjh9-0Nk9M65aqjr9G5JPsUuaGAH7AiHJTWyGaaymAMwPdxDls-9SVu61AbkL5sd5j1f4kA7i2Td77bLxXjznGJ21uwhvokXp0EN5RPo5pP6NvlHCoZzBmLbZ2kB9ogbWNEkMr1UPluXAZnRfHcBv9WePHydGwMau2cDvXXvv6ECkyQSkNtcn68APOUDBriw562IZub93H9ENidSVb7_SRVU9M8QGFjTwH29I3FDoQB_TxAZYFAY4PzJf88gYcqbSV_caaDKuLM2K1F0JMHMGHBVYc4zYaralTuqtzkhuuvowaq-fig4A3Ka9aDCUXtibhh8T7yx8KpmUvZaiEvQi4KFbE6pDIsBnieJTNwMyVfDlYdrbNOqi0Uj6gELzgJzoImfaDmn4jZkgmS2W0XjZD5oKfpMXStxwhGOznN8Xjs_oXNeSjk47Ct91HHf1IhqmhO4FLNj8GUrN9y7-JmKsjLf1jyZJfdh4oySleaHIM0IpqKjjqi930QGj84omhI9OVnbMuqaE-bUnHJdRiownBgVggIabFTN5hi14v7UM2AKRCd-4LfvVNRGXRIRVAMPASbY0KQOHSYSrLKQ7XK_aPV6VbLUHTlmhbMoIY9ezzIv0h9VQvCSR_4xZI6wB2DsGHBkIanRlMLLkgmz24p_Ci6SwQyRvsZU1rYixGe3s87eJMOhM5_e3HfdIXOI9osNPei3uaYnGU8bKKwe2O7u2BZsadZ5lyRFKJeuULqRGj2Ug7lB1E7_zzWK5-X49kZeOWTtwojU6tSUlmanIYEU9Gir9H6NqfgTsGacnp11I3PxQ7qD6z6proa_LzeUgcGwpTCL2qWAevwoN9FnS2XE4E6GFomByrjEt4nf7jncDy8zXUogiNWztX23GtZeade9Us-d20RZntDVmKiOzvawY2y6xdVyrwZK5xkpH7B4DOhMsPNRM6suv5CZS78migLVd5m4qY3AsJrm8FYQ-b15Ar0URNpCGH9nqodQZOoqSinbtSgeS1Z1vKtWy9rBQylo0wtOtHprw0iMRDs5prEvxDI6ubYsQFPc5VMwWFHBxHDSfdeZEpCo_02aIGCjFOpNT2oJRufGdmXeJSyk24RhtismXVFHmTO9yu5U&cid=CAASJORoiJirsb36gl4zZNupPMKFuuqUrCbi_n8E-oKki0njs9UrAw&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
511
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10545
x-xss-protection
0
server
cafe
etag
4672069523611413616
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 02:30:57 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/ Frame 97E6
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APQ2gQpsQ5Cgo5wLmxK0Pyv9WsI2pz1rPi8uGu2_VETx73FwTjwgJfsTdvY5Ndia7AjDb5h1kS3EqgP0y3VaDgAAVtL5hLGUlz58ORrWpD220mdIaKNkeErfBTU2GK--oKksIlkIKO4cHQc1tnJeaiib4lbw&dbm_d=AKAmf-AEaXYZMwSsDpOZaqzyamfn7mQmli3G38bPxMI3SK4TWrhbXp7RS90uAiKwSZj6I4Efytrm5dyYX1P6BhhKu2L8M9-ADeK570BV-_mJKTb5N9zc_cFTgVybdZLrIxaHdAFMD5HGSHH4ueOti7ZtyueT4-UZD6iqn3TKQgrxPz55UBReq2506ERLTHleV8Jz3Qa17MC3ddUGsbahlBw1AdxWLgt4Sw0vzMdduXIHoBu7m9h410zYc7Rsef95poWpRVwn-gflJixmrkjkZylyoKx8cIt3a9j_OCl96oEd-iS_B98pxKvhOlGXD1DhFYWcsXCqPmy5aAuLj96ATFDT0Q4hcXvJ419aTE7Aj_i8PoR-cfdfepFgoax7DgX3ZqZxCKaemjbl-nOqArS1gwAvxR4ceJVcxf4MUCavwP0hxCe6vePeQ9aIKEESMVFDruBbIlqpMVif6T7PuXFPJbdo63Ws9hokB3DIsnm9AvkyuCk3mf1fc0m9epsB7QZOSq4Z4USRHFDlBB8kIGLQe-bRaz_kliVqpuKphqsS6nmLkvd_lHfxwdGkFZVgcSpBT8BteJstQEfkDxkWsE0haSZg3aU1LEr5iEfM81q1JwPntG_IeBSe5o-t_u1KRL-TuxwGIqaD2qDSARXPtoc4e49tgwO2UYhLY9ujNtXcZ6-5C89XGPmYKDwleqYXy9pfE6mxs-aS1Vhy6Df1w_qg5AA4_X258IzmdzozFWGPeIYAKGIZLAMtm92iWn_daER0Zjc5RhG8LVcbUXYF2_H2whRGvEqFwLtK0riLvUyApvWqyr8tm7jPmFP87I3mi4TeuYPqdzgLObSN8vK6dtWSvjrPC13J8IA-0KOFbvYaMVJfn7yo2O9T82UFFgOGQ9nUAqNaBr7A9wIndOzx9C5NXhpnySKQLbTDlYSG9YL0KHfFeMzEoE7vAWgL4_1YDilQNIimUlb7pKudV0cpweT7B9WVQW9HjNHH_HOdYS5HUW2RtWpXEsFnh2Il3G5EoXj8UHIrzAWwvw8N3EIvPv2YtKtEVomsr2PHfGI_FpHq57GGIpdUvbwvUbmQ9PTK458btV6cTj44PwRGgVVcYpzZmmHO53BzAHUoD-ZzN0z6-5zT95dovDIuXYrXIBr6hsKFQo1cfxjR3okxZSpee_RCNT8Z-oB4XFHYY-Fd-nuWp-JTIi7PiNovLIhWlW7-zCKcpdx6-kgJ3kEM4GeNRdmccg9j25UPDhYfCle9yHsNzB9Bdh1hiiaTXragmsk-IOdTq-pAU4T3SVROAFbrzLzRnh-dc3mzAunWhCl-Fol2FoWAlaflGVogbBKxzV7zWmGZvR9gqHBguEFUZD2PY1iEjSMK1WLQzNzoDN18CQZI1-nQGUB4LQ1BxbbhlTWPNrM5vkDRe2zfDIm5Vz6trDy0UvW3WEqJRqzDlci5jLtxPORIUAFYBmo2Zstu-J3ZEfc-2HwB8SalB7f-envzXDxq9fzzmkKp-7hoorOMVfRFKNuKak8wEbo76jLqcG2VqURRIm30DqSKWl8RDaEjT_3uSYVyqNgu6xmQVnqZ_fdbsx9c51E9kbFQ2rv2ULO1YV4eDBNkMP6sumOn8f7RuL6TMhiRBOl6xDF7o-vdvNvjB_S9UHgCiJQRfgiYspJDOZHm2t7SenUhcF_KyzYa8GdBNxSpcw0OVbuakpTQ1Y1bQbYbgfQyucP92pkiWWD4YS-eDOixdj9W6fUNXeagoS83wiGkjnEZOlj9cP6IRBaHcXh4ll3HP-t9M1QHOLkTLs1MpqiE87P8_4CBsK05Q8PpSzZ0mHUlFjp3qYe_Zma5HziHQkC61-iSPI6s3gbRy3QcNRfSpfVwQggmj06q6oIHCbu95BIqmcZsYs_ipTwbZrxxXbpbflfTuxa8reVZEiOICGcwyQfTo8KX7zf8JQYGALKj0RnWzMmzVho3nkkgnhI1K0eObvCIK3GSWCynu_9yjC1uaHQYwl54OEMPOglBSVARUnhKy8MksevsFUUIcW_E1wvGE-pYOGJG9RPpx1fEfrT21pzxCgDRxf-PeSKXFp9c8k6iMnDNaWPCfIyzUb-hVWKFzR7CTr4RfNRc7JkJRVowW8wB7RV0Knm-CX8xdaAQuxmLBjTlegFxeV9habs3gI-vZXJb7caFT_MfgPsKeO9xaSrmurffo2PA3-y9cw7f2ORFIRZk-HBjrPuC_dG5n_Ap4Iptuh1vkn1hATRl4IzoiUivY-DdY2nngXTWi0b0suofll1k0-Cv9jrfltUj35iRIThrrH5Fbx9HHGALvEiWzwPEKSR1wIjIgIqCAOqjKOcsr61T2mMGgLvYhvAGyFuloqDy31f9dYlK2t01p5KVEINJ83Q2fHOhh8kKFgfIv6w-V-3Oql9geVHrn_zq69rCNNho8aDgbR0-4nDBEcHaTVc9XR6r4IqkXxidLyoPZLs_yr-mWsaoMFxlqOjmia_AfDJvMWtwWH13OQ0NJQqhqxond976m2UOtIawBrZKyDZk8tIWHv0hUzLNyXSwMLUHa2a4vy-p5AkAvkK8M3thr3r52sFERzyorV6KrVrU7dkjff_aNZq3GaFtC0o_khV7OyGAaK5xcDZOQDBypsd6Vk80zBvM1qbgTckrjh9-0Nk9M65aqjr9G5JPsUuaGAH7AiHJTWyGaaymAMwPdxDls-9SVu61AbkL5sd5j1f4kA7i2Td77bLxXjznGJ21uwhvokXp0EN5RPo5pP6NvlHCoZzBmLbZ2kB9ogbWNEkMr1UPluXAZnRfHcBv9WePHydGwMau2cDvXXvv6ECkyQSkNtcn68APOUDBriw562IZub93H9ENidSVb7_SRVU9M8QGFjTwH29I3FDoQB_TxAZYFAY4PzJf88gYcqbSV_caaDKuLM2K1F0JMHMGHBVYc4zYaralTuqtzkhuuvowaq-fig4A3Ka9aDCUXtibhh8T7yx8KpmUvZaiEvQi4KFbE6pDIsBnieJTNwMyVfDlYdrbNOqi0Uj6gELzgJzoImfaDmn4jZkgmS2W0XjZD5oKfpMXStxwhGOznN8Xjs_oXNeSjk47Ct91HHf1IhqmhO4FLNj8GUrN9y7-JmKsjLf1jyZJfdh4oySleaHIM0IpqKjjqi930QGj84omhI9OVnbMuqaE-bUnHJdRiownBgVggIabFTN5hi14v7UM2AKRCd-4LfvVNRGXRIRVAMPASbY0KQOHSYSrLKQ7XK_aPV6VbLUHTlmhbMoIY9ezzIv0h9VQvCSR_4xZI6wB2DsGHBkIanRlMLLkgmz24p_Ci6SwQyRvsZU1rYixGe3s87eJMOhM5_e3HfdIXOI9osNPei3uaYnGU8bKKwe2O7u2BZsadZ5lyRFKJeuULqRGj2Ug7lB1E7_zzWK5-X49kZeOWTtwojU6tSUlmanIYEU9Gir9H6NqfgTsGacnp11I3PxQ7qD6z6proa_LzeUgcGwpTCL2qWAevwoN9FnS2XE4E6GFomByrjEt4nf7jncDy8zXUogiNWztX23GtZeade9Us-d20RZntDVmKiOzvawY2y6xdVyrwZK5xkpH7B4DOhMsPNRM6suv5CZS78migLVd5m4qY3AsJrm8FYQ-b15Ar0URNpCGH9nqodQZOoqSinbtSgeS1Z1vKtWy9rBQylo0wtOtHprw0iMRDs5prEvxDI6ubYsQFPc5VMwWFHBxHDSfdeZEpCo_02aIGCjFOpNT2oJRufGdmXeJSyk24RhtismXVFHmTO9yu5U&cid=CAASJORoiJirsb36gl4zZNupPMKFuuqUrCbi_n8E-oKki0njs9UrAw&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 19:43:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24947
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Jul 2022 19:43:41 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 97E6
0
27 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuYf_uEo_Lvqz90sct31-ZwXCCKUadgcbsOt-Q0CqmicbVKJPvofWG--23O-f-7Wh8ln650dz93T25EgfSKcHbo-YobtOGMxOHzP3D0oLVfjsSxxH9lA1KYzlRBAeULOXVoUMHDQpv0cPXR2-e4NYD_-JVhb_WTRTLPk4uqrMLNw2YKUQupRp35p23XBjn6msoZ1Ti-Z7OJpNDvFY6PN3NtcmGE2kASAxaKhMTIfMMPvl_uaumCnQdYwwCUG_rsfFatubccjWcJ-xpUytxANSUqVU2SOaXGp5qgujao_qdx6k6_dDjWpsaMGoTF9fjJvaiKWiz3jMJvhy8pAsyFIYvyzI8YxaIPsUTF_s0BxU1RRB_H7pDPIkr3vJKTcH4ePM7o80rxfvS3lmxV94DqYK-M1mnPzym93HvVZ3trMSsyl0ZQ8T-BsOcyiBJQkLyqZV1H2_OgV7EDw7Brq6vrl2sC7YjQT3jAD1rf60uRmU5f2LRUI8w-gNMmwXQjlvwF_1_Lz9bQJ7OdxGE35dw06-WLW8ezZ8ojpDwnL_Ar475FmzSyjRRUJEgWDzlONy1wFvJeY73ifYpz0UChkpkOr3ymub-OqOE_YH7n51VHCHbhVIUtVWXiBOzBQLeBdFfjZJVFXlMAexBFlQFo5Rt6CPpQrxoOkWr1gngG-RDvEX-c_t4wroOf5MKqJ5iV7VHwu7QUTiCK5ARKHv6EOiDqAEq_i7JZ8mJ-AoFE1dmM2lIjE00ZKH4qcCQD9zuf3PSf0TQ-tIU9eQ8kXGorKDL0sOA1tSpG8z5lUdniQh7Crh4CkgioTSyoUUfzT9C3nm8xngPblam79Yh7qvVa2fYSzWgrv7baaDUC0AePa4czkaXNzM6jTnnKL2Q9eenaO7h-pARJH5CcW9NEIqweQB0eiEvKMINL9VvDROTN3LmlJzdTdVW7dxNihab4Cg84ka7DxkhAeP0S23ISpvkA0s8V3pgmKQyVTyYUJaqrHtqD997MCAdYDKk-6nkTuPPnGxKp7La-F0m8BQM9uC-2WHaXmKU176rZXntNXM10fbm8xO4e3qRQj_BzVLkJEhiSQ2ij5qy3swv4fuXj4TQ3XrKvLXTGl9H0-44vqiUU1iDEVPXXoBtsEg-08ZVvlG8A8ipfpW9vpgVL7pFLUOp_FJZeFN8DaQbtb_ReDF_qbu7YZkKvEsy0NrMdilTGSZ82Q1Irfbr-RZgOpyhcSadWblBAXbt-Omx8L_nI40ZneBftDcZrNchpH-w0VjiPUqIDOpFmZpFoBgCK99INStHMJUj3weDqVw&sai=AMfl-YSXQ-FPWQKMylTBmu0--gICaeB2ZaBNUZAxdfjY6eaxCUYeQp9lCQTiVUh9859gR9ozf0PurvlmvQhUsdxDVVoXbGo8jfA2bf7pndoMvOJ4KD-KeUmzm3ZOTYKLfkvpaBfiWOckGuU1zUIAspYrny9-IO5PwWt5LE2bgy7xSVbrM8KNRCNXWQvCFYwN_WIv22FeN6_7fi-7NEFnEhlhJA&sig=Cg0ArKJSzEU-xjRbvD7NEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220629.34322&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APQ2gQpsQ5Cgo5wLmxK0Pyv9WsI2pz1rPi8uGu2_VETx73FwTjwgJfsTdvY5Ndia7AjDb5h1kS3EqgP0y3VaDgAAVtL5hLGUlz58ORrWpD220mdIaKNkeErfBTU2GK--oKksIlkIKO4cHQc1tnJeaiib4lbw&dbm_d=AKAmf-AEaXYZMwSsDpOZaqzyamfn7mQmli3G38bPxMI3SK4TWrhbXp7RS90uAiKwSZj6I4Efytrm5dyYX1P6BhhKu2L8M9-ADeK570BV-_mJKTb5N9zc_cFTgVybdZLrIxaHdAFMD5HGSHH4ueOti7ZtyueT4-UZD6iqn3TKQgrxPz55UBReq2506ERLTHleV8Jz3Qa17MC3ddUGsbahlBw1AdxWLgt4Sw0vzMdduXIHoBu7m9h410zYc7Rsef95poWpRVwn-gflJixmrkjkZylyoKx8cIt3a9j_OCl96oEd-iS_B98pxKvhOlGXD1DhFYWcsXCqPmy5aAuLj96ATFDT0Q4hcXvJ419aTE7Aj_i8PoR-cfdfepFgoax7DgX3ZqZxCKaemjbl-nOqArS1gwAvxR4ceJVcxf4MUCavwP0hxCe6vePeQ9aIKEESMVFDruBbIlqpMVif6T7PuXFPJbdo63Ws9hokB3DIsnm9AvkyuCk3mf1fc0m9epsB7QZOSq4Z4USRHFDlBB8kIGLQe-bRaz_kliVqpuKphqsS6nmLkvd_lHfxwdGkFZVgcSpBT8BteJstQEfkDxkWsE0haSZg3aU1LEr5iEfM81q1JwPntG_IeBSe5o-t_u1KRL-TuxwGIqaD2qDSARXPtoc4e49tgwO2UYhLY9ujNtXcZ6-5C89XGPmYKDwleqYXy9pfE6mxs-aS1Vhy6Df1w_qg5AA4_X258IzmdzozFWGPeIYAKGIZLAMtm92iWn_daER0Zjc5RhG8LVcbUXYF2_H2whRGvEqFwLtK0riLvUyApvWqyr8tm7jPmFP87I3mi4TeuYPqdzgLObSN8vK6dtWSvjrPC13J8IA-0KOFbvYaMVJfn7yo2O9T82UFFgOGQ9nUAqNaBr7A9wIndOzx9C5NXhpnySKQLbTDlYSG9YL0KHfFeMzEoE7vAWgL4_1YDilQNIimUlb7pKudV0cpweT7B9WVQW9HjNHH_HOdYS5HUW2RtWpXEsFnh2Il3G5EoXj8UHIrzAWwvw8N3EIvPv2YtKtEVomsr2PHfGI_FpHq57GGIpdUvbwvUbmQ9PTK458btV6cTj44PwRGgVVcYpzZmmHO53BzAHUoD-ZzN0z6-5zT95dovDIuXYrXIBr6hsKFQo1cfxjR3okxZSpee_RCNT8Z-oB4XFHYY-Fd-nuWp-JTIi7PiNovLIhWlW7-zCKcpdx6-kgJ3kEM4GeNRdmccg9j25UPDhYfCle9yHsNzB9Bdh1hiiaTXragmsk-IOdTq-pAU4T3SVROAFbrzLzRnh-dc3mzAunWhCl-Fol2FoWAlaflGVogbBKxzV7zWmGZvR9gqHBguEFUZD2PY1iEjSMK1WLQzNzoDN18CQZI1-nQGUB4LQ1BxbbhlTWPNrM5vkDRe2zfDIm5Vz6trDy0UvW3WEqJRqzDlci5jLtxPORIUAFYBmo2Zstu-J3ZEfc-2HwB8SalB7f-envzXDxq9fzzmkKp-7hoorOMVfRFKNuKak8wEbo76jLqcG2VqURRIm30DqSKWl8RDaEjT_3uSYVyqNgu6xmQVnqZ_fdbsx9c51E9kbFQ2rv2ULO1YV4eDBNkMP6sumOn8f7RuL6TMhiRBOl6xDF7o-vdvNvjB_S9UHgCiJQRfgiYspJDOZHm2t7SenUhcF_KyzYa8GdBNxSpcw0OVbuakpTQ1Y1bQbYbgfQyucP92pkiWWD4YS-eDOixdj9W6fUNXeagoS83wiGkjnEZOlj9cP6IRBaHcXh4ll3HP-t9M1QHOLkTLs1MpqiE87P8_4CBsK05Q8PpSzZ0mHUlFjp3qYe_Zma5HziHQkC61-iSPI6s3gbRy3QcNRfSpfVwQggmj06q6oIHCbu95BIqmcZsYs_ipTwbZrxxXbpbflfTuxa8reVZEiOICGcwyQfTo8KX7zf8JQYGALKj0RnWzMmzVho3nkkgnhI1K0eObvCIK3GSWCynu_9yjC1uaHQYwl54OEMPOglBSVARUnhKy8MksevsFUUIcW_E1wvGE-pYOGJG9RPpx1fEfrT21pzxCgDRxf-PeSKXFp9c8k6iMnDNaWPCfIyzUb-hVWKFzR7CTr4RfNRc7JkJRVowW8wB7RV0Knm-CX8xdaAQuxmLBjTlegFxeV9habs3gI-vZXJb7caFT_MfgPsKeO9xaSrmurffo2PA3-y9cw7f2ORFIRZk-HBjrPuC_dG5n_Ap4Iptuh1vkn1hATRl4IzoiUivY-DdY2nngXTWi0b0suofll1k0-Cv9jrfltUj35iRIThrrH5Fbx9HHGALvEiWzwPEKSR1wIjIgIqCAOqjKOcsr61T2mMGgLvYhvAGyFuloqDy31f9dYlK2t01p5KVEINJ83Q2fHOhh8kKFgfIv6w-V-3Oql9geVHrn_zq69rCNNho8aDgbR0-4nDBEcHaTVc9XR6r4IqkXxidLyoPZLs_yr-mWsaoMFxlqOjmia_AfDJvMWtwWH13OQ0NJQqhqxond976m2UOtIawBrZKyDZk8tIWHv0hUzLNyXSwMLUHa2a4vy-p5AkAvkK8M3thr3r52sFERzyorV6KrVrU7dkjff_aNZq3GaFtC0o_khV7OyGAaK5xcDZOQDBypsd6Vk80zBvM1qbgTckrjh9-0Nk9M65aqjr9G5JPsUuaGAH7AiHJTWyGaaymAMwPdxDls-9SVu61AbkL5sd5j1f4kA7i2Td77bLxXjznGJ21uwhvokXp0EN5RPo5pP6NvlHCoZzBmLbZ2kB9ogbWNEkMr1UPluXAZnRfHcBv9WePHydGwMau2cDvXXvv6ECkyQSkNtcn68APOUDBriw562IZub93H9ENidSVb7_SRVU9M8QGFjTwH29I3FDoQB_TxAZYFAY4PzJf88gYcqbSV_caaDKuLM2K1F0JMHMGHBVYc4zYaralTuqtzkhuuvowaq-fig4A3Ka9aDCUXtibhh8T7yx8KpmUvZaiEvQi4KFbE6pDIsBnieJTNwMyVfDlYdrbNOqi0Uj6gELzgJzoImfaDmn4jZkgmS2W0XjZD5oKfpMXStxwhGOznN8Xjs_oXNeSjk47Ct91HHf1IhqmhO4FLNj8GUrN9y7-JmKsjLf1jyZJfdh4oySleaHIM0IpqKjjqi930QGj84omhI9OVnbMuqaE-bUnHJdRiownBgVggIabFTN5hi14v7UM2AKRCd-4LfvVNRGXRIRVAMPASbY0KQOHSYSrLKQ7XK_aPV6VbLUHTlmhbMoIY9ezzIv0h9VQvCSR_4xZI6wB2DsGHBkIanRlMLLkgmz24p_Ci6SwQyRvsZU1rYixGe3s87eJMOhM5_e3HfdIXOI9osNPei3uaYnGU8bKKwe2O7u2BZsadZ5lyRFKJeuULqRGj2Ug7lB1E7_zzWK5-X49kZeOWTtwojU6tSUlmanIYEU9Gir9H6NqfgTsGacnp11I3PxQ7qD6z6proa_LzeUgcGwpTCL2qWAevwoN9FnS2XE4E6GFomByrjEt4nf7jncDy8zXUogiNWztX23GtZeade9Us-d20RZntDVmKiOzvawY2y6xdVyrwZK5xkpH7B4DOhMsPNRM6suv5CZS78migLVd5m4qY3AsJrm8FYQ-b15Ar0URNpCGH9nqodQZOoqSinbtSgeS1Z1vKtWy9rBQylo0wtOtHprw0iMRDs5prEvxDI6ubYsQFPc5VMwWFHBxHDSfdeZEpCo_02aIGCjFOpNT2oJRufGdmXeJSyk24RhtismXVFHmTO9yu5U&cid=CAASJORoiJirsb36gl4zZNupPMKFuuqUrCbi_n8E-oKki0njs9UrAw&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 05 Jul 2022 02:39:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 97E6
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APQ2gQpsQ5Cgo5wLmxK0Pyv9WsI2pz1rPi8uGu2_VETx73FwTjwgJfsTdvY5Ndia7AjDb5h1kS3EqgP0y3VaDgAAVtL5hLGUlz58ORrWpD220mdIaKNkeErfBTU2GK--oKksIlkIKO4cHQc1tnJeaiib4lbw&dbm_d=AKAmf-AEaXYZMwSsDpOZaqzyamfn7mQmli3G38bPxMI3SK4TWrhbXp7RS90uAiKwSZj6I4Efytrm5dyYX1P6BhhKu2L8M9-ADeK570BV-_mJKTb5N9zc_cFTgVybdZLrIxaHdAFMD5HGSHH4ueOti7ZtyueT4-UZD6iqn3TKQgrxPz55UBReq2506ERLTHleV8Jz3Qa17MC3ddUGsbahlBw1AdxWLgt4Sw0vzMdduXIHoBu7m9h410zYc7Rsef95poWpRVwn-gflJixmrkjkZylyoKx8cIt3a9j_OCl96oEd-iS_B98pxKvhOlGXD1DhFYWcsXCqPmy5aAuLj96ATFDT0Q4hcXvJ419aTE7Aj_i8PoR-cfdfepFgoax7DgX3ZqZxCKaemjbl-nOqArS1gwAvxR4ceJVcxf4MUCavwP0hxCe6vePeQ9aIKEESMVFDruBbIlqpMVif6T7PuXFPJbdo63Ws9hokB3DIsnm9AvkyuCk3mf1fc0m9epsB7QZOSq4Z4USRHFDlBB8kIGLQe-bRaz_kliVqpuKphqsS6nmLkvd_lHfxwdGkFZVgcSpBT8BteJstQEfkDxkWsE0haSZg3aU1LEr5iEfM81q1JwPntG_IeBSe5o-t_u1KRL-TuxwGIqaD2qDSARXPtoc4e49tgwO2UYhLY9ujNtXcZ6-5C89XGPmYKDwleqYXy9pfE6mxs-aS1Vhy6Df1w_qg5AA4_X258IzmdzozFWGPeIYAKGIZLAMtm92iWn_daER0Zjc5RhG8LVcbUXYF2_H2whRGvEqFwLtK0riLvUyApvWqyr8tm7jPmFP87I3mi4TeuYPqdzgLObSN8vK6dtWSvjrPC13J8IA-0KOFbvYaMVJfn7yo2O9T82UFFgOGQ9nUAqNaBr7A9wIndOzx9C5NXhpnySKQLbTDlYSG9YL0KHfFeMzEoE7vAWgL4_1YDilQNIimUlb7pKudV0cpweT7B9WVQW9HjNHH_HOdYS5HUW2RtWpXEsFnh2Il3G5EoXj8UHIrzAWwvw8N3EIvPv2YtKtEVomsr2PHfGI_FpHq57GGIpdUvbwvUbmQ9PTK458btV6cTj44PwRGgVVcYpzZmmHO53BzAHUoD-ZzN0z6-5zT95dovDIuXYrXIBr6hsKFQo1cfxjR3okxZSpee_RCNT8Z-oB4XFHYY-Fd-nuWp-JTIi7PiNovLIhWlW7-zCKcpdx6-kgJ3kEM4GeNRdmccg9j25UPDhYfCle9yHsNzB9Bdh1hiiaTXragmsk-IOdTq-pAU4T3SVROAFbrzLzRnh-dc3mzAunWhCl-Fol2FoWAlaflGVogbBKxzV7zWmGZvR9gqHBguEFUZD2PY1iEjSMK1WLQzNzoDN18CQZI1-nQGUB4LQ1BxbbhlTWPNrM5vkDRe2zfDIm5Vz6trDy0UvW3WEqJRqzDlci5jLtxPORIUAFYBmo2Zstu-J3ZEfc-2HwB8SalB7f-envzXDxq9fzzmkKp-7hoorOMVfRFKNuKak8wEbo76jLqcG2VqURRIm30DqSKWl8RDaEjT_3uSYVyqNgu6xmQVnqZ_fdbsx9c51E9kbFQ2rv2ULO1YV4eDBNkMP6sumOn8f7RuL6TMhiRBOl6xDF7o-vdvNvjB_S9UHgCiJQRfgiYspJDOZHm2t7SenUhcF_KyzYa8GdBNxSpcw0OVbuakpTQ1Y1bQbYbgfQyucP92pkiWWD4YS-eDOixdj9W6fUNXeagoS83wiGkjnEZOlj9cP6IRBaHcXh4ll3HP-t9M1QHOLkTLs1MpqiE87P8_4CBsK05Q8PpSzZ0mHUlFjp3qYe_Zma5HziHQkC61-iSPI6s3gbRy3QcNRfSpfVwQggmj06q6oIHCbu95BIqmcZsYs_ipTwbZrxxXbpbflfTuxa8reVZEiOICGcwyQfTo8KX7zf8JQYGALKj0RnWzMmzVho3nkkgnhI1K0eObvCIK3GSWCynu_9yjC1uaHQYwl54OEMPOglBSVARUnhKy8MksevsFUUIcW_E1wvGE-pYOGJG9RPpx1fEfrT21pzxCgDRxf-PeSKXFp9c8k6iMnDNaWPCfIyzUb-hVWKFzR7CTr4RfNRc7JkJRVowW8wB7RV0Knm-CX8xdaAQuxmLBjTlegFxeV9habs3gI-vZXJb7caFT_MfgPsKeO9xaSrmurffo2PA3-y9cw7f2ORFIRZk-HBjrPuC_dG5n_Ap4Iptuh1vkn1hATRl4IzoiUivY-DdY2nngXTWi0b0suofll1k0-Cv9jrfltUj35iRIThrrH5Fbx9HHGALvEiWzwPEKSR1wIjIgIqCAOqjKOcsr61T2mMGgLvYhvAGyFuloqDy31f9dYlK2t01p5KVEINJ83Q2fHOhh8kKFgfIv6w-V-3Oql9geVHrn_zq69rCNNho8aDgbR0-4nDBEcHaTVc9XR6r4IqkXxidLyoPZLs_yr-mWsaoMFxlqOjmia_AfDJvMWtwWH13OQ0NJQqhqxond976m2UOtIawBrZKyDZk8tIWHv0hUzLNyXSwMLUHa2a4vy-p5AkAvkK8M3thr3r52sFERzyorV6KrVrU7dkjff_aNZq3GaFtC0o_khV7OyGAaK5xcDZOQDBypsd6Vk80zBvM1qbgTckrjh9-0Nk9M65aqjr9G5JPsUuaGAH7AiHJTWyGaaymAMwPdxDls-9SVu61AbkL5sd5j1f4kA7i2Td77bLxXjznGJ21uwhvokXp0EN5RPo5pP6NvlHCoZzBmLbZ2kB9ogbWNEkMr1UPluXAZnRfHcBv9WePHydGwMau2cDvXXvv6ECkyQSkNtcn68APOUDBriw562IZub93H9ENidSVb7_SRVU9M8QGFjTwH29I3FDoQB_TxAZYFAY4PzJf88gYcqbSV_caaDKuLM2K1F0JMHMGHBVYc4zYaralTuqtzkhuuvowaq-fig4A3Ka9aDCUXtibhh8T7yx8KpmUvZaiEvQi4KFbE6pDIsBnieJTNwMyVfDlYdrbNOqi0Uj6gELzgJzoImfaDmn4jZkgmS2W0XjZD5oKfpMXStxwhGOznN8Xjs_oXNeSjk47Ct91HHf1IhqmhO4FLNj8GUrN9y7-JmKsjLf1jyZJfdh4oySleaHIM0IpqKjjqi930QGj84omhI9OVnbMuqaE-bUnHJdRiownBgVggIabFTN5hi14v7UM2AKRCd-4LfvVNRGXRIRVAMPASbY0KQOHSYSrLKQ7XK_aPV6VbLUHTlmhbMoIY9ezzIv0h9VQvCSR_4xZI6wB2DsGHBkIanRlMLLkgmz24p_Ci6SwQyRvsZU1rYixGe3s87eJMOhM5_e3HfdIXOI9osNPei3uaYnGU8bKKwe2O7u2BZsadZ5lyRFKJeuULqRGj2Ug7lB1E7_zzWK5-X49kZeOWTtwojU6tSUlmanIYEU9Gir9H6NqfgTsGacnp11I3PxQ7qD6z6proa_LzeUgcGwpTCL2qWAevwoN9FnS2XE4E6GFomByrjEt4nf7jncDy8zXUogiNWztX23GtZeade9Us-d20RZntDVmKiOzvawY2y6xdVyrwZK5xkpH7B4DOhMsPNRM6suv5CZS78migLVd5m4qY3AsJrm8FYQ-b15Ar0URNpCGH9nqodQZOoqSinbtSgeS1Z1vKtWy9rBQylo0wtOtHprw0iMRDs5prEvxDI6ubYsQFPc5VMwWFHBxHDSfdeZEpCo_02aIGCjFOpNT2oJRufGdmXeJSyk24RhtismXVFHmTO9yu5U&cid=CAASJORoiJirsb36gl4zZNupPMKFuuqUrCbi_n8E-oKki0njs9UrAw&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 11:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53350
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Jul 2023 11:50:18 GMT
5347355815298298888
s0.2mdn.net/simgad/ Frame 97E6
602 KB
602 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/5347355815298298888
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18fea670d670246cb871f9c979342ea1934c586df53614fdf775a9e65e2e4518
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 11:13:59 GMT
x-content-type-options
nosniff
age
55529
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
616038
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 19:28:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 11:13:59 GMT
jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
pagead2.googlesyndication.com/bg/ Frame 476A
36 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 04:35:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
79462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13786
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Jul 2023 04:35:06 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame A5F5
0
104 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENRzFIkRbcy686mgewEMTvs&google_cver=1&google_push=ARnp8GB4WhduWt7lJ1u5NsLC23ZGTIEp_WiI-8_ntGioGDwJBgQPx8BFw6RzP3WSY6Nz1M13FQWWYLtR1k9dOpRLNGqqXbFgu1hm
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame A5F5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOsI8qeUdPb0dLQAVi_De_8&google_cver=1&google_push=ARnp8GCJR36Kp5LwnB5nxrlTKgazvExxxzAVHGCik3-WzSLbBv_UExu14cPQu9ccvV32U9oao4k-_rpIVRArzp3HV0SbO_C...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GCJR36Kp5LwnB5nxrlTKgazvExxxzAVHGCik3-WzSLbBv_UExu14cPQu9ccvV32U9oao4k-_rpIVRArzp3HV0SbO_CnK_y9IA&google_hm=NzcwNzQxMTM4MjQxMjMw...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GCJR36Kp5LwnB5nxrlTKgazvExxxzAVHGCik3-WzSLbBv_UExu14cPQu9ccvV32U9oao4k-_rpIVRArzp3HV0SbO_CnK_y9IA&google_hm=NzcwNzQxMTM4MjQxMjMwODU1NQ%3D%3D
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 05 Jul 2022 02:39:28 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GCJR36Kp5LwnB5nxrlTKgazvExxxzAVHGCik3-WzSLbBv_UExu14cPQu9ccvV32U9oao4k-_rpIVRArzp3HV0SbO_CnK_y9IA&google_hm=NzcwNzQxMTM4MjQxMjMwODU1NQ%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame A5F5
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELrZtr0YB5UWIe9bqNBLhIw&google_cver=1&google_push=ARnp8GBBAMIRwQLxDfd2JHrXLPSCLstjLDcjEPND-KVTcK5Mraq804-aTd0ZqTAywMf1D4yMWjL-CcWPbrcP2SEJW1eOvMB...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESELrZtr0YB5UWIe9bqNBLhIw&google_cver=1&google_push=ARnp8GBBAMIRwQLxDfd2JHrXLPSCLstjLDcjEPND-KVTcK5Mraq804-aTd0ZqTAywMf1D4yMWjL-CcWPbrcP2SEJW1eOv...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GBBAMIRwQLxDfd2JHrXLPSCLstjLDcjEPND-KVTcK5Mraq804-aTd0ZqTAywMf1D4yMWjL-CcWPbrcP2SEJW1eOvMBrJVJ_Sw
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GBBAMIRwQLxDfd2JHrXLPSCLstjLDcjEPND-KVTcK5Mraq804-aTd0ZqTAywMf1D4yMWjL-CcWPbrcP2SEJW1eOvMBrJVJ_Sw
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ARnp8GBBAMIRwQLxDfd2JHrXLPSCLstjLDcjEPND-KVTcK5Mraq804-aTd0ZqTAywMf1D4yMWjL-CcWPbrcP2SEJW1eOvMBrJVJ_Sw
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame A5F5
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBzn5KSStn88XUi8jWy3zCs&google_cver=1&google_push=ARnp8GBELrloVBTLtGWjms9QNtV1AUD7k4rIpouiaQREhhHsEVDaMiQ_mj964dKwHL9RjTLbwfXnZHsqf-FSEKNJM...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBzn5KSStn88XUi8jWy3zCs&google_cver=1&google_push=ARnp8GBELrloVBTLtGWjms9QNtV1AUD7k4rIpouiaQREhhHsEVDaMiQ_mj964dKwHL9RjTLbwfXnZHsqf-FSEKNJM...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GBELrloVBTLtGWjms9QNtV1AUD7k4rIpouiaQREhhHsEVDaMiQ_mj964dKwHL9RjTLbwfXnZHsqf-FSEKNJMb3vQZsP22CCTQ&google_hm=E7CfqGZHanM4f790Thm9...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GBELrloVBTLtGWjms9QNtV1AUD7k4rIpouiaQREhhHsEVDaMiQ_mj964dKwHL9RjTLbwfXnZHsqf-FSEKNJMb3vQZsP22CCTQ&google_hm=E7CfqGZHanM4f790Thm9zbEH
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 05 Jul 2022 02:39:28 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GBELrloVBTLtGWjms9QNtV1AUD7k4rIpouiaQREhhHsEVDaMiQ_mj964dKwHL9RjTLbwfXnZHsqf-FSEKNJMb3vQZsP22CCTQ&google_hm=E7CfqGZHanM4f790Thm9zbEH
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame A5F5
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIG_6j6cE2BNG-ZmP6u23zw&google_cver=1&google_push=ARnp8GDBNzRZnMTqr3hYCGkBE8ukxqzSWmBUIfXtCHl_RLmL0nBUETqi-w4RSKMJPmGCh2bBBspNOGSdZokL...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GDBNzRZnMTqr3hYCGkBE8ukxqzSWmBUIfXtCHl_RLmL0nBUETqi-w4RSKMJPmGCh2bBBspNOGSdZokLQXMNoch89XEruOsP0Q
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GDBNzRZnMTqr3hYCGkBE8ukxqzSWmBUIfXtCHl_RLmL0nBUETqi-w4RSKMJPmGCh2bBBspNOGSdZokLQXMNoch89XEruOsP0Q
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GDBNzRZnMTqr3hYCGkBE8ukxqzSWmBUIfXtCHl_RLmL0nBUETqi-w4RSKMJPmGCh2bBBspNOGSdZokLQXMNoch89XEruOsP0Q
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame A5F5
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEEorfVaZ3pxUrlCVnlG6Bt8&google_cver=1&google_push=ARnp8GAq9n2u6mMUYOTl2iUQrtP6JCiqowSp0iywhQlgZCMnYCeEowcG8c0sM9dxmHICpu6O7rrC5YXvQDOVsrxU1O4Ghe...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEorfVaZ3pxUrlCVnlG6Bt8&google_cver=1&google_push=ARnp8GAq9n2u6mMUYOTl2iUQrtP6JCiqowSp0iywhQlgZCMnYCeEowcG8c0sM9dxmHICpu6O7rrC5YXvQDOVsrxU...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cun3XEjIRfKZA8GnWb8a7A&google_push=ARnp8GAq9n2u6mMUYOTl2iUQrtP6JCiqowSp0iywhQlgZCMnYCeEowcG8c0sM9dxmHICpu6O7rrC5YXvQDOVsrx...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cun3XEjIRfKZA8GnWb8a7A&google_push=ARnp8GAq9n2u6mMUYOTl2iUQrtP6JCiqowSp0iywhQlgZCMnYCeEowcG8c0sM9dxmHICpu6O7rrC5YXvQDOVsrxU1O4Ghe6ktk-8iw
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cun3XEjIRfKZA8GnWb8a7A&google_push=ARnp8GAq9n2u6mMUYOTl2iUQrtP6JCiqowSp0iywhQlgZCMnYCeEowcG8c0sM9dxmHICpu6O7rrC5YXvQDOVsrxU1O4Ghe6ktk-8iw
date
Tue, 05 Jul 2022 02:39:28 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
attr
cm.g.doubleclick.net/pixel/ Frame A5F5
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kty4wLT8u2p0qzbvaNLd0N-fEg4df0N5XHp3hXS8HwfdYnQbaPxArj_rDhs5NRPg
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dt
dt.adsafeprotected.com/ Frame BB59
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=930701&asId=7c2cc259-6959-55cd-5e84-c825e2b2eac1&tv=%7Bc:hsnnJ4,time:800,type:e,env:%7Bgcd2:%7Bappl:0,cnst:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:800,n:394,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:356,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B51~1,1~0%5D,as:%5B52~160.600%5D%7D%7D,%7Bsl:o,t:394,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B406~0%5D,as:%5B406~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:taG00ii+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1b%7C1c%7C1d%7C1e*.930701%7C1e1%7C1e2%7C1e31%7C1e4%7C1f1%7C1f2%7C1g1%7C1h1,idMap:1e*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:1331:3de6:525d:5ddb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
truncated
/ Frame 3A4C
25 KB
25 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cec2ee8aca9d793478470efb93ecf9b897a597e196d970efaa101e0d18ce92c

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
application/octet-stream
jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
pagead2.googlesyndication.com/bg/ Frame 5D61
36 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 04:35:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
79462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13786
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Jul 2023 04:35:06 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F869
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
47596
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 13:26:12 GMT
etag
48472445140208031
expires
Tue, 05 Jul 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6B2B
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
53349
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 11:50:19 GMT
expires
Tue, 04 Jul 2023 11:50:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 97E6
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7108163c3afcc4ab95a0b543c485b8697129dc956a29e09103fdd9192b991496

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
pagead2.googlesyndication.com/bg/ Frame 988E
36 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 04:35:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
79462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13786
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Jul 2023 04:35:06 GMT
dt
dt.adsafeprotected.com/ Frame BB59
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=930701&asId=7c2cc259-6959-55cd-5e84-c825e2b2eac1&tv=%7Bc:hsnnLh,pingTime:-10,time:937,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC41MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1656988768439%7C%7Cc1ae0b40ae254805436f95d22ea15aba%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Cfece7f2a74b11459cafbd3dbc30a2299%7C%7C21dc8f330cf541a70a287689497e0150%7C%7C4e45422bf6aeae67a1f2063cff3b761f%7C%7Ca287d35c709679e5cd6db1f4b03e5474%7C%7C34333fd8491bf5da3d9c9e6749b6c7ea%7C%7C1629390669%7D
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:1331:3de6:525d:5ddb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
optad360.js
serving.stat-rock.com/player/
310 KB
98 KB
Script
General
Full URL
https://serving.stat-rock.com/player/optad360.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/e630b43e-4175-11e8-9881-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.101.135.227 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
ap7.adplayer.pro
Software
nginx /
Resource Hash
1e64b2e7bfaa97b035c4f71b1d3b62bdd9d51793c15d45aa2db501c0cbe9e6e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
content-encoding
gzip
last-modified
Fri, 01 Apr 2022 11:51:27 GMT
server
nginx
etag
W/"6246e73f-4d83b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
prebid
ib.adnxs.com/ut/v3/
146 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e1963b2e32967eb1f725a8d8e2856f4deb72895a289020b9f5b8e5b5bb6433a9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:28 GMT
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8ef682a7-a301-4b71-9fe2-c0af9fe17455
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
146
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/
0
499 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
openrtb
adx.adform.net/adx/ Frame
0
0
Preflight
General
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://subject.com.ua
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 05 Jul 2022 02:39:28 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame F869
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBFpuLTFe84pFu8u14058yg&google_cver=1&google_push=ARnp8GCtCyvpdu1rqdobou7uL6FGhjE8GAbKNKg5SwQdcWHpM4Hp72xqw0HAhgb3oVh2ljt4cpujt6DbSIb8zTOB...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JfWOOuzxRuuQceXhiI-T6g2&google_push=ARnp8GCtCyvpdu1rqdobou7uL6FGhjE8GAbKNKg5SwQdcWHpM4Hp72xqw0HAhgb3oVh2ljt4cpujt6DbSIb8zTOBKMimHBeUBSzrMQ
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JfWOOuzxRuuQceXhiI-T6g2&google_push=ARnp8GCtCyvpdu1rqdobou7uL6FGhjE8GAbKNKg5SwQdcWHpM4Hp72xqw0HAhgb3oVh2ljt4cpujt6DbSIb8zTOBKMimHBeUBSzrMQ
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 05 Jul 2022 02:39:28 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JfWOOuzxRuuQceXhiI-T6g2&google_push=ARnp8GCtCyvpdu1rqdobou7uL6FGhjE8GAbKNKg5SwQdcWHpM4Hp72xqw0HAhgb3oVh2ljt4cpujt6DbSIb8zTOBKMimHBeUBSzrMQ
x-host
tde-deliveryengine-production-865cd4f6bd-kqrb6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame F869
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEMRLDO8FkLZevjw5d-SFx-I&google_cver=1&google_push=ARnp8GBLtlNu5LX75ZS3j0p1BlhhsxFLwKsZXOHPr4Pg_NmEsmlEAHz-3S402TS0gsU4_mAPgHTRO2N95wjONk8pfg18lSoxidAFmg
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=NzlSWDl6bnpCTFNTSDJSZ1lhVERZZw%3D%3D&google_push=ARnp8GBLtlNu5LX75ZS3j0p1BlhhsxFLwKsZXOHPr4Pg_NmEsmlEAHz-3S402TS0gsU4_mAPgHTRO2N95wjON...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=NzlSWDl6bnpCTFNTSDJSZ1lhVERZZw%3D%3D&google_push=ARnp8GBLtlNu5LX75ZS3j0p1BlhhsxFLwKsZXOHPr4Pg_NmEsmlEAHz-3S402TS0gsU4_mAPgHTRO2N95wjONk8pfg18lSoxidAFmg
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=NzlSWDl6bnpCTFNTSDJSZ1lhVERZZw%3D%3D&google_push=ARnp8GBLtlNu5LX75ZS3j0p1BlhhsxFLwKsZXOHPr4Pg_NmEsmlEAHz-3S402TS0gsU4_mAPgHTRO2N95wjONk8pfg18lSoxidAFmg
date
Tue, 05 Jul 2022 02:39:29 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
245
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame F869
Redirect Chain
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEJ7mV9u-McCKm0RbHI4XHQw&google_cver=1&google_push=ARnp8GDqGCG7tLsYET6C8W5r5HWcTixwbD6PBY_9LYLYdaJn9uktvKvur39twVTA6l_Wm...
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=ARnp8GDqGCG7tLsYET6C8W5r5HWcTixwbD6PBY_9LYLYdaJn9uktvKvur39twVTA6l_WmWHQU6nPA4R8DlpCHAezIMTcvEULLoS9hg&google_hm=QWpZYTV2Q2FHN0RJYVNPM2...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=ARnp8GDqGCG7tLsYET6C8W5r5HWcTixwbD6PBY_9LYLYdaJn9uktvKvur39twVTA6l_WmWHQU6nPA4R8DlpCHAezIMTcvEULLoS9hg&google_hm=QWpZYTV2Q2FHN0RJYVNPM2hmYWlPVXc=
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=ARnp8GDqGCG7tLsYET6C8W5r5HWcTixwbD6PBY_9LYLYdaJn9uktvKvur39twVTA6l_WmWHQU6nPA4R8DlpCHAezIMTcvEULLoS9hg&google_hm=QWpZYTV2Q2FHN0RJYVNPM2hmYWlPVXc=
Date
Tue, 05 Jul 2022 02:39:28 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
dds
rtb.openx.net/sync/ Frame F869
43 B
351 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEDT3J6jvSTioRsLAW7erzsc&google_cver=1&google_push=ARnp8GAx65yxxbyLcL208VUozai8b3dVTZ7N7SQzk2MuM-oe64K75k6Ypz1UETOJMn33x4PYj__cv0sKpc8GaeNq1qFgn1hAlPWq
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:27 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
op05lhhlcrqt9vqob7qv0bf70pfqmpjf
pixel
cm.g.doubleclick.net/ Frame F869
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ct0ULQ62RsOkcvmY5EKolg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ct0ULQ62RsOkcvmY5EKolg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GC5LvQJoYa9gRWTV-bLAAGF4k_TwP0y6mN7FDfUjaelkfsj9LjWZ7LObCGHR3XsW9OltmPbXjLr7r_Sh4TeJR6P7hkeI_b2cA
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ct0ULQ62RsOkcvmY5EKolg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GC5LvQJoYa9gRWTV-bLAAGF4k_TwP0y6mN7FDfUjaelkfsj9LjWZ7LObCGHR3XsW9OltmPbXjLr7r_Sh4TeJR6P7hkeI_b2cA
date
Tue, 05 Jul 2022 02:39:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
sync
dsp.adkernel.com/ Frame F869
42 B
233 B
Image
General
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEGPNMk6_mKRd3U1vsCGB-Vs&google_cver=1&google_push=ARnp8GDTCSidOcNL5Jkw1uZHBryxw9XXWZNOMaXO1N3C_pTgb0AAid_j-A3PVe3ltP-1Khv9RoEG75GjosoBkr8yndSeTOR7q57QrA
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:28 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
sync
ssbsync.smartadserver.com/api/ Frame F869
0
75 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBOkVo7SNGpW4T2hjOcuxFk&google_cver=1&google_push=ARnp8GCNG7sJZJewKjx2kcqRqr0wvn7ecr9lbQdWw3W8LS_wJkt83DKCFXS2pG8VHJOTAx96mieQAdTxvOwkU-gef8ZKX5aSW9thxA
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.108 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:27 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame F869
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JA_gnuw9NCpIB7kb5FBlU256FeYaq64C2eZsbG9bgxNk3oTOsizVRr0ZgTD2JWEolSpjxj
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
pagead2.googlesyndication.com/bg/ Frame 6B2B
36 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 04:35:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
79462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13786
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Jul 2023 04:35:06 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7140
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuRhfiZp0SfZSUzQ2KAc2GkWJii0kzoB1mq3aLeFKrXLHIplcPexA9qX9rvGDbG_11FhJ7xMotsbrHC8AfMNnHs3IObQbExokSaPxuy6SM_SoH25WhrtPECLp21oSezsUmSLKp6XW-uVDh3xCNqpSG1sjMBMrRuo85hfNtiSkD7tJJcUINo5mnLbcPpcdFG6XsIddgG_PEBGkcHKzBLj09rHRW5yd38yL0Ghh40Y9bmQFxMqQH4-kEZ2xjtplp2wpywMLXmVlsrf2mzudSv2T-0zOAqEO5GkVJn4E466Ans_WntoTevpHqEnu6N1Thr-LRhB_5WpyO9AwNLZ3vgmsZPWzRFm98Z6QJVRVDI3lueqkuFfqcPq2E1NHgNLGnDVlHbxmIQoxw38EtLLMRHe7TuvlKlAcd_t1lTxogU_OKsUERbjJlOzJ8eT9fGio9U6ocnHGHF4trIMj4bCZzTpQXYaNrOcKLXz0KU_7VtJwHiR9CyITQ0Z5FqmlbcPF0ijT2DqbPpeN-9EeNY-u9Wm1Rm8yncFGJMbFR7JbJDs5s5zmntq0sNhCfL5zbAW2bPoVl9HVowI_Cd9FCM4w6PvtgBnRaM3ROJsvQTdB8nC_rHwjPELAwK8u69l8gaLmfthpOyQeALIX2cC4HG18xeA7qN6R596h1GNIdlvunYBc8RsO2TrnhdaaT4-lTIRgwfHliTEeeTZOJqXZ1NcDV43q8G1-6RFSIn8dsJ-ZLSTUnvbio0tWmcW3vzWHZ8A5Zz-maPrQrq-fmEYS0cby7jDfB-mFChlAv0P0KZupbBX99IN8WGqXcOc-fgQNISqOX1OUXHkopEa3VlkfkGc4jJjH_hYhFGU9sL6YOXj4l8_O1JnXviFfhE431gWMoOywnrAtfWo7lIGLwsbGyg_oCRqXIKCe5wMQtHHEqCw6qVPd_BdIS1rd55yIJzzor5F2sLXkaiKZ61QwUqVHUqrB5s3Ds4h-5a6Bu0P0sIHT7wKFbek0qGRoxGVGa3prh_fzUUXe_6puVljw3piX7psQigYIf17SIkT4sMIZLkwPUIMH6R2nkkTCdliLKTQUXwyWe88a9VBIaNEMfP39fxZ0VqFJmtyMU3jzJzgV7U1k4Patqc5edfsZSDQbMtDp0dueb230nQdmJCXXtiYGuyVFOC1ldXEZqD2faX2GUZpM0K0p0KD2dsdPIYEJ17HITix0Gr1ZISUty-I3BB_ABqe0d_UIHqeHciwWwtTk2tCGoBZQEkzVi-0rWMX9kVMw9oIERDTTnNiiZXjinSm6VPzX2midvrL9iQ3FNGknhadmvDmxHZzNbu&sai=AMfl-YRowU-qZoFTcb1a5LFTcXU16BXk2YdFmkDuhgM12iAJuK2IL7U82Ubjz91rZMb68vTkJxPL1IYO7U89jWR73D6YGE_Rs0tJxaMpGJ79v7RnwZUzOlrQaUBISl3dzRXHqlUmzpsgULD604GRKgLFbkz-7ssRBml5HIAC69fcvyq_vbWHHT5ccsY4Jkg-noN6q7HELcr_bYdwu8nEpozX5hsF5qlJSsxg7fFd94U3sviU954&sig=Cg0ArKJSzEsWja1xCwgrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=520&vt=11&dtpt=395&dett=3&cstd=124&cisv=r20220629.15032&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 02:39:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 97E6
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuYf_uEo_Lvqz90sct31-ZwXCCKUadgcbsOt-Q0CqmicbVKJPvofWG--23O-f-7Wh8ln650dz93T25EgfSKcHbo-YobtOGMxOHzP3D0oLVfjsSxxH9lA1KYzlRBAeULOXVoUMHDQpv0cPXR2-e4NYD_-JVhb_WTRTLPk4uqrMLNw2YKUQupRp35p23XBjn6msoZ1Ti-Z7OJpNDvFY6PN3NtcmGE2kASAxaKhMTIfMMPvl_uaumCnQdYwwCUG_rsfFatubccjWcJ-xpUytxANSUqVU2SOaXGp5qgujao_qdx6k6_dDjWpsaMGoTF9fjJvaiKWiz3jMJvhy8pAsyFIYvyzI8YxaIPsUTF_s0BxU1RRB_H7pDPIkr3vJKTcH4ePM7o80rxfvS3lmxV94DqYK-M1mnPzym93HvVZ3trMSsyl0ZQ8T-BsOcyiBJQkLyqZV1H2_OgV7EDw7Brq6vrl2sC7YjQT3jAD1rf60uRmU5f2LRUI8w-gNMmwXQjlvwF_1_Lz9bQJ7OdxGE35dw06-WLW8ezZ8ojpDwnL_Ar475FmzSyjRRUJEgWDzlONy1wFvJeY73ifYpz0UChkpkOr3ymub-OqOE_YH7n51VHCHbhVIUtVWXiBOzBQLeBdFfjZJVFXlMAexBFlQFo5Rt6CPpQrxoOkWr1gngG-RDvEX-c_t4wroOf5MKqJ5iV7VHwu7QUTiCK5ARKHv6EOiDqAEq_i7JZ8mJ-AoFE1dmM2lIjE00ZKH4qcCQD9zuf3PSf0TQ-tIU9eQ8kXGorKDL0sOA1tSpG8z5lUdniQh7Crh4CkgioTSyoUUfzT9C3nm8xngPblam79Yh7qvVa2fYSzWgrv7baaDUC0AePa4czkaXNzM6jTnnKL2Q9eenaO7h-pARJH5CcW9NEIqweQB0eiEvKMINL9VvDROTN3LmlJzdTdVW7dxNihab4Cg84ka7DxkhAeP0S23ISpvkA0s8V3pgmKQyVTyYUJaqrHtqD997MCAdYDKk-6nkTuPPnGxKp7La-F0m8BQM9uC-2WHaXmKU176rZXntNXM10fbm8xO4e3qRQj_BzVLkJEhiSQ2ij5qy3swv4fuXj4TQ3XrKvLXTGl9H0-44vqiUU1iDEVPXXoBtsEg-08ZVvlG8A8ipfpW9vpgVL7pFLUOp_FJZeFN8DaQbtb_ReDF_qbu7YZkKvEsy0NrMdilTGSZ82Q1Irfbr-RZgOpyhcSadWblBAXbt-Omx8L_nI40ZneBftDcZrNchpH-w0VjiPUqIDOpFmZpFoBgCK99INStHMJUj3weDqVw&sai=AMfl-YSXQ-FPWQKMylTBmu0--gICaeB2ZaBNUZAxdfjY6eaxCUYeQp9lCQTiVUh9859gR9ozf0PurvlmvQhUsdxDVVoXbGo8jfA2bf7pndoMvOJ4KD-KeUmzm3ZOTYKLfkvpaBfiWOckGuU1zUIAspYrny9-IO5PwWt5LE2bgy7xSVbrM8KNRCNXWQvCFYwN_WIv22FeN6_7fi-7NEFnEhlhJA&sig=Cg0ArKJSzEU-xjRbvD7NEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=346&vt=11&dtpt=345&dett=2&cstd=0&cisv=r20220629.34322&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APQ2gQpsQ5Cgo5wLmxK0Pyv9WsI2pz1rPi8uGu2_VETx73FwTjwgJfsTdvY5Ndia7AjDb5h1kS3EqgP0y3VaDgAAVtL5hLGUlz58ORrWpD220mdIaKNkeErfBTU2GK--oKksIlkIKO4cHQc1tnJeaiib4lbw&dbm_d=AKAmf-AEaXYZMwSsDpOZaqzyamfn7mQmli3G38bPxMI3SK4TWrhbXp7RS90uAiKwSZj6I4Efytrm5dyYX1P6BhhKu2L8M9-ADeK570BV-_mJKTb5N9zc_cFTgVybdZLrIxaHdAFMD5HGSHH4ueOti7ZtyueT4-UZD6iqn3TKQgrxPz55UBReq2506ERLTHleV8Jz3Qa17MC3ddUGsbahlBw1AdxWLgt4Sw0vzMdduXIHoBu7m9h410zYc7Rsef95poWpRVwn-gflJixmrkjkZylyoKx8cIt3a9j_OCl96oEd-iS_B98pxKvhOlGXD1DhFYWcsXCqPmy5aAuLj96ATFDT0Q4hcXvJ419aTE7Aj_i8PoR-cfdfepFgoax7DgX3ZqZxCKaemjbl-nOqArS1gwAvxR4ceJVcxf4MUCavwP0hxCe6vePeQ9aIKEESMVFDruBbIlqpMVif6T7PuXFPJbdo63Ws9hokB3DIsnm9AvkyuCk3mf1fc0m9epsB7QZOSq4Z4USRHFDlBB8kIGLQe-bRaz_kliVqpuKphqsS6nmLkvd_lHfxwdGkFZVgcSpBT8BteJstQEfkDxkWsE0haSZg3aU1LEr5iEfM81q1JwPntG_IeBSe5o-t_u1KRL-TuxwGIqaD2qDSARXPtoc4e49tgwO2UYhLY9ujNtXcZ6-5C89XGPmYKDwleqYXy9pfE6mxs-aS1Vhy6Df1w_qg5AA4_X258IzmdzozFWGPeIYAKGIZLAMtm92iWn_daER0Zjc5RhG8LVcbUXYF2_H2whRGvEqFwLtK0riLvUyApvWqyr8tm7jPmFP87I3mi4TeuYPqdzgLObSN8vK6dtWSvjrPC13J8IA-0KOFbvYaMVJfn7yo2O9T82UFFgOGQ9nUAqNaBr7A9wIndOzx9C5NXhpnySKQLbTDlYSG9YL0KHfFeMzEoE7vAWgL4_1YDilQNIimUlb7pKudV0cpweT7B9WVQW9HjNHH_HOdYS5HUW2RtWpXEsFnh2Il3G5EoXj8UHIrzAWwvw8N3EIvPv2YtKtEVomsr2PHfGI_FpHq57GGIpdUvbwvUbmQ9PTK458btV6cTj44PwRGgVVcYpzZmmHO53BzAHUoD-ZzN0z6-5zT95dovDIuXYrXIBr6hsKFQo1cfxjR3okxZSpee_RCNT8Z-oB4XFHYY-Fd-nuWp-JTIi7PiNovLIhWlW7-zCKcpdx6-kgJ3kEM4GeNRdmccg9j25UPDhYfCle9yHsNzB9Bdh1hiiaTXragmsk-IOdTq-pAU4T3SVROAFbrzLzRnh-dc3mzAunWhCl-Fol2FoWAlaflGVogbBKxzV7zWmGZvR9gqHBguEFUZD2PY1iEjSMK1WLQzNzoDN18CQZI1-nQGUB4LQ1BxbbhlTWPNrM5vkDRe2zfDIm5Vz6trDy0UvW3WEqJRqzDlci5jLtxPORIUAFYBmo2Zstu-J3ZEfc-2HwB8SalB7f-envzXDxq9fzzmkKp-7hoorOMVfRFKNuKak8wEbo76jLqcG2VqURRIm30DqSKWl8RDaEjT_3uSYVyqNgu6xmQVnqZ_fdbsx9c51E9kbFQ2rv2ULO1YV4eDBNkMP6sumOn8f7RuL6TMhiRBOl6xDF7o-vdvNvjB_S9UHgCiJQRfgiYspJDOZHm2t7SenUhcF_KyzYa8GdBNxSpcw0OVbuakpTQ1Y1bQbYbgfQyucP92pkiWWD4YS-eDOixdj9W6fUNXeagoS83wiGkjnEZOlj9cP6IRBaHcXh4ll3HP-t9M1QHOLkTLs1MpqiE87P8_4CBsK05Q8PpSzZ0mHUlFjp3qYe_Zma5HziHQkC61-iSPI6s3gbRy3QcNRfSpfVwQggmj06q6oIHCbu95BIqmcZsYs_ipTwbZrxxXbpbflfTuxa8reVZEiOICGcwyQfTo8KX7zf8JQYGALKj0RnWzMmzVho3nkkgnhI1K0eObvCIK3GSWCynu_9yjC1uaHQYwl54OEMPOglBSVARUnhKy8MksevsFUUIcW_E1wvGE-pYOGJG9RPpx1fEfrT21pzxCgDRxf-PeSKXFp9c8k6iMnDNaWPCfIyzUb-hVWKFzR7CTr4RfNRc7JkJRVowW8wB7RV0Knm-CX8xdaAQuxmLBjTlegFxeV9habs3gI-vZXJb7caFT_MfgPsKeO9xaSrmurffo2PA3-y9cw7f2ORFIRZk-HBjrPuC_dG5n_Ap4Iptuh1vkn1hATRl4IzoiUivY-DdY2nngXTWi0b0suofll1k0-Cv9jrfltUj35iRIThrrH5Fbx9HHGALvEiWzwPEKSR1wIjIgIqCAOqjKOcsr61T2mMGgLvYhvAGyFuloqDy31f9dYlK2t01p5KVEINJ83Q2fHOhh8kKFgfIv6w-V-3Oql9geVHrn_zq69rCNNho8aDgbR0-4nDBEcHaTVc9XR6r4IqkXxidLyoPZLs_yr-mWsaoMFxlqOjmia_AfDJvMWtwWH13OQ0NJQqhqxond976m2UOtIawBrZKyDZk8tIWHv0hUzLNyXSwMLUHa2a4vy-p5AkAvkK8M3thr3r52sFERzyorV6KrVrU7dkjff_aNZq3GaFtC0o_khV7OyGAaK5xcDZOQDBypsd6Vk80zBvM1qbgTckrjh9-0Nk9M65aqjr9G5JPsUuaGAH7AiHJTWyGaaymAMwPdxDls-9SVu61AbkL5sd5j1f4kA7i2Td77bLxXjznGJ21uwhvokXp0EN5RPo5pP6NvlHCoZzBmLbZ2kB9ogbWNEkMr1UPluXAZnRfHcBv9WePHydGwMau2cDvXXvv6ECkyQSkNtcn68APOUDBriw562IZub93H9ENidSVb7_SRVU9M8QGFjTwH29I3FDoQB_TxAZYFAY4PzJf88gYcqbSV_caaDKuLM2K1F0JMHMGHBVYc4zYaralTuqtzkhuuvowaq-fig4A3Ka9aDCUXtibhh8T7yx8KpmUvZaiEvQi4KFbE6pDIsBnieJTNwMyVfDlYdrbNOqi0Uj6gELzgJzoImfaDmn4jZkgmS2W0XjZD5oKfpMXStxwhGOznN8Xjs_oXNeSjk47Ct91HHf1IhqmhO4FLNj8GUrN9y7-JmKsjLf1jyZJfdh4oySleaHIM0IpqKjjqi930QGj84omhI9OVnbMuqaE-bUnHJdRiownBgVggIabFTN5hi14v7UM2AKRCd-4LfvVNRGXRIRVAMPASbY0KQOHSYSrLKQ7XK_aPV6VbLUHTlmhbMoIY9ezzIv0h9VQvCSR_4xZI6wB2DsGHBkIanRlMLLkgmz24p_Ci6SwQyRvsZU1rYixGe3s87eJMOhM5_e3HfdIXOI9osNPei3uaYnGU8bKKwe2O7u2BZsadZ5lyRFKJeuULqRGj2Ug7lB1E7_zzWK5-X49kZeOWTtwojU6tSUlmanIYEU9Gir9H6NqfgTsGacnp11I3PxQ7qD6z6proa_LzeUgcGwpTCL2qWAevwoN9FnS2XE4E6GFomByrjEt4nf7jncDy8zXUogiNWztX23GtZeade9Us-d20RZntDVmKiOzvawY2y6xdVyrwZK5xkpH7B4DOhMsPNRM6suv5CZS78migLVd5m4qY3AsJrm8FYQ-b15Ar0URNpCGH9nqodQZOoqSinbtSgeS1Z1vKtWy9rBQylo0wtOtHprw0iMRDs5prEvxDI6ubYsQFPc5VMwWFHBxHDSfdeZEpCo_02aIGCjFOpNT2oJRufGdmXeJSyk24RhtismXVFHmTO9yu5U&cid=CAASJORoiJirsb36gl4zZNupPMKFuuqUrCbi_n8E-oKki0njs9UrAw&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 02:39:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsubject.com.ua%2F&domain=subject.com.ua&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 05 Jul 2022 02:39:28 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1610
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsubject.com.ua%2F&domain=subject.com.ua&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=Y2LiJ3xyek5JeVVEQW44RHNBMEpVQkU0cjFlek5nZ1Vxb3poNE1ONFFySHJVaVJVNG5YS2k1d3E0ckEzYUlrR3cvUUEzYkdRWVdmQTh4RjhVbG5ZSjhCczNvR1ZiaGxPcWdQcmVnbnFGRXhJem4vZ2J4NjgvTGs2a2xsVy...
348 B
620 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=Y2LiJ3xyek5JeVVEQW44RHNBMEpVQkU0cjFlek5nZ1Vxb3poNE1ONFFySHJVaVJVNG5YS2k1d3E0ckEzYUlrR3cvUUEzYkdRWVdmQTh4RjhVbG5ZSjhCczNvR1ZiaGxPcWdQcmVnbnFGRXhJem4vZ2J4NjgvTGs2a2xsVy9XSjFEV3R4OEtpM1dGZzAybUJhYUNCcDJ0aTRTTzBmSWY3OHBXeGxwMlQyRjJUbU1RV0VDVFhnSlZLL2RUQjhDZVNTcjVXU2FaUGlJclNPUFcrTG91aDA4UmdtM3BnZENnbmpvM0MrL0V5Ums0aEd0SnowPXw&cppv=2
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e9888041e2a27f0cab4ecc709a22cb28996aaa1504e83d879afbec0c8b1ad50a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3281
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
location
https://mug.criteo.com/sid?cpp=Y2LiJ3xyek5JeVVEQW44RHNBMEpVQkU0cjFlek5nZ1Vxb3poNE1ONFFySHJVaVJVNG5YS2k1d3E0ckEzYUlrR3cvUUEzYkdRWVdmQTh4RjhVbG5ZSjhCczNvR1ZiaGxPcWdQcmVnbnFGRXhJem4vZ2J4NjgvTGs2a2xsVy9XSjFEV3R4OEtpM1dGZzAybUJhYUNCcDJ0aTRTTzBmSWY3OHBXeGxwMlQyRjJUbU1RV0VDVFhnSlZLL2RUQjhDZVNTcjVXU2FaUGlJclNPUFcrTG91aDA4UmdtM3BnZENnbmpvM0MrL0V5Ums0aEd0SnowPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1458
content-length
482
expires
0
rid
match.adsrvr.org/track/
63 B
389 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
54bf721536ae489bd3d0d2e84a76afb7b19650218c8b3c4e9648f260a4ee9e0d

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 05 Jul 2022 02:39:28 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://subject.com.ua
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 04 Aug 2022 02:39:29 GMT
apacdex
sync.quantumdex.io/usersync/ Frame DD55
3 KB
905 B
Document
General
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a5fd4b317139a2cde5a11d5d21b6ca4c19dd6ac246784995b57c9264abdee98

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
725cbafc6cc0888b-LHR
content-encoding
gzip
content-type
text/html
date
Tue, 05 Jul 2022 02:39:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
async_usersync.html
acdn.adnxs.com/dmp/ Frame 66AC
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-226.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 05 Jul 2022 02:39:28 GMT
ETag
"623de86a-cf34"
Expires
Wed, 06 Jul 2022 02:39:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
usersync
ssp.wp.pl/bidder/ Frame FDBA
477 B
410 B
Document
General
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Tue, 05 Jul 2022 02:39:28 GMT
last-modified
Mon, 27 Jun 2022 10:41:06 GMT
server
nginx
vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame 9359
1 KB
809 B
Document
General
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
725cbafc6cae7795-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 05 Jul 2022 02:39:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Wed, 06 Jul 2022 02:39:27 GMT
server
cloudflare
vary
Accept-Encoding
usersync
ssp.wp.pl/bidder/ Frame 648D
477 B
319 B
Document
General
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Tue, 05 Jul 2022 02:39:28 GMT
last-modified
Mon, 27 Jun 2022 10:41:06 GMT
server
nginx
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E4C4
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=21605
content-encoding
gzip
content-length
5549
content-type
text/html
date
Tue, 05 Jul 2022 02:39:28 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 05 Jul 2022 08:39:33 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
apacdex
sync.quantumdex.io/usersync/ Frame 3845
3 KB
904 B
Document
General
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dcc19a687ab2dc6db2b4f022a18c9428e4bdb903e695a5d54c1aad2984029f9

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
725cbafc6cbf888b-LHR
content-encoding
gzip
content-type
text/html
date
Tue, 05 Jul 2022 02:39:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
/
onetag-sys.com/usync/ Frame 5455
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1656988765783&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8607
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=21605
content-encoding
gzip
content-length
5549
content-type
text/html
date
Tue, 05 Jul 2022 02:39:28 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 05 Jul 2022 08:39:33 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
apacdex
sync.quantumdex.io/usersync/ Frame 7BD7
3 KB
1 KB
Document
General
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42b37d53e6a4c4600b32310d7d357b74c37058c1a21aac635bdee2aee021d46

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
725cbafc6cc1888b-LHR
content-encoding
gzip
content-type
text/html
date
Tue, 05 Jul 2022 02:39:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
/
onetag-sys.com/usync/ Frame 2BEC
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1656988765783&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
apacdex
sync.quantumdex.io/usersync/ Frame A4AE
3 KB
912 B
Document
General
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b2423966cb2c05af92cfb4f27e563a6b7c9e47bd510b6ef1fcd5c86a7a90a7d

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
725cbafc6cbc888b-LHR
content-encoding
gzip
content-type
text/html
date
Tue, 05 Jul 2022 02:39:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame 214A
1 KB
701 B
Document
General
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
725cbafc6caf7795-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 05 Jul 2022 02:39:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Wed, 06 Jul 2022 02:39:27 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame C228
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1656988765782&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
connectmyusers.php
cdn.connectad.io/ Frame 9715
1 KB
701 B
Document
General
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
725cbafc6cb27795-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 05 Jul 2022 02:39:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Wed, 06 Jul 2022 02:39:27 GMT
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A767
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=21605
content-encoding
gzip
content-length
5549
content-type
text/html
date
Tue, 05 Jul 2022 02:39:28 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 05 Jul 2022 08:39:33 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
async_usersync.html
acdn.adnxs.com/dmp/ Frame AF8A
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-226.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 05 Jul 2022 02:39:28 GMT
ETag
"623de86a-cf34"
Expires
Wed, 06 Jul 2022 02:39:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame EF85
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-226.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 05 Jul 2022 02:39:28 GMT
ETag
"623de86a-cf34"
Expires
Wed, 06 Jul 2022 02:39:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0C1E
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-226.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 05 Jul 2022 02:39:28 GMT
ETag
"623de86a-cf34"
Expires
Wed, 06 Jul 2022 02:39:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3BA6
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=21605
content-encoding
gzip
content-length
5549
content-type
text/html
date
Tue, 05 Jul 2022 02:39:28 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 05 Jul 2022 08:39:33 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
async_usersync.html
acdn.adnxs.com/dmp/ Frame BFCD
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-226.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 05 Jul 2022 02:39:28 GMT
ETag
"623de86a-cf34"
Expires
Wed, 06 Jul 2022 02:39:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame D6F7
1 KB
701 B
Document
General
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
725cbafc7cb77795-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 05 Jul 2022 02:39:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Wed, 06 Jul 2022 02:39:27 GMT
server
cloudflare
vary
Accept-Encoding
usersync
ssp.wp.pl/bidder/ Frame 8834
477 B
319 B
Document
General
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Tue, 05 Jul 2022 02:39:28 GMT
last-modified
Mon, 27 Jun 2022 10:41:06 GMT
server
nginx
vary
Accept-Encoding
usersync
ssp.wp.pl/bidder/ Frame 92BA
477 B
319 B
Document
General
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Tue, 05 Jul 2022 02:39:28 GMT
last-modified
Mon, 27 Jun 2022 10:41:06 GMT
server
nginx
vary
Accept-Encoding
usersync
ssp.wp.pl/bidder/ Frame 7249
477 B
319 B
Document
General
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Tue, 05 Jul 2022 02:39:28 GMT
last-modified
Mon, 27 Jun 2022 10:41:06 GMT
server
nginx
vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame 0B64
1 KB
701 B
Document
General
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
725cbafc7cbc7795-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 05 Jul 2022 02:39:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Wed, 06 Jul 2022 02:39:27 GMT
server
cloudflare
vary
Accept-Encoding
apacdex
sync.quantumdex.io/usersync/ Frame 2F64
3 KB
909 B
Document
General
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a807eae95f94ba3ce98774b366b04a066ba392cf9f9906ecd10d734077ac5c4

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
725cbafc7ccd888b-LHR
content-encoding
gzip
content-type
text/html
date
Tue, 05 Jul 2022 02:39:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F181
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.13.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=21605
content-encoding
gzip
content-length
5549
content-type
text/html
date
Tue, 05 Jul 2022 02:39:28 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 05 Jul 2022 08:39:33 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 476A
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_txUX6TDYvnjKZXr3gOu55uYBAAAAAA4AeAEAg&bg=!8fKl8rbNAAaLlKKnq5Q7ACkAdvg8WiyKvzFDcJMAFbrWUyqm1V8OlcytLDdVn6HycKOYj180EjMuVAIAAAEuUgAAAAJoAQcKALq6EN7wMxjyIALisu0h8MwOFXdosHjiamo1bt443dJl7uWe3uZVz7mFgTfFVbjSiVn-yTm_6YzIe8D4eoPWsdJdEnwOgrh7KpmiWGD7lXF-md5yK-NVNX-XMtscufwsoAt0HTxI85lmeZtZEwaOuJVRcCnV5uh4VmY4yAuyyr4R1KCUDjf1kKg2fEOMe3Kp_qjLQ0z5oznI6Otilw3E2TxVzNi6ECoLG0rFvE6OxMODMClpShvjxJ5-5OeZAt3h0USMi8_H4i8lFPNOiQq-xItub44bWiWk_YRIdhc4Ogp60ErZ8js6jFcBMGov3ede7IUSKkTexo-eaJHgi5Tc43o2qz4CZYkeVPVYCLSsr2AGHIAeULv60ECJJhjSs7XxKYuMdV3gVsyyLFaoX42ZRfpAu6gfn9pJyoa36fjJtvEVW-U4RP4oiRJty5XFEIpwA5OdJRufNDr5q13un_bQD9XQJfcxZnROfuXOzLA7FOOIkC1vC4C7uvZFOarOi7auyW5n5T-04MHpmcppjbjERgLwfycDUx513dqwzPwTu_DFWjF_kWsS5zHeAWQXlugRBlq3kA9ROwIuMyY4QvJlWJumIMOh8_MJaZGZp_kAO_W8T9P_Q4C4yXkqz2ZYe3jaALwhZIePJHbFkI_AHdyBmcKQwan8SU7SISxvNBp_3ImZdjtAjaCZc1FtYeBglhr1rD9U5_fbzKolKIKAOGDTMciVh9fMq2s2LKe-ea3zPA5MJrQfdceYZXn1xdph-QXDnz9GOfA6sZlf38hHu7NpGsIunEe8oKtk7b3LMJ3R8WzUJckGOes6IIakGe__ewJXjvW6rFOS63ELOFdGQQVnuzf9QIBDmD3AFvQJenkklOr3wUuh5MKwotVg3F2Q1-sDpYbZuIrqE6aAzo1aES56oR91A3fAGKaLWlzvIMFZCSwqGQa8AkjB-RjbSOX8Ka7Gj729-7tFoK6UXs6OUJn6Etj1xnpuYe_gTfOqnUTeGNi5dB1StBhr4MVoFXdYM6Fm9rjkifcwAuaY24OtGI310vkhm-pDnIVtM70FXo9u5bsD3sToG3Fj_qmpgfw3dsKcHU0T-sp4yr-PHGPsQdp4rs7mwVXnXeA1KvuXMbA6Ii-zUYqvXwTx7BjRpD8OZTkPg2FUcphYv3omqIsGG3FfSkM9xsGnS0wSkKGE9L-hzZBmwqKZomfrQ6zWzIBVyVQ4EsWRLVmvmzBIHrKy
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame FDBA
44 KB
16 KB
Script
General
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
806f20a10c504fd26c743dca9b1ec6e4967e5265e35d9358c7e0f78d96ff4377

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
content-encoding
br
last-modified
Mon, 04 Jul 2022 08:49:19 GMT
server
nginx
etag
W/"d1c215f0184e7ff23dc5bca2c21c869d"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame 648D
44 KB
16 KB
Script
General
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
806f20a10c504fd26c743dca9b1ec6e4967e5265e35d9358c7e0f78d96ff4377

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
content-encoding
br
last-modified
Mon, 04 Jul 2022 08:49:19 GMT
server
nginx
etag
W/"d1c215f0184e7ff23dc5bca2c21c869d"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame 7249
44 KB
16 KB
Script
General
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
806f20a10c504fd26c743dca9b1ec6e4967e5265e35d9358c7e0f78d96ff4377

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
content-encoding
br
last-modified
Mon, 04 Jul 2022 08:49:19 GMT
server
nginx
etag
W/"d1c215f0184e7ff23dc5bca2c21c869d"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame 8834
44 KB
16 KB
Script
General
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
806f20a10c504fd26c743dca9b1ec6e4967e5265e35d9358c7e0f78d96ff4377

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
content-encoding
br
last-modified
Mon, 04 Jul 2022 08:49:19 GMT
server
nginx
etag
W/"d1c215f0184e7ff23dc5bca2c21c869d"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame 92BA
44 KB
16 KB
Script
General
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
806f20a10c504fd26c743dca9b1ec6e4967e5265e35d9358c7e0f78d96ff4377

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
content-encoding
br
last-modified
Mon, 04 Jul 2022 08:49:19 GMT
server
nginx
etag
W/"d1c215f0184e7ff23dc5bca2c21c869d"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
setuid
sync.quantumdex.io/ Frame 7BD7
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO_jo6f_aTiz5yI-au1yqtO0eGAds-S1ZV2UfpAg
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO_jo6f_aTiz5yI-au1yqtO0eGAds-S1ZV2UfpAg
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbaff7f3c888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO_jo6f_aTiz5yI-au1yqtO0eGAds-S1ZV2UfpAg
date
Tue, 05 Jul 2022 02:39:29 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 7BD7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2532584436606599527
43 B
129 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2532584436606599527
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbafe6e57888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:28 GMT
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
469bce52-2ae2-423a-a7e6-c7362f4f7272
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2532584436606599527
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/FGMrCMMc/ Frame 7BD7
0
34 B
Image
General
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.215.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-215-198.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:28 GMT
setuid
sync.quantumdex.io/ Frame 7BD7
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=8ae455a9-7229-9123-9685-1ee443575a19
43 B
193 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=8ae455a9-7229-9123-9685-1ee443575a19
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbb01a961888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=8ae455a9-7229-9123-9685-1ee443575a19
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
/
s.ad.smaato.net/c/ Frame 7BD7
0
239 B
Image
General
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:28 GMT
via
1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
rsNys3gQZXfodGah4yvRAf64BRuPOuo8RU5xBtWcdZXcidSlGFEABA==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame 7BD7
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbaff6f34888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 05 Jul 2022 02:39:29 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Tue, 05 Jul 2022 02:39:29 GMT
setuid
sync.quantumdex.io/ Frame 7BD7
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E7CfqGZHanM4f790Thm9zbEH
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E7CfqGZHanM4f790Thm9zbEH
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbaff1eed888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Tue, 05 Jul 2022 02:39:29 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E7CfqGZHanM4f790Thm9zbEH
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame 7BD7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JNqVeaJE2uHNjY8ybdr71Y5boTZOVGYpbwIwhJI-~A
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JNqVeaJE2uHNjY8ybdr71Y5boTZOVGYpbwIwhJI-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbafe7e63888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JNqVeaJE2uHNjY8ybdr71Y5boTZOVGYpbwIwhJI-~A
date
Tue, 05 Jul 2022 02:39:28 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 7BD7
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=36dcdb41-47c7-52ba-acba-af7cce790b1d
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=36dcdb41-47c7-52ba-acba-af7cce790b1d
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbaffcf7d888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=36dcdb41-47c7-52ba-acba-af7cce790b1d
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame A4AE
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E7CfqGZHanM4f790Thm9zbEH
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E7CfqGZHanM4f790Thm9zbEH
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbafefed6888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Tue, 05 Jul 2022 02:39:29 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E7CfqGZHanM4f790Thm9zbEH
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame A4AE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JNqVeaJE2uHNjY8ybdr71Y5boTZOVGYpbwIwhJI-~A
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JNqVeaJE2uHNjY8ybdr71Y5boTZOVGYpbwIwhJI-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbafe7e60888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JNqVeaJE2uHNjY8ybdr71Y5boTZOVGYpbwIwhJI-~A
date
Tue, 05 Jul 2022 02:39:28 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame A4AE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2532584436606599527
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2532584436606599527
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbafe7e64888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:28 GMT
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e3284671-50bf-49fb-a732-9e78efcf1794
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2532584436606599527
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame A4AE
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=36dcdb41-47c7-52ba-acba-af7cce790b1d
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=36dcdb41-47c7-52ba-acba-af7cce790b1d
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbaffcf88888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=36dcdb41-47c7-52ba-acba-af7cce790b1d
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame A4AE
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO_jo6f_aTiz5yI-au1yqtO0eGAds-S1ZV2UfpAg
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO_jo6f_aTiz5yI-au1yqtO0eGAds-S1ZV2UfpAg
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbaff7f3f888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO_jo6f_aTiz5yI-au1yqtO0eGAds-S1ZV2UfpAg
date
Tue, 05 Jul 2022 02:39:29 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
v1
match.sharethrough.com/FGMrCMMc/ Frame A4AE
0
34 B
Image
General
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.215.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-215-198.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:28 GMT
setuid
sync.quantumdex.io/ Frame A4AE
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=74b5bf86-f463-d9ae-b057-9b012047cddd
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=74b5bf86-f463-d9ae-b057-9b012047cddd
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbb019955888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=74b5bf86-f463-d9ae-b057-9b012047cddd
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
/
s.ad.smaato.net/c/ Frame A4AE
0
240 B
Image
General
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:28 GMT
via
1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
fwDku0_ExWn-yZ2Eqz4Falqp7UXx2mR0HEo_zAnEdCk0dSXEPUP36w==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame A4AE
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbaff6f37888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 05 Jul 2022 02:39:29 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Tue, 05 Jul 2022 02:39:29 GMT
setuid
sync.quantumdex.io/ Frame DD55
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JNqVeaJE2uHNjY8ybdr71Y5boTZOVGYpbwIwhJI-~A
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JNqVeaJE2uHNjY8ybdr71Y5boTZOVGYpbwIwhJI-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbafe7e62888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JNqVeaJE2uHNjY8ybdr71Y5boTZOVGYpbwIwhJI-~A
date
Tue, 05 Jul 2022 02:39:28 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame DD55
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO_jo6f_aTiz5yI-au1yqtO0eGAds-S1ZV2UfpAg
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO_jo6f_aTiz5yI-au1yqtO0eGAds-S1ZV2UfpAg
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbaff7f46888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO_jo6f_aTiz5yI-au1yqtO0eGAds-S1ZV2UfpAg
date
Tue, 05 Jul 2022 02:39:29 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
v1
match.sharethrough.com/FGMrCMMc/ Frame DD55
0
34 B
Image
General
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.215.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-215-198.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:28 GMT
setuid
sync.quantumdex.io/ Frame DD55
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2532584436606599527
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2532584436606599527
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbafe7e65888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:28 GMT
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5d5f979c-d1ed-490a-9384-08673d792e2e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2532584436606599527
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame DD55
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=a0cab781-2034-0b67-5e6c-543e7a6995f6
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=a0cab781-2034-0b67-5e6c-543e7a6995f6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbb01a95f888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=a0cab781-2034-0b67-5e6c-543e7a6995f6
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame DD55
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbaff7f41888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 05 Jul 2022 02:39:29 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Tue, 05 Jul 2022 02:39:29 GMT
setuid
sync.quantumdex.io/ Frame DD55
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=36dcdb41-47c7-52ba-acba-af7cce790b1d
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=36dcdb41-47c7-52ba-acba-af7cce790b1d
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbaffcf82888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=36dcdb41-47c7-52ba-acba-af7cce790b1d
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
/
s.ad.smaato.net/c/ Frame DD55
0
239 B
Image
General
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:28 GMT
via
1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
mmz6CXxH68xUJJcMEVcnRdC0dThk__Sv2YLdYW_H2rvd5TqclDBdNA==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame DD55
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E7CfqGZHanM4f790Thm9zbEH
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E7CfqGZHanM4f790Thm9zbEH
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbaff2ef1888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Tue, 05 Jul 2022 02:39:29 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E7CfqGZHanM4f790Thm9zbEH
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
1
sync-eu.connectad.io/syncer/ Frame 901F
0
0
Document
General
Full URL
https://sync-eu.connectad.io/syncer/1
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
725cbafe5ddd7795-LHR
date
Tue, 05 Jul 2022 02:39:29 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google
pbsync
usermatch.targeting.unrulymedia.com/ Frame F7E6
0
0
Document
General
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 Beverwijk, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
server
Tengine
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 83AC
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=21605
content-encoding
gzip
content-length
5549
content-type
text/html
date
Tue, 05 Jul 2022 02:39:28 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 05 Jul 2022 08:39:33 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
usermatch
ssum-sec.casalemedia.com/ Frame 5743
1 KB
2 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb829740f5144dc6316965aabd9d9eb695fea80a3f7ff3dece65a325ebd5a4bf

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
725cbafebd5c71e1-LHR
content-encoding
br
content-type
text/html
date
Tue, 05 Jul 2022 02:39:29 GMT
dropped-udsids
130|65|64|41|57|111|190|73
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mo1Ky2jKvno39q%2Fdbc7SVoVRNG1fUSStZke8AbNDnLgs6IbkA4bIe8%2FZZ8oBrDsIYn3wy2nAXmoeBQr8eexxkMfYEyLG2O1RukSm%2F2F888dNEYQ1Jyt3UDhvugFFnOO8bj5TkK%2B0f0G%2B9A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
/
onetag-sys.com/usync/ Frame 6EA4
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
gen_204
pagead2.googlesyndication.com/pagead/ Frame 988E
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bzm-CX6TDYva8Nc6S7_UPxp-M2A0AAAAAOAHgBAI&bg=!fn2lfTnNAAaLlKKnq5Q7ACkAdvg8WpGPCw2M-lLlOoUtvDCT2-7SQj6Wh6-1pmzxEIBf0YyV8cHBwgIAAAFcUgAAAAJoAQcKAAyfpMNUjS5cz58AA96ZAuSauYTBTFzuSJjzPAVq-Yk2QeiG01BUpa-n7DcQTFkm1Kwv1KqUQCEGaiuqAOAXgisnd5f5GanAHwYVQLJWBvDGDl5x-RsjhgFHOiXDn2N3luWWpgKr-8t4DcW4KFNX_aMjhAjOzOC-aYGdKcLArRS6GC94cC7g-i5ak2fHti9aqGMIIHPg2SGbV1B5zXMHfuggQMOu1oObFt3FKSPZ8Ats8YnvI6sWTI38CtskAMKFQduKU_v_WT-aUftU_rIPJD4BvQp7fWa6peYDMTeRIicdTG6wbGLaLOv6cV5Hb7kJCLdP_4uW7fiKm5pGfOXszFZAHzFCXLMvSZxRvOUnNV8zR1rdwH56AGnV2DE5COdd1C9BTwPuq8LtNJm44NURvSBugzndfbWxjpCUYQP_LcqZmdv4cBIJ0YrBY8eqGYbFoWZCgTMOq8PwQzqLvprpm20i11zinxNRvJ-NELm4MAUzX-WfubJdAqi3LLXU4DAs9agAegcDpRBlDI9U_DFxeI75m7FRS1gWIP4u5RilaGK8ltlpY7F4RUxFMTBzLFdDIVSskHeb_sYnPxiU6xqqr0bBqk3eOOo_RYA8DMbWLyKKNIwIr0fbJ777e_CNPda4Ia5tvN-xEGxADwi09PS7a_4TijeTBlL9AR2AKrU2NugF3UQ1OpnOWf-RSB1uQuJAXN2BoT3ciViduLBWqtI78k0Kwm7-Tg8XaAXzvUPbMUde-k5YofqxqY68iELg5k47E2sl7meN2_qo0QYI8aiHCODcdFilQQ34-Gjr_BNEwB6dRkjcrpOhEjadiEXQ0OgEawc_A_DL-SC3KTmXcOnm6Cu0rKPmcNh8PFlR3lv2cnvOjpQAmCLiY6ETNTDuATjXR8pvMzCktdaxujmrVo0H00g3kWCH_W1yW2jCmtpf54AOxBs1TVMSBX6ZqWocI7_grGMFATorSRkr90DrgBvc1lu7S8UOtCgQjdQkb0nC9UKelCoJYw
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/usync/ Frame 6AFC
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pbsync
usermatch.targeting.unrulymedia.com/ Frame B361
0
0
Document
General
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 Beverwijk, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
server
Tengine
usermatch
ssum-sec.casalemedia.com/ Frame 82D4
1 KB
2 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e9a215d72b5105fc59f0aa58bf802509b7c0d004e16e11c1d8698abe246b193

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
725cbafebd5d71e1-LHR
content-encoding
br
content-type
text/html
date
Tue, 05 Jul 2022 02:39:29 GMT
dropped-udsids
230|39|241|46|81|111|51|17
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KyblHkaexmSRjIgJlSUlFhx0bMOUosFcNxvrDnbmkpDYWrZG%2FK2%2FGehcVKycebVCSYAGzdd1Ggot6gxk9s%2FRDwopfVqFkGNEmLjUA5jm7Q%2F8e1ADUmW0dU4QmKoJtX%2BTHvWwKQZVD%2Bw1A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A7EB
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=21604
content-encoding
gzip
content-length
5549
content-type
text/html
date
Tue, 05 Jul 2022 02:39:29 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 05 Jul 2022 08:39:33 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
pbsync
usermatch.targeting.unrulymedia.com/ Frame 6528
0
0
Document
General
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 Beverwijk, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
server
Tengine
usermatch
ssum-sec.casalemedia.com/ Frame D649
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af76c748f675285a305ca6d94d1ceb6773dc7b58b16c7be230a110a50f0f65a3

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
725cbafebd5e71e1-LHR
content-encoding
br
content-type
text/html
date
Tue, 05 Jul 2022 02:39:29 GMT
dropped-udsids
73|206|4|3|105|51|230|90
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWE1NXuHDoNPNiVf%2FgHEduLs3ucN2h2nQPti4bgff0XNLG6na%2F1AIwXsbjxncN5fKBJykkez7rP%2FUW80s7F62okiRSiq1UjiQrMtsY1plw8vCO224Ub4l5iRjuXmF91lrX1DubAIP2yPpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
/
onetag-sys.com/usync/ Frame EAB1
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 25B8
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=21604
content-encoding
gzip
content-length
5549
content-type
text/html
date
Tue, 05 Jul 2022 02:39:29 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 05 Jul 2022 08:39:33 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
48
r5---sn-aigl6n7z.c.2mdn.net/videoplayback/id/bec5cba177d59779/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3755281257/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mi...
25 KB
25 KB
Media
General
Full URL
https://r5---sn-aigl6n7z.c.2mdn.net/videoplayback/id/bec5cba177d59779/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3755281257/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4AF68655622CFBD6EE71DC7E0F59F5518E6F0D9D.28DD7AF2FD1ED1BDAA0F05A62BA328F7A3C95ACC/key/cms1/cms_redirect/yes/mh/RR/mip/2a02:8c8:c10:30::15/mm/42/mn/sn-aigl6n7z/ms/onc/mt/1656987561/mv/u/mvi/5/pl/48?cpn=CJEGnZZ50Uw6gsTB&file=file.webm
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401f:3::b , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
a9bbd2a6bef97cea6bef5814fc9762f4ec9be1e58c4c8073c5cc6fc07a947fb8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://subject.com.ua/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=2392064-

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
x-content-type-options
nosniff
last-modified
Sat, 16 Jan 2021 21:40:54 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
Content-Range
bytes 2392064-2417520/2417521
client-protocol
quic
cache-control
private, max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
25457
expires
Tue, 05 Jul 2022 02:39:29 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 013C
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CmYUeX6TDYoPUJeeO9u8PvPiQ8A6k0e-UavS_4IDBDc_7kOPXAhABIOXxnH5gu76ug9AKoAHIx7XyAsgBBagDAcgDE5gEAKoEugJP0EJGXk0UkrsqEbOsLUrcOofDR1cut9iwwBxQxrf-N7QGotYP5LGIOJmMzAqqchPc3Hn6GVBYoWR01Pep1jQ1vkuPB_Gs0SefyiLEn-DToMuJc1np2RyUJrddYaIQ5z_FMZ_QT61qxfu1vvYtkRmi3sBfPSIWcH-jMZ8WJR_aO7tHpZx_fECO0sgpmsf9KcunNEvJWAVXWzZ0QoZuut0-MdvGgG5q6aT92rCjlriD8JYDO3oAq3QEtrJNJmMWbCNSKp2IcXW9-BdmHrNyLONtaXslIg4fmmFqep-lv5Up8wRPdBZ0BsgKDrquVZlOR8HTbxI6EVEA6_yQxuAPBEL5J-zlMx-Hy9Wfr6PDTMpP0wbEhoR0-d7OkjGPciza7JPZ5Pcd5L2gpOnVBbMZiSo8Yg27v1l6zyHbNMAEsdT7kLwD4AQDkAYBoAZOgAeguMqNAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTE4NDc5MzQ2NzYzOTAwODeACgOYCwHICwGADAGwE5GLwwrQEwDYEwyIFALYFAHQFQH4FgGAFwE&sigh=gtEwlar98PU&label=video_ad_loaded&sdkv=h.3.520.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0OTIxMTU2NzAzODNAtAIKbggBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODcwMDM5OTIyCTE0NDczNjUzOEDdAVIzCPkGEBIlAACIQSgBOgsxNDQ3MzY1MzgtMUIER0RDTVAAWhBDSkVHblpaNTBVdzZnc1RCGAE.
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3317
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUBs1kJUJb2kU3KE0uIrszoENeFEm8JQH5gN5H_cT64lgkbr7yHBEitRf2-qZ-lASm4Kr97qg6YwlJDwKQAiMwsL2XLGUgyF7EGb_fjkciIGPbXJ9O8pbO8w&sai=AMfl-YRm4KIzYbnVYGjDcfB6zA9Qa0_Jnp0-rQtDyfShK_HAOt7CYNvoWkdpf-9Ytnzu8uO-H7DsL43XFX6B3fNCgKRlfhJ8kiXr-MnFuruuF0XkVcfNoRYabH-IglU&sig=Cg0ArKJSzH0BMXDxQJNGEAE&cid=CAASJORoncyYFTNq5ExaK0ZsqEC5LXBIqgs03qYQPjT_16xmbCWnPA&id=lidar2&mcvt=1010&p=23,315,273,1285&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1300255713&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656988767538&rpt=373&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 013C
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.520.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
584449
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 08:18:39 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 013C
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 013C
0
27 B
Image
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuzV8geXC-rJhwf5lVzNiIcDTfCSXJnECqOsooAtHBBTVbRACR8WDgEMMqz_UyxWS0pN0orQk5iba9tBRT5588xLn5VVYOtfPzjMW4va4qy9unOJVmSGbBZ444nwOwszzqH_sMx7mmSjPcE0hoyW_uaNvHqIHl8L-meVTYJh62xUarORaEmyj8ApFKawwtu-Yx_-r2Jm460TMH_1WM2kCTiEkIP9__xZjlFNnbO6gMsX00HzA8ECWDpSb8U0lfoo5Ruw11zS45Fnz3qINwRgZ5UgADL2hc8UBByFV0weUc1ZxLGPehsVYYwcUbTMB2Q7RWsqJq7o9ciLGmJwo3dI155P0rmLJveA4kgDIvtbQskfv3_SMIKWZUEqI5leXEngRZsbNb7IWXa-DSNO7EreatWmjgqti1-sTQMbvxy-G8I72GTHxxCIMbq9kJjNdGRZWu3LIDUY7DS-aVyYE4MTDvhOm-FTq6lJ_QYAvY04yNrXdL70XICvxZ7xfQdt8-ROPAXeenQW4P2PE7F0E6ju9u_qYDUFMGDr3H0fa-am2ccdCwBGsUx8-SMHyK0LgnSFqmKRb9-haX_0QMkaqgnmJF9pluyBSvlJz14Jm-KV9Ao34lypuph7lBDkZTceMePEYfoPhvhHsuCz5Ncgyh1l3m_mtIMET_pCKgSBofRB1QplsEEwi9ub2Xgm5Aww9t8H7XblslwXc_MwjF_tsl0zywi1vOsH_jzJPugLrpbvRLdUqT1uXEnyuDfnHGCu0bTFCeL3imfahxzBMdgppVIGxf6rN9SGfYbMv2aAYrpzKPHDvJtl7HhQOXbbDFfELuj0r9JOiZlbByc-yTaZPffjBQyNFUZiFEBokS6ZVPxFvFvwRddfn9UJbGKq9shgLL-rS9PQ6XDG9mshRWRhSXkj0rSdzFH-0xXF5t69DBQtLvS0s-U-FniRN4G5YJN3GcudahdvlgFswq5dC7OuetaEBnvkMMcy6gMKLRcpsI09qZfrRhnhfxDgGzAm4HUMrYSnNezZknBRA5ZAYqpw4ZqC96JKcNHpQxozxxhJamLQnGmVYHmIULj2rCwq5VZlMIgkTnQoFzkKfOQLm5hCeCw7V5WzdkFcnv34W5yZNz9ONFWbcLOb26ycZbkUdm3JZERzXDw7u4dF8xLy7ZkSQ0L78Dzhs8iidvmi8VIH3yNVStkA5zAUHH3rbkMYR_jbyAtjvruvuVj0eexj2yPKWART9Hh5y_B0i8xeDegZ9ib71Z3q5AJdChk25STXkNVfyzAChEvn0KlslV3zs-q57OmWKPIC_2hkP18Oe7UekF9gdjL_PyglJvlXBg9mO97XNnczr4p1V2q9l3cmGmkWCOBbaAf8yWE12o9PIajIayN24GA8Fan&sai=AMfl-YRAUk5C4wFO4Uj2K7U6hoKOZdAFyI8CtR-Mj4o1MZHqJ0LY1d8WZZOzz64MkbC3_UIMm-g7iMOQYmU2P5rAJfM1D-eYkcp432ey3MpiDkcXxXrx-3mA0ve3_iCkZlJQe-FTPdXz-T9m7m6kA0_QPXNMSm3BY8Xge5xZ-3peDapFXICAu1oGsHysY9-GhWtpZ5WDXErQXwSG-ncez6CErQ&sig=Cg0ArKJSzIcmB783khSeEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.520.0&adurl=
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 05 Jul 2022 02:39:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
googleads.g.doubleclick.net/xbbe/ Frame 013C
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARimj6qbASABMAE&v=APEucNVk_bq3n0awRuJB4UDUXNRRimblC90xHfhRYqPLSmNvTW6inm06fGpzvZltSA6PqEyV6sTcu5RKz2ZE2t4FH3aBfb60MQ
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

/
googleads.g.doubleclick.net/pagead/interaction/ Frame 013C
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CmYUeX6TDYoPUJeeO9u8PvPiQ8A6k0e-UavS_4IDBDc_7kOPXAhABIOXxnH5gu76ug9AKoAHIx7XyAsgBBagDAcgDE5gEAKoEugJP0EJGXk0UkrsqEbOsLUrcOofDR1cut9iwwBxQxrf-N7QGotYP5LGIOJmMzAqqchPc3Hn6GVBYoWR01Pep1jQ1vkuPB_Gs0SefyiLEn-DToMuJc1np2RyUJrddYaIQ5z_FMZ_QT61qxfu1vvYtkRmi3sBfPSIWcH-jMZ8WJR_aO7tHpZx_fECO0sgpmsf9KcunNEvJWAVXWzZ0QoZuut0-MdvGgG5q6aT92rCjlriD8JYDO3oAq3QEtrJNJmMWbCNSKp2IcXW9-BdmHrNyLONtaXslIg4fmmFqep-lv5Up8wRPdBZ0BsgKDrquVZlOR8HTbxI6EVEA6_yQxuAPBEL5J-zlMx-Hy9Wfr6PDTMpP0wbEhoR0-d7OkjGPciza7JPZ5Pcd5L2gpOnVBbMZiSo8Yg27v1l6zyHbNMAEsdT7kLwD4AQDkAYBoAZOgAeguMqNAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTE4NDc5MzQ2NzYzOTAwODeACgOYCwHICwGADAGwE5GLwwrQEwDYEwyIFALYFAHQFQH4FgGAFwE&sigh=gtEwlar98PU&label=vast_creativeview&ad_mt=0&acvw=sv%3D929%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D309,404,759,1204%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D17857%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1872%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D589252412%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1656988765535%26ptlt%3D1656988768949%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.18%26t%3D1656988768240&sdkv=h.3.520.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0OTIxMTU2NzAzODNAtAIKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODcwMDM5OTIyCTE0NDczNjUzOEDdAVI2CPkGEBIlAACIQSgBOgsxNDQ3MzY1MzgtMUIER0RDTUi7BVAAWhBDSkVHblpaNTBVdzZnc1RCGAE.
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIysaul9zg-AIVhahRCh1wfAalEAAYACCagoJFQhMIw_-Pl9zg-AIVZ4f9Bx08PATu;met=1;acvw=sv%3D929%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D309,404,759,1204%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26...
ade.googlesyndication.com/ddm/activity/ Frame 013C
42 B
107 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIysaul9zg-AIVhahRCh1wfAalEAAYACCagoJFQhMIw_-Pl9zg-AIVZ4f9Bx08PATu;met=1;acvw=sv%3D929%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D309,404,759,1204%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D17857%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1872%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D589252412%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1656988765535%26ptlt%3D1656988768950%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1656988768240;ecn1=1;etm1=0;eid1=200101;
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 013C
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4GTxmHUFU0ft6FKOaWDMliPPIEu0rbgay4rpp3zCl10F7vPo2Dt97XCGVIS7Nh9Ok6-ikgxeAxr9spchl7vBSmscAkRF_rONWjzr8WjkEaj24FjY8RFDK-VeqHiimXUV7M54&sai=AMfl-YRGZ6_cWsjJeoTdhzyGaI-XqWw6VuV_aRck8psoFTOX19s_oP3xGmHwHeb7qPZLbzd_yhpcGj0I0h5QIXKLHtY3w0SXAnG8psegvL-wrLa8ycf3rUKMX7sYi0E&sig=Cg0ArKJSzO4CmA6A1BhnEAE&cid=CAASJORo9kByNQxC3l5deFp943djSotQTE4ScrEOU0uZf4_28dkoag&id=lidarv&acvw=sv%3D929%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D309,404,759,1204%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D17857%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1872%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D589252412%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1656988765535%26ptlt%3D1656988768950%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1656988768240&avm=1
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIysaul9zg-AIVhahRCh1wfAalEAAYACCagoJFQhMIw_-Pl9zg-AIVZ4f9Bx08PATu;met=1;acvw=sv%3D929%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D309,404,759,1204%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26a...
ade.googlesyndication.com/ddm/activity/ Frame 013C
42 B
107 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIysaul9zg-AIVhahRCh1wfAalEAAYACCagoJFQhMIw_-Pl9zg-AIVZ4f9Bx08PATu;met=1;acvw=sv%3D929%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D309,404,759,1204%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D17857%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1872%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D589252412%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1656988765535%26ptlt%3D1656988768951%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1656988768240;dc_rfl=0,https%253A%252F%252Fsubject.com.ua%252F%240;ecn1=1;etm1=0;eid1=11;
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 013C
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CmYUeX6TDYoPUJeeO9u8PvPiQ8A6k0e-UavS_4IDBDc_7kOPXAhABIOXxnH5gu76ug9AKoAHIx7XyAsgBBagDAcgDE5gEAKoEugJP0EJGXk0UkrsqEbOsLUrcOofDR1cut9iwwBxQxrf-N7QGotYP5LGIOJmMzAqqchPc3Hn6GVBYoWR01Pep1jQ1vkuPB_Gs0SefyiLEn-DToMuJc1np2RyUJrddYaIQ5z_FMZ_QT61qxfu1vvYtkRmi3sBfPSIWcH-jMZ8WJR_aO7tHpZx_fECO0sgpmsf9KcunNEvJWAVXWzZ0QoZuut0-MdvGgG5q6aT92rCjlriD8JYDO3oAq3QEtrJNJmMWbCNSKp2IcXW9-BdmHrNyLONtaXslIg4fmmFqep-lv5Up8wRPdBZ0BsgKDrquVZlOR8HTbxI6EVEA6_yQxuAPBEL5J-zlMx-Hy9Wfr6PDTMpP0wbEhoR0-d7OkjGPciza7JPZ5Pcd5L2gpOnVBbMZiSo8Yg27v1l6zyHbNMAEsdT7kLwD4AQDkAYBoAZOgAeguMqNAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTE4NDc5MzQ2NzYzOTAwODeACgOYCwHICwGADAGwE5GLwwrQEwDYEwyIFALYFAHQFQH4FgGAFwE&sigh=gtEwlar98PU&label=part2viewed&ad_mt=0&acvw=sv%3D929%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D309,404,759,1204%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D17857%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1872%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D589252412%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1656988765535%26ptlt%3D1656988768951%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1656988768240&sdkv=h.3.520.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0OTIxMTU2NzAzODNAtAIKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODcwMDM5OTIyCTE0NDczNjUzOEDdAVI2CPkGEBIlAACIQSgBOgsxNDQ3MzY1MzgtMUIER0RDTUi7BVAAWhBDSkVHblpaNTBVdzZnc1RCGAE.
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIysaul9zg-AIVhahRCh1wfAalEAAYACCagoJFQhMIw_-Pl9zg-AIVZ4f9Bx08PATu;met=1;acvw=sv%3D929%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D309,404,759,1204%26tos%3D15,0,0,0,0%26mtos%3D15,15,15,15...
ade.googlesyndication.com/ddm/activity/ Frame 013C
42 B
207 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIysaul9zg-AIVhahRCh1wfAalEAAYACCagoJFQhMIw_-Pl9zg-AIVZ4f9Bx08PATu;met=1;acvw=sv%3D929%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D309,404,759,1204%26tos%3D15,0,0,0,0%26mtos%3D15,15,15,15,15%26amtos%3D0,0,0,0,0%26mcvt%3D15%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D15%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D15%26pst%3D-1%26dur%3D17857%26vmtime%3D-1%26dvs%3D15%26dfvs%3D15%26dvpt%3D15%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1872%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D589252412%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1656988765535%26ptlt%3D1656988768953%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,15,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1656988768240;ecn1=1;etm1=0;eid1=16;
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 013C
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CmYUeX6TDYoPUJeeO9u8PvPiQ8A6k0e-UavS_4IDBDc_7kOPXAhABIOXxnH5gu76ug9AKoAHIx7XyAsgBBagDAcgDE5gEAKoEugJP0EJGXk0UkrsqEbOsLUrcOofDR1cut9iwwBxQxrf-N7QGotYP5LGIOJmMzAqqchPc3Hn6GVBYoWR01Pep1jQ1vkuPB_Gs0SefyiLEn-DToMuJc1np2RyUJrddYaIQ5z_FMZ_QT61qxfu1vvYtkRmi3sBfPSIWcH-jMZ8WJR_aO7tHpZx_fECO0sgpmsf9KcunNEvJWAVXWzZ0QoZuut0-MdvGgG5q6aT92rCjlriD8JYDO3oAq3QEtrJNJmMWbCNSKp2IcXW9-BdmHrNyLONtaXslIg4fmmFqep-lv5Up8wRPdBZ0BsgKDrquVZlOR8HTbxI6EVEA6_yQxuAPBEL5J-zlMx-Hy9Wfr6PDTMpP0wbEhoR0-d7OkjGPciza7JPZ5Pcd5L2gpOnVBbMZiSo8Yg27v1l6zyHbNMAEsdT7kLwD4AQDkAYBoAZOgAeguMqNAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTE4NDc5MzQ2NzYzOTAwODeACgOYCwHICwGADAGwE5GLwwrQEwDYEwyIFALYFAHQFQH4FgGAFwE&sigh=gtEwlar98PU&label=admute&ad_mt=0&acvw=sv%3D929%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D309,404,759,1204%26tos%3D15,0,0,0,0%26mtos%3D15,15,15,15,15%26amtos%3D0,0,0,0,0%26mcvt%3D15%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D15%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D15%26pst%3D-1%26dur%3D17857%26vmtime%3D-1%26dvs%3D15%26dfvs%3D15%26dvpt%3D15%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1872%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D589252412%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1656988765535%26ptlt%3D1656988768953%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,15,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1656988768240&sdkv=h.3.520.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0OTIxMTU2NzAzODNAtAIKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODcwMDM5OTIyCTE0NDczNjUzOEDdAVI2CPkGEBIlAACIQSgBOgsxNDQ3MzY1MzgtMUIER0RDTUi7BVAAWhBDSkVHblpaNTBVdzZnc1RCGAE.
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logger
analytics.vdo.ai/
0
344 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns568718.ip-51-79-79.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 05 Jul 2022 02:39:29 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=2
logger
analytics.vdo.ai/
0
344 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns568718.ip-51-79-79.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 05 Jul 2022 02:39:29 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=2
logger
analytics.vdo.ai/
0
344 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns568718.ip-51-79-79.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 05 Jul 2022 02:39:29 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=2
logger
analytics.vdo.ai/
0
344 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns568718.ip-51-79-79.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 05 Jul 2022 02:39:29 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=2
logger
analytics.vdo.ai/
0
344 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns568718.ip-51-79-79.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 05 Jul 2022 02:39:29 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=2
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1152939023&t=event&_s=12&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=video_loaded&el=subject&_u=aAjAAUABCAAAAC~&jid=&gjid=&cid=1145372659.1656988765&tid=UA-113932176-39&_gid=605402542.1656988765&gtm=2ou6t0&z=1285322528
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 21:38:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18082
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1152939023&t=event&_s=13&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=website_pageview_match&el=subject&_u=aAjAAUABCAAAAC~&jid=&gjid=&cid=1145372659.1656988765&tid=UA-113932176-39&_gid=605402542.1656988765&gtm=2ou6t0&z=801304207
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 21:38:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18082
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1152939023&t=event&_s=14&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=pageview_match&el=subject&_u=aAjAAUABCAAAAC~&jid=&gjid=&cid=1145372659.1656988765&tid=UA-113932176-39&_gid=605402542.1656988765&gtm=2ou6t0&z=1958717522
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 21:38:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18082
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
s.ad.smaato.net/c/ Frame 3845
0
240 B
Image
General
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
via
1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
X6vxu1tQvrwnEyPHS7f_Kmgfk4TXq7IRhI6tXn-1fA976XFZOjJwOA==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame 3845
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbaff6f2e888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 05 Jul 2022 02:39:29 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Tue, 05 Jul 2022 02:39:29 GMT
setuid
sync.quantumdex.io/ Frame 3845
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E7CfqGZHanM4f790Thm9zbEH
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E7CfqGZHanM4f790Thm9zbEH
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbaff5f1b888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Tue, 05 Jul 2022 02:39:29 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E7CfqGZHanM4f790Thm9zbEH
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame 3845
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JNqVeaJE2uHNjY8ybdr71Y5boTZOVGYpbwIwhJI-~A
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JNqVeaJE2uHNjY8ybdr71Y5boTZOVGYpbwIwhJI-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbafefed5888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JNqVeaJE2uHNjY8ybdr71Y5boTZOVGYpbwIwhJI-~A
date
Tue, 05 Jul 2022 02:39:29 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 3845
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2532584436606599527
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2532584436606599527
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbaff1ee1888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:29 GMT
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7cf69fe6-5d3f-45e5-af34-574b2231a13a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2532584436606599527
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 3845
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=36dcdb41-47c7-52ba-acba-af7cce790b1d
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=36dcdb41-47c7-52ba-acba-af7cce790b1d
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbaffcf89888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=36dcdb41-47c7-52ba-acba-af7cce790b1d
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 3845
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO_jo6f_aTiz5yI-au1yqtO0eGAds-S1ZV2UfpAg
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO_jo6f_aTiz5yI-au1yqtO0eGAds-S1ZV2UfpAg
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbaffcf7a888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO_jo6f_aTiz5yI-au1yqtO0eGAds-S1ZV2UfpAg
date
Tue, 05 Jul 2022 02:39:29 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
v1
match.sharethrough.com/FGMrCMMc/ Frame 3845
0
34 B
Image
General
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.215.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-215-198.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
setuid
sync.quantumdex.io/ Frame 3845
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ac7b08a9-d8be-ca37-d3c4-e3dcfe74077d
43 B
118 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ac7b08a9-d8be-ca37-d3c4-e3dcfe74077d
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbb058c9e888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ac7b08a9-d8be-ca37-d3c4-e3dcfe74077d
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:30 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame 2F64
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JNqVeaJE2uHNjY8ybdr71Y5boTZOVGYpbwIwhJI-~A
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JNqVeaJE2uHNjY8ybdr71Y5boTZOVGYpbwIwhJI-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbafeeec7888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-JNqVeaJE2uHNjY8ybdr71Y5boTZOVGYpbwIwhJI-~A
date
Tue, 05 Jul 2022 02:39:29 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 2F64
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2532584436606599527
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2532584436606599527
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbafedec1888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:29 GMT
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9e322e3e-b430-4204-a458-db5ad8e5e842
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2532584436606599527
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 2F64
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=36dcdb41-47c7-52ba-acba-af7cce790b1d
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=36dcdb41-47c7-52ba-acba-af7cce790b1d
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbaffcf8a888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=36dcdb41-47c7-52ba-acba-af7cce790b1d
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 2F64
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO_jo6f_aTiz5yI-au1yqtO0eGAds-S1ZV2UfpAg
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO_jo6f_aTiz5yI-au1yqtO0eGAds-S1ZV2UfpAg
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbaffcf7b888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO_jo6f_aTiz5yI-au1yqtO0eGAds-S1ZV2UfpAg
date
Tue, 05 Jul 2022 02:39:29 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
v1
match.sharethrough.com/FGMrCMMc/ Frame 2F64
0
34 B
Image
General
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.215.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-215-198.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
setuid
sync.quantumdex.io/ Frame 2F64
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=acf4a7d1-51ed-55e7-5500-13b1b78440e1
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=acf4a7d1-51ed-55e7-5500-13b1b78440e1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbb01a960888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=acf4a7d1-51ed-55e7-5500-13b1b78440e1
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
/
s.ad.smaato.net/c/ Frame 2F64
0
239 B
Image
General
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
via
1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
joA4vujTewkJWxpYwvxoZ71hRZI0V7-aSlNc1KWKmpmAGGemSVD-yw==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame 2F64
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbaff6f31888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 05 Jul 2022 02:39:29 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Tue, 05 Jul 2022 02:39:29 GMT
setuid
sync.quantumdex.io/ Frame 2F64
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E7CfqGZHanM4f790Thm9zbEH
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E7CfqGZHanM4f790Thm9zbEH
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbaff7f40888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Tue, 05 Jul 2022 02:39:29 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E7CfqGZHanM4f790Thm9zbEH
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
16379029125961a06a40c0a87.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/
1 MB
1 MB
XHR
General
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/16379029125961a06a40c0a87.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash
374ce995ef52797d2b54db25c71f26e92418b1c91615fbe91404fe6d41967e4b

Request headers

Referer
https://subject.com.ua/
vdoai
true
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=2717916-3956835

Response headers

Date
Tue, 05 Jul 2022 02:39:29 GMT
Last-Modified
Fri, 26 Nov 2021 05:10:16 GMT
Server
nginx/1.16.1
Access-Control-Allow-Origin
*
ETag
"61a06c38-1cb3c944"
Content-Type
video/mp2t
Content-Range
bytes 2717916-3956835/481544516
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
1238920
Expires
Wed, 05 Jul 2023 02:39:29 GMT
16379029125961a06a40c0a87.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame
0
0
Preflight
General
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/16379029125961a06a40c0a87.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Tue, 05 Jul 2022 02:39:29 GMT
Expires
Wed, 05 Jul 2023 02:39:29 GMT
Server
nginx/1.16.1
usermatch
ssum-sec.casalemedia.com/ Frame 5287
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0af59e40d490c923fc7e675b310d9d34470e48d01bf53b349f0c8f510ec649a

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
725cbafebd6071e1-LHR
content-encoding
br
content-type
text/html
date
Tue, 05 Jul 2022 02:39:29 GMT
dropped-udsids
73|88|4|206|47|196|195|218
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6JYB6UaZ5VWkRi2PswuMC8Ll0MDBYaVHLZ3SGxkuSxt7%2Ffl5RNBAw6TXMRTKK6N%2BV%2BFlVf%2BtLfMwKMr3bxcD9DJ6B2jRejPfX57ymOkgLs%2FuQ28oqg%2B6cIUn6meTr956LxAymGUu8vPGig%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
/
onetag-sys.com/usync/ Frame E513
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pbsync
usermatch.targeting.unrulymedia.com/ Frame 69AD
0
0
Document
General
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 Beverwijk, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
server
Tengine
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4974
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=21604
content-encoding
gzip
content-length
5549
content-type
text/html
date
Tue, 05 Jul 2022 02:39:29 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 05 Jul 2022 08:39:33 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=Y2LiJ3xyek5JeVVEQW44RHNBMEpVQkU0cjFlek5nZ1Vxb3poNE1ONFFySHJVaVJVNG5YS2k1d3E0ckEzYUlrR3cvUUEzYkdRWVdmQTh4RjhVbG5ZSjhCczNvR1ZiaGxPcWdQcmVnbnFGRXhJem4vZ2J4NjgvTGs2a2xsVy9XSjFEV3R4OEtpM1dGZzAybUJhYUNCcDJ0aTRTTzBmSWY3OHBXeGxwMlQyRjJUbU1RV0VDVFhnSlZLL2RUQjhDZVNTcjVXU2FaUGlJclNPUFcrTG91aDA4UmdtM3BnZENnbmpvM0MrL0V5Ums0aEd0SnowPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 05 Jul 2022 02:39:28 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1043
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame C3AB
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pbsync
usermatch.targeting.unrulymedia.com/ Frame 4617
0
0
Document
General
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 Beverwijk, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
server
Tengine
usermatch
ssum-sec.casalemedia.com/ Frame 4828
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caba67500a5d68e55bcb810bee178e47ba0bfe151784ce4f246e3ff484f84ca7

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
725cbafebd5f71e1-LHR
content-encoding
br
content-type
text/html
date
Tue, 05 Jul 2022 02:39:29 GMT
dropped-udsids
176|156|24|18|190|111|17|131
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYf2bKrYh%2BSb%2BPgaHO3tFKHZq0l2WrI0J9b2Ts1AxmF6ccbfsDGMq8E1WZBwGyyzsBJpNHM28czWxFpa1A1%2FUAnhEqLoZOG1j6y2hx5njG%2Bdk3ChL4juAaPsFFgFzSBB4wewPajIiozg%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8D3F
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=21604
content-encoding
gzip
content-length
5549
content-type
text/html
date
Tue, 05 Jul 2022 02:39:29 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 05 Jul 2022 08:39:33 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 1CC3
23 KB
9 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
576821
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Jun 2022 10:25:48 GMT
expires
Wed, 28 Jun 2023 10:25:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame 66AC
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:29 GMT
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7c003afe-8803-4d2f-a07d-89a5880cee67
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame AF8A
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:29 GMT
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
65188693-b8b7-4e0b-be37-a0478cfa82d2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame EF85
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:29 GMT
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
602debe0-a8f8-4fd5-96b2-8e02d31c040f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0C1E
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:29 GMT
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
630a2a59-42b3-4f58-aa07-bf0a286cd5e4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame BFCD
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:29 GMT
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b1a19e07-f7d8-46f4-af90-7eea14d4da01
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B2B
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-gLrYKTDYp7kC6Wwx_APhuSg0AgAAAAAOAHgBAI&bg=!AQKlAkbNAAaLlKKnq5Q7ACkAdvg8WqMkhmncmoiM3Ay0Jrm14wPOl5mfGMlvcPpLGW2o2_8-cz_28wIAAAF7UgAAAAFoAQcKAIuOMRtxi5dc-ddiPoRqPSoqiDA37Hw1ib4z9izGjJNagPPaoQJ0jCeRfNsiVL281lUZtj0ubxAcra80A3vs0KUpJleSZ4nu4-ks_djSBepEJtK6AIyvpQodDDFwDfkqd9cZBA-siM4XqrAvEE2Z4jqZGSHbcd91vveOxuRw9kRz3BDj33UokiKk6DaCmQLzHTmBazG5GyQLRd2C2S2wzIQDijZRt2nQUCn4dm4JvDBjoPIXu56yeifK1ioqDhwNCOr1256vKePuWE7qKYU4AVTHWxZDcrA2UTWwwZ_1mSQvEeZdl1N-Xi1vXIAbrf--YAksm19hFw7oeGAjkqEByz4LN1IWD_-WCzZZ_BZv20hI7mj_IuCZV1D8Ebekf9bRw_ZbH_CIAFOrq3vE1C3MoYfWscGSsB8VN2uchBzKZtNq9zd1RsweyuKNPjMMbpTL-HQP5jCvbsvCgxXPUX72qeweuy2a3pd8jibKezD5r6mpYuvE2u2Yei9Xt04lmJFV-HO3AOLHtrTRr6iSmq4zTfylchBaohLEcJ73Q7O6iUeuVTOdPArSCnHNhIfq_VAfqQJKsyb5uvo__5HrRNZ8TLH-f-QQvrByQJBIpFTpltuhhRA2RThLghtdMd6ogEltEe_sNpX9-sUoWRNiG8F6A0lzQVwD4R8Xaz0OxF4Hqbxf_mHat92oewSFDyl-P8fKzmcKR6iq0O77mNhTEdYSw7Y1vUqWed2LxObHHdeaLfVeAOn-4NJs0jHFFYdENv2tg_Jz9pgrg68y38EZ2st_39o720IEOt3Z7YnH6w5oXx03-R2NxOjKdb17i8HCixTSioltJosEt95B-QEqgWOzzU8EIzIAV1aun9sx9GSZyHH-venZIZ29ifR_ei9DiwGEzxe4Vcj2sGXR7uUxOg0mFhfxPwSCxKoZtONpzXTWFoubTEdkLcRsN4_O402f3Sgx2uEYmpOeqGRyTqlReB_h_UYJY1tenePDEepl3oT_o0cFmzYITxnGG3UwOHZBVFCuikTO1GUbNiZjPttfWkXD_k9AkyAr-S8XvcJOLRgQVuo7rqQxUgccuX5Mj1i7K5Bo1i9mW6D-uxCtxiZk5k2fhwAHndIArGuYrv0KpXfZOd86sRV6pdmdbWzGdiGNLu9qJc0RpotH2FNQU4W0UyadydKqhTHwjNgtU_Mv4bCmSV64rEQ
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E4C4
0
39 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=51164254&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
content-length
0
yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js
pagead2.googlesyndication.com/bg/ Frame 1CC3
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca5783fe299b27660b21ead92422546b8c903924613ef0975e543c9b7c4a6bf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 14:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
42807
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13895
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Jul 2023 14:46:02 GMT
pixel
cm.g.doubleclick.net/ Frame 82D4
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YsOkXqZha-1iGFYS_EfDlAAACkUAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 82D4
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 82D4
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YsOkXqZha-1iGFYS_EfDlAAACkUAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YsOkXqZha-1iGFYS_EfDlAAACkUAAAIB&dcc=t
43 B
645 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YsOkXqZha-1iGFYS_EfDlAAACkUAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:29 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
D5B5WZ9EHPCCGSA7D7YP
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:29 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
P4MQP5C6AQ6E6GKYCBAM
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YsOkXqZha-1iGFYS_EfDlAAACkUAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 82D4
0
0
Image
General
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

rum
dsum-sec.casalemedia.com/ Frame 82D4
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=Oh6Nc20Y2HEhGot3OkjDdjpPjHYhFI0hPB75AN9d
43 B
908 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=Oh6Nc20Y2HEhGot3OkjDdjpPjHYhFI0hPB75AN9d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
725cbb014863774d-LHR
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ToY3nfMxozibnqzVm45KV%2B2aMH52wWe%2BQt75WzJpUFNoZ69udasba4b9H275uIJaDMXScZi%2BAV0dJ3Lr2CeLWvPLSi5MbMZJWE%2B4Vyl1DDaRMQf4o28swU5Ie8cophSBOyXxtfxj6njiPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=Oh6Nc20Y2HEhGot3OkjDdjpPjHYhFI0hPB75AN9d
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 82D4
0
330 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
x.bidswitch.net/ Frame 82D4
43 B
220 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.37.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-37-200.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 05 Jul 2022 02:39:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 82D4
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
43 B
909 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
725cbb02fa21774d-LHR
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSg4%2BkgYDdOre2gbNq1Y%2BthunsaYnbPxooLLDEUP%2Flk4eMxxRV3f0kSaXnLhwYaCJiMOCDigHU70phKe7m%2FBo49jcavUN5wBwgFsHB2As3g0lDKKBsemHYw7kv1BRpo55q7ChLR3kSAZEA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
106
Content-Type
text/html; charset=utf-8
setuid
sync.quantumdex.io/ Frame 82D4
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YsOkXqZha-1iGFYS_EfDlAAACkUAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbb002fd4888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
YsOkXqZha-1iGFYS_EfDlAAACkUAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5287
43 B
991 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YsOkXqZha-1iGFYS_EfDlAAACkUAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:c111:9aee:7bd3:6707 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 5287
85 B
259 B
Image
General
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1656988769.306747,VS0,VE79
x-served-by
cache-lcy19243-LCY
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 5287
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3616262986304817475
43 B
913 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3616262986304817475
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
725cbb00efae774d-LHR
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3Bg4dFZklyRfECb22PgVMjxwkpSW9tQajbOXBGQ6fMzwqxcuZoyVCJ7b%2BD09rDwJc%2BreXE8KU%2BEIFX885PtpdLJKprNSQ%2FJalIy4jneErj33Qjf%2FGWX8QiVHEOmcDmhTTxdmTfYnanO7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3616262986304817475
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sync
ups.analytics.yahoo.com/ups/55940/ Frame 5287
0
15 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YsOkXqZha-1iGFYS_EfDlAAACkUAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 5287
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=WgMfoYFY1O8ytj5&gdpr=1
43 B
915 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=WgMfoYFY1O8ytj5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
725cbb01d8e4774d-LHR
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpNjvpqEGJbfLR%2BS1yGcVvrryyLPv5qSzX4MAb3gLm7AiO1qxXcwsNqywO%2FVB%2BZRkoZvgbFqPDcVNclnd97nW1BQFNKKC0QHZwRWQbjKGK20CX6ABrsuZQZ8p%2BxONuf8%2BSH9PNsrHDPJNA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:28 GMT
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0ec0c6ff59ec4bd79@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=WgMfoYFY1O8ytj5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5287
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030001_62c3a4616db6c&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_62c3a4616db6c
43 B
909 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_62c3a4616db6c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
725cbb016877774d-LHR
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmuSmPbi42ARHplWcuEaWdDekWaXRD54h%2F9V8UD1r5lntOi9SlU1FgOXcR1SHdijZP2fjuXhcUu%2FGBsqgT9yjcO9N8wYFzzyh%2Bo8mDso5zul%2FkRJ5MiM8QCPGHFNbMfqUEmYeO3hR2n8pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 05 Jul 2022 02:39:29 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_62c3a4616db6c
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
crum
dsum-sec.casalemedia.com/ Frame 5287
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-39567b3a-3773-41f7-a3df-e2910aa4bad6
43 B
913 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-39567b3a-3773-41f7-a3df-e2910aa4bad6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
725cbb023955774d-LHR
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QoyZsB6NqTh48fvJHQOVCzJyM3FWOogc%2FZLpjL0gDhDqKf%2BskEHl%2B6xR8ZgV4nXe11Swa9fJoPfPnQJjhynRJNb9771UX5ic2p9O%2FHDGZD44tHMdPpqj8GDSMLwRTLo5Ij%2BrAsv1GHNV3w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-39567b3a-3773-41f7-a3df-e2910aa4bad6
date
Tue, 05 Jul 2022 02:39:29 GMT
server
Apache-Coyote/1.1
content-length
0
ibs:dpid=23728&dpuuid=YsOkXqZha.1iGFYS-EfDlAAA%262629
dpm.demdex.net/ Frame 5287
0
0
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YsOkXqZha.1iGFYS-EfDlAAA%262629?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.130.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-130-246.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

setuid
sync.quantumdex.io/ Frame 5287
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YsOkXqZha-1iGFYS_EfDlAAACkUAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbb003fe1888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
YsOkXqZha-1iGFYS_EfDlAAACkUAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame D649
43 B
991 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YsOkXqZha-1iGFYS_EfDlAAACkUAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:c111:9aee:7bd3:6707 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sync
ups.analytics.yahoo.com/ups/55940/ Frame D649
0
15 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YsOkXqZha-1iGFYS_EfDlAAACkUAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame D649
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3616262986304817475
43 B
913 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3616262986304817475
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
725cbb00efb1774d-LHR
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BN5hgA0WflDjZS%2FcDQ1F78lUoW1eNHynIAEZ0yauj1K37FzuKKw0EQ5IMRzg%2FMiv1eXCLyfZvSxHdtdVCQ%2FuK8r%2FP%2BeOOVMb6ik6J6wvX9ONhddZ1Zn1ozEgvLSHE8Sg1BRZWyTZXHnM4A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3616262986304817475
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame D649
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=8a4d62c3-a461-4100-b6b6-af8ebc141780&gdpr=1&gdpr_consent=
43 B
913 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=8a4d62c3-a461-4100-b6b6-af8ebc141780&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
725cbb048bdf774d-LHR
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BH3GwQf6e5yhcJd2XYsFgNvSD%2BdLlf7tHZRO7SxLp1C2vJy3tfRszKNNgEejRAGi8JPUqVYKgSgerZKt5Rjwg%2Fnxn0vSLPWyQU%2FwQtmy508V%2B71FSFeJB8cPKTozqWeKMAEjjJCTjUgwPA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Tue, 05 Jul 2022 02:39:29 GMT
Server
MT3 4475 c1dc35a master cdg-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=8a4d62c3-a461-4100-b6b6-af8ebc141780&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 05 Jul 2022 02:39:28 GMT
crum
dsum-sec.casalemedia.com/ Frame D649
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
908 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
725cbb013846774d-LHR
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SEPrPCsCw1OBc6fzQ9O4kTWwEdx9X2lz4GAcMEajVS9nHNqxPUDEFL3t97MLOYCpthFu7g%2F0nxJMdcSbD0GZ9PppCu%2FCyEf18ntletkggSDK6uHWmMfFLglHbMQiUbK8Zc2fwjQCOfKIw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Tue, 05 Jul 2022 02:39:29 GMT
server
nginx/1.20.0
content-length
76
sync
x.bidswitch.net/ Frame D649
43 B
220 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.37.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-37-200.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 05 Jul 2022 02:39:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame D649
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YsOkXqZha-1iGFYS_EfDlAAACkUAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
no_match_opted_out
um.simpli.fi/ Frame D649
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B
Image
General
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 05 Jul 2022 02:39:29 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Tue, 05 Jul 2022 02:39:29 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 04 Jul 2022 02:39:29 GMT
setuid
sync.quantumdex.io/ Frame D649
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YsOkXqZha-1iGFYS_EfDlAAACkUAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbb003fe3888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1CC3
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.520.0&bgai=BBcReYKTDYsqWB4XRxgLw-JmoCgAAAAA4AeAEAg&bg=!39yl3JjNAAaLlKKnq5Q7ACkAdvg8Wqv4S5eWYv6Msmk0qpsh7VRAvaxkfkZ0MJzydqG9v0gajIKNAwIAAABZUgAAAAJoAQcKAIGyw0vHTNqXa6eBfsgl2KFJbXhgOWNAvq6W8vBh9-BAlyKGVi1dr396DkzRVxlSSWX1A03KMIUdlSxqs1pm2HrzsxfVV1pC6NT1Ljq6QoJhgnxa9F9-A-zb8zmVMusuk9xDraNevGPD4e3lFr_QapvHpmLIDVNh4gBzu6RHRi3UgkKZAsqX19OKeaqHzvBCAoPxSoYoyDwqXyyaGz5i99xDVo8051FRHCdbUiuYi_T2X-3oNMpmLBEWGlP2XjfQr1nILHcFgg1HXsYMQ4-wwxp8MX5iawYOjVR4_mXwF1_a5nimEtDzD82QOPqybdyefrdOTP_Ke9OWLy0Fw73i6IdKjrJ322zmyNmD_C6OqsLd9MJ2Rk3DXy_QNG1ebJhwWC2Kf97f1eqcnO0J4zAuLtLSHYSJvjA25jnJV1smIQuO_dd_GYKQ19KjgVOu9j3s-roazrveQzbodBFwYpZXbkA33C4aS1DtbHthy2WsorOsG81kFShwPF0IXDiaTiwHc3jwFO28zwuY2PEr_AcjS5ViaN8eD6QVf2AT7wJ_AnVMU-UpF_7L0b72DOX0SiS4cp7C7tnIyy4CwvlCY3Vow1QByFUkJxAU4rKYZYtF5iqiwgyVaNPJUEMcfv2rMSUqI6f1elIvfAwYJX0lqDeBLyTmI2j5YizQ8Lo5HESgIcBVkgsnia3_QPe4_r_c4FWSPQIMcoDkXNtu967Ju1lbNuNxFBTlSpqv6L85GrdGM4feddzI_DjsNpsUOw6RKxgsRy7310OwG1HQ95RJ-RtaqxTHTEr5EJMzwgNLxXCdR3ijIzAIR1yiAMxjmeNcIQdBsB0U8WfRymjhzpVSYe92ZyU-7tXuiRF01nw6Hnpc1I9tEgbDurpKcvEmJu9JoBV-X7mgfjgO66KRKAUOxX2g-yxMamc51XVdMqCboZOMMV-l8XTFPLZw2gd_FOll-9lPJbEwB-pHct8xOQCsY18O68uXTnTaF_qf5zhFDq2TjqDyCylCT53qvUSh1P96EeM3KN9CGHNK-K7Vz7HUPUd0gOq98Ur8uBhRuscACC478NeVGFeBOZqXhCVy20EPJYp0Q0It692IhOT4p-TzXCtt0DRf6KIQBys-a-YKaGMu3i4
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
16379029125961a06a40c0a87.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/
1 MB
1 MB
XHR
General
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/16379029125961a06a40c0a87.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash
2f6e7ea921346d30b5698d444f235bed87a5a5e4f2fb174b6b1de95bf32b222e

Request headers

Referer
https://subject.com.ua/
vdoai
true
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=3956836-5074307

Response headers

Date
Tue, 05 Jul 2022 02:39:29 GMT
Last-Modified
Fri, 26 Nov 2021 05:10:16 GMT
Server
nginx/1.16.1
Access-Control-Allow-Origin
*
ETag
"61a06c38-1cb3c944"
Content-Type
video/mp2t
Content-Range
bytes 3956836-5074307/481544516
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
1117472
Expires
Wed, 05 Jul 2023 02:39:29 GMT
16379029125961a06a40c0a87.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame
0
0
Preflight
General
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/16379029125961a06a40c0a87.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Tue, 05 Jul 2022 02:39:29 GMT
Expires
Wed, 05 Jul 2023 02:39:29 GMT
Server
nginx/1.16.1
ie
match.prod.bidr.io/cookie-sync/ Frame 5743
43 B
430 B
Image
General
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.40.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-40-114.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:29 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame 5743
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1657075169&gdpr=1
43 B
946 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1657075169&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
725cbb047af772bb-LHR
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zhi0cwWaaPsZJFXhtih4LrT3k%2BLCUufksjPRv4oRzERAz41Bu%2FtJV68CsoJYjlh1IPUOAsIKKyR%2Ft9XVqi3CekeLyNthlq0dLTaoL3lA%2F4nuSjP2hbi%2BxtPYQJngEVhxCEaQ4gT"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1657075169&gdpr=1
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 5743
0
191 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:28 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
bridge
cm.adgrx.com/ Frame 5743
43 B
408 B
Image
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:30 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-7
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 5743
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=379863378231310422
43 B
915 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=379863378231310422
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
725cbb044b91774d-LHR
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t317fFRKZd%2B6L5NfMrxLhNKLc16WxewItnzEE%2Fp7jhmdTeOyXmqMmHNK%2FQKEkik15IB%2BnKCVRVgPP%2FBierZYU7ojclIJOwowiBx%2Fd5dOz%2B1UyMDpNlkb6IENn3cBjcsLaAFWiAh8SXIebA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=379863378231310422
Date
Tue, 05 Jul 2022 02:39:29 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
match
c1.adform.net/serving/cookie/ Frame 5743
0
330 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
getuid
ib.adnxs.com/ Frame 5743
0
0
Image
General
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

YsOkXqZha-1iGFYS_EfDlAAACkUAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5743
43 B
991 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YsOkXqZha-1iGFYS_EfDlAAACkUAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:c111:9aee:7bd3:6707 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
setuid
sync.quantumdex.io/ Frame 5743
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YsOkXqZha-1iGFYS_EfDlAAACkUAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbb027a28888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
113
match.deepintent.com/usersync/ Frame 4828
0
222 B
Image
General
Full URL
https://match.deepintent.com/usersync/113?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
server
a
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
cookiesync
bttrack.com/pixel/ Frame 4828
35 B
380 B
Image
General
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-ServerName
Track004-iad
Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:23 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rum
dsum-sec.casalemedia.com/ Frame 4828
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c1ab46f5-8b41-49fc-a20f-b08024d255b2&us_privacy=null&gdpr_consent=null&gdpr=1
43 B
908 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c1ab46f5-8b41-49fc-a20f-b08024d255b2&us_privacy=null&gdpr_consent=null&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
725cbb038adb774d-LHR
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztq49ARVfNH0lTIuAQppYCeSSAKZXgbF%2FimcPm6uRJkOox6tMyZxGlVYf7XTidphfax6I4hl3AdrDMPRAvQfDuNEgIlwM88Io3DXJXPGJth5rKspT%2F6GUuN0HM3YasV2LfDT2NccWVw5WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c1ab46f5-8b41-49fc-a20f-b08024d255b2&us_privacy=null&gdpr_consent=null&gdpr=1
cf-ray
725cbb032da77320-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 4828
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1672886369&external_user_id=a6bc78d5-d5e4-44cf-a11a-9f084b42a84e
43 B
908 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1672886369&external_user_id=a6bc78d5-d5e4-44cf-a11a-9f084b42a84e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
725cbb04dc2e774d-LHR
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oaKdiSoyQbc4zfYq3m4su8sjFgE5GTU11pogdoHwRqliI1QFhqPrl8xA4K1BT2e6w%2BGV%2Bcr0ZyhQcuczdz8e3%2B0MYJ8shOG7Zmp35rGsOr5L1rqc%2BOwdqcqmrwZhgYP6VbfoJmLbvNVRxg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1672886369&external_user_id=a6bc78d5-d5e4-44cf-a11a-9f084b42a84e
date
Tue, 05 Jul 2022 02:39:29 GMT
access-control-allow-origin
*.casalemedia.com
content-length
157
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
getuid
ib.adnxs.com/ Frame 4828
0
0
Image
General
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

match
c1.adform.net/serving/cookie/ Frame 4828
0
330 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:29 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 4828
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
43 B
905 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
725cbb038add774d-LHR
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8VbTLriZp1zy4YsPidmPyDbTdtphFE0vJzHcYeatv6mqS7TqrjbIyZAyBMN0dql5sgMxHJoxm5ONtBdl5%2BaOxWIuSC26G9yF6fk2bcUR9bozCsMD6OU3NMrzmLd7kihoCehrHLpiqyTqw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
106
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 4828
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662295846784134
43 B
910 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662295846784134
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
725cbb056cba774d-LHR
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Tr9FoBaec%2BqIUdJDhS00DB9VVm9BAYkTaIncAn9%2FL4UweB%2FBTMunSzuvXOIW965B38yba3CM81zc6CFbdw6VJPvgfH9zUXJC5SQeviAVVgACOR2e5O8T4PrWfI3mfwFxXWK2DBtPP2a%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:30 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
111
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
725cbb045a597735-LHR
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662295846784134
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame 4828
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YsOkXqZha-1iGFYS_EfDlAAACkUAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
725cbb028a39888b-LHR
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
truncated
/
630 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
subject.com.ua/
11 KB
4 KB
XHR
General
Full URL
https://subject.com.ua/
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.26.2 , Ukraine, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
valerym.sv
Software
Apache /
Resource Hash
3ed193be1d15265678137ca886ffb7bdc7d963232001bf1886e8dace9b3c3b03

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 05 Jul 2022 02:32:16 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
max-age=0, no-cache, s-maxage=10
X-Mod-Pagespeed
1.13.35.2-0
Connection
close
Content-Length
4181
1
serving.stat-rock.com/v1/log/js/
35 B
169 B
Image
General
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1656988769690.868&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fsubject.com.ua%2F&t=33&v=102.1&width=528&z=p%3Adf%3Bv%3AinView%3B&r=0.707299473380538
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.101.135.227 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
ap7.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://subject.com.ua/
Origin
https://subject.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://subject.com.ua
date
Tue, 05 Jul 2022 02:39:30 GMT
srvf
199.101.135.227
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
1
serving.stat-rock.com/v1/log/js/
35 B
168 B
Image
General
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1656988769690.868&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fsubject.com.ua%2F&t=42&v=102.1&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.724365393982866
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.101.135.227 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
ap7.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://subject.com.ua/
Origin
https://subject.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://subject.com.ua
date
Tue, 05 Jul 2022 02:39:30 GMT
srvf
199.101.135.227
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
bg.jpg
s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/ Frame FE71
94 KB
94 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/bg.jpg?1656076572677
Requested by
Host: db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19b577be1d11d31c8258405065228dcae313b1d57fe16cd8ec7527048e9365db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 20:31:54 GMT
x-content-type-options
nosniff
age
22055
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96188
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 14:08:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 20:31:54 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3317
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstR7MTKoUgRs8FTdjzsi7wq47FLL7pFgVYAuP5odrS8B7d0X56khPxnwwah-ugeLJBBB1-sTQUk0ySF1pf9Jhp36SVgAlVKRl-HjwJu4UFAPCsfOQtnh9_BOUx6gxN_wPPm1FJ63rwDoXp_Xo_R7SBNJbfbMFrF5znPVnOQ58sQHyJ8gZjg4F5CBZVzAlIDrDEyvZHuSBOzR9gFaYa68lK_TwVWmGiXmG8Zr2Ghin2sKgp1A-HWXF8HwfANKLMrtbCUHVaNOvvdnX-WVs624Kncvs51xWE8CoZj2092w_i0AzHc2_GFplUs79_lWiv8LXicGuBCTt42i-_cejR_X7wteZzw-dfhER5g4h0ZgbP4H9KJkWyrZ_ndHtocEAnHTI6neUz7HZcDpX84l6ycED7rxB0T7uXjfgTVq96gqg709CJP242dvafLBJ1cNW1ciV6c6f0KeWjaGfEzZYm1S93A-XlsWZLRBwo_95G4-Ra8ehypD9J0QkSLX7ghm28bfKOey01ssefF6ggnhuojxCm46DqTbrsUOVVBgccVKZM_vOy5Hqo2mLyhzN2VSVR7vvD0L5ygGawT5Y8dkRwsa4znRryudXIg8XZki5zykN5YIY98jDqCNiJQ9GbB_Oat0r79yj9psPzDNebDRERsqI4YGXSWn-VrA-PgkU-XhDCt3de9JzU9444-EWuMX6h9U2Fw-CNV4-X-EX21OLsXur7njNq7A9zqGR7mwO1rvqOAw7v66p-twH0dM8NwexjeRvELF45cxfte4pshgYD97rbVDMsiWrdZokTtd75duhoEDlk-ZvvXH2IJAgkmFnjaO__ZhhAHdVsQLdEzMQicfe9jrJCb_MQkMnOXq7wMzN7Kpq87sN3F0fK0zn94ELiEIqfsKfLSw2UMWegt6wSKqYFypqi-T21FrQqAOkLk3oK7Ss_lJjyLqAQaeA6tYmSQVq8ey1SRVwMwXIhRyu6Sn3c2rnD0Bd9LhXTmBss9X3glXqNmtmYN61a79u3okvvs6cNwgXKjBEEYAt2rHzKtREmH2-JASvWi6SOBD1lEd2fxaeUHJFgchDvHLE3HO6B7-UaSZDMpGkAPcqnKP3jFOGU0HEc9SoODSRwzfx2HvIEJ4ju6YWuGh7wq3T_xTCMkCmFHHUAIow2BE8g81G0cardWQ01q1nadCEegdh4ukDcDJDqlmHRuLi71Tvxhj8hPRn9jX3CdZ20LPVU&sai=AMfl-YRU8DQM2NyFa8HYEk0V-qtXBR25Yrh96JzGXD4rm7aVqk6Tgpiw5fuvFGdsCTbW-sPWRiNfXysEVrA-3WbTxfLGXHARhbQP5DBaQIQCbj2jJeYwgrcmYr6ycsv-dLrwijsuMycIHaC9SOuNDc3xiHy75fU-i_2N7Z_DpsAPYZtBIROFsE1hPRO8iaz1SmHBWg2lMExyfg-VnEAtcdBirw&sig=Cg0ArKJSzKBr-zs80Iw6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2049&vt=11&dtpt=1887&dett=3&cstd=159&cisv=r20220629.36608&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 02:39:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
1
serving.stat-rock.com/v1/log/js/
35 B
168 B
Image
General
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1656988769690.868&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fsubject.com.ua%2F&t=156&v=102.1&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.9087284786861971
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.101.135.227 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
ap7.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://subject.com.ua/
Origin
https://subject.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://subject.com.ua
date
Tue, 05 Jul 2022 02:39:30 GMT
srvf
199.101.135.227
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
cta.png
s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/ Frame FE71
2 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/cta.png?1656076572677
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08a0c4f341c2cc8380d5b113b42913e20b33a089c287d2c2259deadb4a2cca07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 08:17:12 GMT
x-content-type-options
nosniff
age
325337
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1617
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 14:08:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 01 Jul 2023 08:17:12 GMT
fiyat_badge.png
s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/ Frame FE71
6 KB
6 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/fiyat_badge.png?1656076572677
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2ead0f81b0dffcb4d83c4ec82c47126a88144870f59ca61598efacbe5805e70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 20:31:54 GMT
x-content-type-options
nosniff
age
22055
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6250
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 14:08:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 20:31:54 GMT
hashtag.png
s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/ Frame FE71
4 KB
4 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/hashtag.png?1656076572677
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13b6769a5624a39948c1533d285718ccc8188bfe723589082b6fea34786c434d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 20:31:54 GMT
x-content-type-options
nosniff
age
22055
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4379
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 14:08:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 20:31:54 GMT
legal.png
s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/ Frame FE71
4 KB
5 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/legal.png?1656076572677
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba17f23f1ce7efd38a398bb6b6e8dab40e970965a2a1013229590d8624386b39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 20:31:55 GMT
x-content-type-options
nosniff
age
22055
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4576
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 14:08:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 20:31:55 GMT
logo.png
s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/ Frame FE71
8 KB
8 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/logo.png?1656076572677
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9016147cc4ea6ea49172fe940fc7beadeee7d2dcc0e752c5cbe5a2ec76cfe1cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 19:51:39 GMT
x-content-type-options
nosniff
age
197271
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8375
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 14:08:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 02 Jul 2023 19:51:39 GMT
sag_logo.png
s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/ Frame FE71
9 KB
9 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/sag_logo.png?1656076572677
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffcb552e7b05e9823b6762c57fb2df8d2eb56415a7ecb0242eb9477b1a6d7971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 15:23:27 GMT
x-content-type-options
nosniff
age
299763
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9024
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 14:08:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 01 Jul 2023 15:23:27 GMT
sari_badge.png
s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/ Frame FE71
8 KB
8 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/sari_badge.png?1656076572677
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e48238a516948e058018923ebde7cc8af0732af5650d65348c7f716a5f45e136
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 20:31:55 GMT
x-content-type-options
nosniff
age
22055
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7828
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 14:08:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 20:31:55 GMT
t1.png
s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/ Frame FE71
8 KB
8 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/t1.png?1656076572677
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61f941f769954b82b40e182fe9e49ff7269e6c39e2622089b71462bc45deda0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 20:31:55 GMT
x-content-type-options
nosniff
age
22055
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8458
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 14:08:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 20:31:55 GMT
t2.png
s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/ Frame FE71
12 KB
12 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/t2.png?1656076572677
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0470eab6e59dc578a34653d71dba2e9e3e47a2c63f1d292a9d987aad2af4966d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 20:31:55 GMT
x-content-type-options
nosniff
age
22055
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11861
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 14:08:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 20:31:55 GMT
t3.png
s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/ Frame FE71
13 KB
13 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/t3.png?1656076572677
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa09166f32bdf4b9a701031a48aeeabcdc14f275f81e5af1fe3cbe27410de246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 20:31:55 GMT
x-content-type-options
nosniff
age
22055
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13483
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 14:08:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 20:31:55 GMT
t4.png
s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/ Frame FE71
13 KB
13 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/images/t4.png?1656076572677
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a55dc58c4d39a4ac4eddf8781618150bcec280f0515832d4c01719d946d8329
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9268526312242492323/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 20:31:55 GMT
x-content-type-options
nosniff
age
22055
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13476
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 14:08:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 20:31:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220629&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&easpi=true&asro=false&easai=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31bd188853351de4ffb30073a5a1823c873b348631fc936268c9100c3abea6fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 02:39:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10628
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 28BD
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=subject.com.ua&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 05 Jul 2022 02:39:30 GMT
server-processing-duration-in-ticks
2409
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&easpi=true&asro=false&easai=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Jul 2022 02:39:30 GMT
sid
mug.criteo.com/ Frame 28BD
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=subject.com.ua&sn=ChromeSyncframe&so=3&topUrl=subject.com.ua&bundle=Cf_1EF9HdUJzZUFadmVEdTA1cEd5V2poaGxuVnA0bEZhVVRKZVNibFJHQkhzS3I5JTJCdz...
  • https://mug.criteo.com/sid?cpp=jHd-rnx1Z2RjUjRIMXljRjF6cHcvSDg3bDhpWDBuSENTbnU4TnZDZFNhdUpFbk52Y2dCUUhOL0F6SVhHUm9PcjR6aEt3a3dYUHhONUt3R2RpVFBYZlNNR29wR3dqT3d2TDNDUlB2Q3AzejMyYVpJZWFDVTRINmUya1ArV3...
428 B
629 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=jHd-rnx1Z2RjUjRIMXljRjF6cHcvSDg3bDhpWDBuSENTbnU4TnZDZFNhdUpFbk52Y2dCUUhOL0F6SVhHUm9PcjR6aEt3a3dYUHhONUt3R2RpVFBYZlNNR29wR3dqT3d2TDNDUlB2Q3AzejMyYVpJZWFDVTRINmUya1ArV3pxcTdMK21CaHRyQVhaMTRWbHFuOXduMGtETkdVTlltWTQ2MnNxTjErckVjMjJTVEhWcUhZVy9aK2Erb0w3L3V4MnVlRGZESGZkdmhBMk03WktENXptNDB5aGlKeTVHSDkzYUV1TFgySmE0M0FmeW5GNmxPMENoQkNJNlJYTnlPWTArUFI1WSthckx3OTQ5ZUpXd0dzMituL2dTa1EzVTY4MktiRFdnMW10eE8rbVQ3KzhzMD18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
c69d94ce6df5eb525a6281c43a1523a7f25feeeda2b25e56cefc569664753494
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:30 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
6454
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:30 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=jHd-rnx1Z2RjUjRIMXljRjF6cHcvSDg3bDhpWDBuSENTbnU4TnZDZFNhdUpFbk52Y2dCUUhOL0F6SVhHUm9PcjR6aEt3a3dYUHhONUt3R2RpVFBYZlNNR29wR3dqT3d2TDNDUlB2Q3AzejMyYVpJZWFDVTRINmUya1ArV3pxcTdMK21CaHRyQVhaMTRWbHFuOXduMGtETkdVTlltWTQ2MnNxTjErckVjMjJTVEhWcUhZVy9aK2Erb0w3L3V4MnVlRGZESGZkdmhBMk03WktENXptNDB5aGlKeTVHSDkzYUV1TFgySmE0M0FmeW5GNmxPMENoQkNJNlJYTnlPWTArUFI1WSthckx3OTQ5ZUpXd0dzMituL2dTa1EzVTY4MktiRFdnMW10eE8rbVQ3KzhzMD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3683
content-length
567
expires
0
prebid.js
tag.eu.dev2pub.com/
473 KB
473 KB
Script
General
Full URL
https://tag.eu.dev2pub.com/prebid.js
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/dev2pub.js?id=%27d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.91.60.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
dd506dae155552292b0a774d4d5405aa383640a5f391c505ad41348a98a754d8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 05 Jul 2022 02:39:30 GMT
Last-Modified
Sat, 02 Jul 2022 06:40:39 GMT
Server
nginx
X-IPLB-Request-ID
05BB1566:E0B6_335B3C26:01BB_62C3A45D_29ED1D04:111E9
ETag
"62bfe867-76273"
X-IPLB-Instance
42214
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
483955
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 81E9
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
8585
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Jul 2022 00:16:25 GMT
expires
Wed, 05 Jul 2023 00:16:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E7AB
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1c19298ec3c455c4d34d0deee7557baf5ce1f2d64f8f8943bb8c0145aad3bbb2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dH3DQLeItpy6ES72Kx-V9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-dH3DQLeItpy6ES72Kx-V9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 05 Jul 2022 02:39:30 GMT
expires
Tue, 05 Jul 2022 02:39:30 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
pagead2.googlesyndication.com/bg/ Frame 81E9
36 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 04:35:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
79464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13786
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Jul 2023 04:35:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E7AB
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220629&jk=1520103964203497&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f
api.eu.dev2pub.com/api/public/Dev2Pub/
2 KB
3 KB
XHR
General
Full URL
https://api.eu.dev2pub.com/api/public/Dev2Pub/d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/dev2pub.js?id=%27d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.91.60.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
7e57576d3a898b1cbbf87c46245a0272d8134ad3efba26f4664f91483f6988f8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 05 Jul 2022 02:39:31 GMT
Server
nginx
X-IPLB-Request-ID
05BB1566:E0EE_335B3C26:01BB_62C3A45D_29F304BC:2D4C4
Content-Length
2412
X-IPLB-Instance
43024
Content-Type
application/json; charset=utf-8
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1152939023&t=event&_s=15&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=impression_video&el=subject&_u=aAjAAUABCAAAAC~&jid=&gjid=&cid=1145372659.1656988765&tid=UA-113932176-39&_gid=605402542.1656988765&gtm=2ou6t0&z=4878292
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 21:38:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18084
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIysaul9zg-AIVhahRCh1wfAalEAAYACCagoJFQhMIw_-Pl9zg-AIVZ4f9Bx08PATu;met=1;acvw=sv%3D929%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D309,404,759,1204%26tos%3D2067,0,0,0,0%26mtos%3D2067,2067,...
ade.googlesyndication.com/ddm/activity/ Frame 013C
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIysaul9zg-AIVhahRCh1wfAalEAAYACCagoJFQhMIw_-Pl9zg-AIVZ4f9Bx08PATu;met=1;acvw=sv%3D929%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D309,404,759,1204%26tos%3D2067,0,0,0,0%26mtos%3D2067,2067,2067,2067,2067%26amtos%3D0,0,0,0,0%26mcvt%3D2067%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2067%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D615%26pst%3D439%26dur%3D17857%26vmtime%3D1797%26dtos%3D2067%26dtoss%3D1%26dvs%3D2052%26dfvs%3D2052%26dvpt%3D2052%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1872%26femvt%3D0%26emc%3D14%26emuc%3D0%26emb%3D13,0,0,0,0%26avms%3Dexc%26qi%3D589252412%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1656988765535%26ptlt%3D1656988771006%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2067,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.18%26t%3D1656988768240;ecn1=1;etm1=0;eid1=200000;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 013C
42 B
66 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4GTxmHUFU0ft6FKOaWDMliPPIEu0rbgay4rpp3zCl10F7vPo2Dt97XCGVIS7Nh9Ok6-ikgxeAxr9spchl7vBSmscAkRF_rONWjzr8WjkEaj24FjY8RFDK-VeqHiimXUV7M54&sai=AMfl-YRGZ6_cWsjJeoTdhzyGaI-XqWw6VuV_aRck8psoFTOX19s_oP3xGmHwHeb7qPZLbzd_yhpcGj0I0h5QIXKLHtY3w0SXAnG8psegvL-wrLa8ycf3rUKMX7sYi0E&sig=Cg0ArKJSzO4CmA6A1BhnEAE&cid=CAASJORo9kByNQxC3l5deFp943djSotQTE4ScrEOU0uZf4_28dkoag&id=lidarv&acvw=sv%3D929%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D309,404,759,1204%26tos%3D2067,0,0,0,0%26mtos%3D2067,2067,2067,2067,2067%26amtos%3D0,0,0,0,0%26mcvt%3D2067%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2067%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D615%26pst%3D439%26dur%3D17857%26vmtime%3D1797%26dtos%3D2067%26dtoss%3D1%26dvs%3D2052%26dfvs%3D2052%26dvpt%3D2052%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1872%26femvt%3D0%26emc%3D14%26emuc%3D0%26emb%3D13,0,0,0,0%26avms%3Dexc%26qi%3D589252412%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1656988765535%26ptlt%3D1656988771006%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2067,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.18%26t%3D1656988768240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 81E9
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?HmiadQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220629&jk=1520103964203497&bg=!BAelB0PNAAaLlKKnq5Q7ACkAdvg8WtlHIIAvs7XhcMrSYontSpf9aL2FthaXoeLybMijkcusm0Gm8AIAAACEUgAAAAJoAQeZAphAQtZGXmcmQzIcY35MoBbWMGmDr3aP5wEiMhqCTL58YAOU1YT-dxOiHrWrPUXefCriRp-T1Kky_w1BE9jLIjr93ax8SSfNJip2dO5TV_4rT88_Rd7xF5ZFh2RQDkGco6hH2t0NxAr7gD6_HWTxMS33hhdWycxvznCjZnD92ubfA_zDAXPUcpeS4087FsyOyIrRIW50reyrT7FTaYHDch2UPzAvX8ALzAaegHHlKNu9GjGJOBn-juRP-zsTusa2BI00LBuKL8hDQf6zp471UWWxdtA-aJhhKIj6tk44DLzYJ4gZft_g-DluIh0MBT-2RnRG61LWFgA7G83UiVp9BV7ZV78je-81GS3VarlgS7vn8Bj42Fv6yQOoCI6L30Ye7V9N8Uzjr51kBoJuGrWcdciG1bkDKNHLCs-jTebMIM4aKPhXLb3WHxqMPES4YQ5sck2wB74r5-k9P8ERkbO3Mm3eHbX5C0D6fGcHJZIeD8Ky5gxiqmf7I7H2v8D-8tgUDLtEtQAASfWJG2mr69ksH90W3iDzTvh4SIGVL8P0K9rq0Vvzx1JjiP85tXwtO9cDb8uQ-tDFuf8fUEhsTIM3ssCgholaaE8V6vmrRJVg2yhjRTmLYri3S07BVsRXizbUCGG86tTfJc51Gam1_x3T2dQIhOh60SDfDw4c4dJiq3AJIRXNZDvq-j2PDrQqRRj-mZJGxVW6JkcSyT9gC3ez_bKnA6pDHrrWvQ77L2reIWCA2DowHh6v0IIgdgEMBrjmPB4KygCrwNb5XRuIE-E3IRtGjrftPO5tDlCO6OlvVK94tEUFDmXNZMnDSJuM2Foe0UISuf_qUHSc6OL1qkXN6H65xZ4DWB7zX4yhtyYoEaqWh9nA13lH5bmg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

csi
csi.gstatic.com/
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~l57kbw97&c=1085221559156&slotId=542610779578&met.4=hvd_lc.l57kbw97~hvd_src.l57kbw97&ps=800x450
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4001:c0f::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
localstore.js
script.4dex.io/
483 B
580 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2381981
x-amz-request-id
txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2
txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSiZYJw5RGzH8l2mDk1Z%2FeUMJfHlwsc3t4BES5UZQjXr0DHZgM0aJIBoAeoajcf%2FUJwJOTxh0jncKPbNIk14vq6xhaILA%2F3DiNO5BH4WU0qfdDpNeZfutcoQZ5fEVxtYpp%2FqvRxeaPD39Qwl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1652176652152482
cf-ray
725cbb118af5752d-LHR
openrtb
adx.adform.net/adx/ Frame
0
0
Preflight
General
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://subject.com.ua
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 05 Jul 2022 02:39:32 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/
0
499 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:32 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/
349 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39536&zone_id=1078218&size_id=10&alt_size_ids=17%2C32%2C54%2C67&p_pos=atf&gdpr=0&rp_schain=1.0,1!themoneytizer.com,74458,1,,,&eid_criteo.com=pA17EF84VDhiQ25BOVNqZFhUc1JVTjF3VkVhWm5SdiUyQmMzOW5YZiUyQkZqd0JBdnFRYU5UNXIlMkZFSjZBbVpMSjRpS3NXQnpGTTBIOU9GN2pxV0tteGZCR20xT1dHUSUzRCUzRA%5E1&rf=https%3A%2F%2Fsubject.com.ua&kw=Education&tg_i.ref=https%3A%2F%2Fsubject.com.ua%2F&tg_i.page=https%3A%2F%2Fsubject.com.ua%2F&tg_i.domain=subject.com.ua&tg_i.siteid=94876&tk_flint=pbjs_lite_v6.24.0-pre&x_source.tid=769446d6-26b1-4143-86fa-1226e66f06d1&l_pb_bid_id=4dbd204c27a77a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.28471101916079444
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
de4cb3c01a0eb8c8ea1a4d49839cfdcc15a10503da18dca680d5d49705d732cd

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:32 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
349
Expires
Wed, 17 Sep 1975 21:32:10 GMT
pb
ad.360yield.com/
0
167 B
XHR
General
Full URL
https://ad.360yield.com/pb
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.165.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-165-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Tue, 05 Jul 2022 02:39:32 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
prebid
mp.4dex.io/
99 B
583 B
XHR
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b56278b5b50883eda39fe40fccdebe7c21e688ffb286f77e956779a8f82c2765

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
725cbb1219db75b9-LHR
pragma
no-cache
date
Tue, 05 Jul 2022 02:39:32 GMT
via
1.1 google
cf-cache-status
DYNAMIC
x-warn
Preparing candidates. No matching rules and/or Bids disallowed and/or Invalid predictions
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
server
cloudflare
expires
0
adjson
ssp.otm-r.com/
2 B
298 B
XHR
General
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=240&h=400&domain=subject.com.ua&l=https%3A%2F%2Fsubject.com.ua%2F&s=32339&cur=RUB&bidid=1039c39e2531645&transactionid=769446d6-26b1-4143-86fa-1226e66f06d1&auctionid=e47176c1-ab85-4bdd-8e8a-04076b492886&bidfloor=0
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.152.105 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.105.152.201.195.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:32 GMT
server
nginx/1.17.6
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
adjson
ssp.otm-r.com/
2 B
299 B
XHR
General
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=250&h=360&domain=subject.com.ua&l=https%3A%2F%2Fsubject.com.ua%2F&s=32339&cur=RUB&bidid=1039c39e2531645&transactionid=769446d6-26b1-4143-86fa-1226e66f06d1&auctionid=e47176c1-ab85-4bdd-8e8a-04076b492886&bidfloor=0
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.152.105 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.105.152.201.195.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:32 GMT
server
nginx/1.17.6
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
adjson
ssp.otm-r.com/
2 B
298 B
XHR
General
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=300&h=600&domain=subject.com.ua&l=https%3A%2F%2Fsubject.com.ua%2F&s=32339&cur=RUB&bidid=1039c39e2531645&transactionid=769446d6-26b1-4143-86fa-1226e66f06d1&auctionid=e47176c1-ab85-4bdd-8e8a-04076b492886&bidfloor=0
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.152.105 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.105.152.201.195.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:32 GMT
server
nginx/1.17.6
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
adjson
ssp.otm-r.com/
2 B
298 B
XHR
General
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=300&h=1050&domain=subject.com.ua&l=https%3A%2F%2Fsubject.com.ua%2F&s=32339&cur=RUB&bidid=1039c39e2531645&transactionid=769446d6-26b1-4143-86fa-1226e66f06d1&auctionid=e47176c1-ab85-4bdd-8e8a-04076b492886&bidfloor=0
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.152.105 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.105.152.201.195.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:32 GMT
server
nginx/1.17.6
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
adjson
ssp.otm-r.com/
2 B
299 B
XHR
General
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=320&h=480&domain=subject.com.ua&l=https%3A%2F%2Fsubject.com.ua%2F&s=32339&cur=RUB&bidid=1039c39e2531645&transactionid=769446d6-26b1-4143-86fa-1226e66f06d1&auctionid=e47176c1-ab85-4bdd-8e8a-04076b492886&bidfloor=0
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.152.105 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.105.152.201.195.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:32 GMT
server
nginx/1.17.6
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
v1
ww1097.smartadserver.com//prebid/
916 B
2 KB
XHR
General
Full URL
https://ww1097.smartadserver.com//prebid/v1
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
fd41ee4788f6111d1002498276bee3a0f2f322e9f59af4f08bd2ab5256a719ed

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:32 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
prebid-request
onetag-sys.com/
15 B
361 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://subject.com.ua
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
prebid.smilewanted.com/
0
0

/
b1h.zemanta.com/api/bidder/prebid/bid/
0
120 B
XHR
General
Full URL
https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://subject.com.ua
Access-Control-Allow-Credentials
true
ROS
pbjs.e-planning.net/pbjs/1/2a156/1/subject.com.ua/
2 B
157 B
XHR
General
Full URL
https://pbjs.e-planning.net/pbjs/1/2a156/1/subject.com.ua/ROS?rnd=0.7584039562290545&e=26323%3A300x600%2C240x400%2C250x360%2C300x1050%2C320x480&ur=https%3A%2F%2Fsubject.com.ua%2F&pbv=6.24.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fsubject.com.ua%2F&gdpr=0&e_criteoId=pA17EF84VDhiQ25BOVNqZFhUc1JVTjF3VkVhWm5SdiUyQmMzOW5YZiUyQkZqd0JBdnFRYU5UNXIlMkZFSjZBbVpMSjRpS3NXQnpGTTBIOU9GN2pxV0tteGZCR20xT1dHUSUzRCUzRA&e_pubProvidedId=%255B%255D&e_pubcid=4479f66b-ba2b-4aa3-af26-6284341b371c&e_uid2=%257B%2522id%2522%253A%257B%2522criteoId%2522%253A%2522pA17EF84VDhiQ25BOVNqZFhUc1JVTjF3VkVhWm5SdiUyQmMzOW5YZiUyQkZqd0JBdnFRYU5UNXIlMkZFSjZBbVpMSjRpS3NXQnpGTTBIOU9GN2pxV0tteGZCR20xT1dHUSUzRCUzRA%2522%257D%257D
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Tue, 05 Jul 2022 02:39:32 GMT
access-control-allow-credentials
true
server
openresty
content-type
text/plain
content-length
2
x-sid
AMS-742
adjson
ads.betweendigital.com/
2 B
217 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
prebid
ib.adnxs.com/ut/v3/
144 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5d45cf81d4cd2920ebb16eb19db47895f93140e84b3273fe9d798af6f1a8d1cc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 05 Jul 2022 02:39:32 GMT
X-Proxy-Origin
5.187.21.102; 5.187.21.102; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
db41a5c7-29ed-4f4f-8e79-64cc68215779
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adagio.js
script.4dex.io/
72 KB
22 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2380642
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx1f3e446f9050492a97853-00629f4c08
x-amz-id-2
tx1f3e446f9050492a97853-00629f4c08
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kx3h82FZZf4YWQL%2FV5PCjITt9Q7uXXADnQyGyr7W8aPFeRYkT%2Fq5ggKhBKO%2BkszWnXWDBJ6R2v9h01%2FR1VUNk0f2jDg9dYdhcRd06Eu%2BFUIq1Y5fvkwijQCxs4Vnb84oHzoUa%2F7in2Gd42Dx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
725cbb11ca1c71bd-LHR
access-control-allow-headers
Authorization
PugMaster
image6.pubmatic.com/AdServer/ Frame 8607
0
39 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=95116969&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:30 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame F181
0
39 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=28556068&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:32 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame A767
0
39 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=74751056&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:31 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 3BA6
0
39 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69869951&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:31 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 83AC
0
39 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=55204776&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:32 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame A7EB
0
39 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49796144&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:32 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 25B8
0
39 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=63948306&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:32 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 4974
0
39 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=74084131&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:31 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 8D3F
0
39 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58261762&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 02:39:32 GMT
content-length
0
/
api.eu.dev2pub.com/api/public/Dev2Pub/SendAdDisplay/
0
223 B
XHR
General
Full URL
https://api.eu.dev2pub.com/api/public/Dev2Pub/SendAdDisplay/
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/dev2pub.js?id=%27d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.91.60.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/json

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 05 Jul 2022 02:39:32 GMT
Server
nginx
X-IPLB-Request-ID
05BB1566:E0EE_335B3C26:01BB_62C3A464_29F30BDA:2D4C4
Content-Length
0
X-IPLB-Instance
43024
/
api.eu.dev2pub.com/api/public/Dev2Pub/SendAdDisplay/ Frame
0
0
Preflight
General
Full URL
https://api.eu.dev2pub.com/api/public/Dev2Pub/SendAdDisplay/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.91.60.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Date
Tue, 05 Jul 2022 02:39:32 GMT
Server
nginx
X-IPLB-Instance
43024
X-IPLB-Request-ID
05BB1566:E0EE_335B3C26:01BB_62C3A463_29F309E3:2D4C4
dc_oe=ChMIysaul9zg-AIVhahRCh1wfAalEAAYACCagoJFQhMIw_-Pl9zg-AIVZ4f9Bx08PATu;met=1;acvw=sv%3D929%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D309,404,759,1204%26tos%3D4784,0,0,0,0%26mtos%3D4784,4784,...
ade.googlesyndication.com/ddm/activity/ Frame 013C
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIysaul9zg-AIVhahRCh1wfAalEAAYACCagoJFQhMIw_-Pl9zg-AIVZ4f9Bx08PATu;met=1;acvw=sv%3D929%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D309,404,759,1204%26tos%3D4784,0,0,0,0%26mtos%3D4784,4784,4784,4784,4784%26amtos%3D0,0,0,0,0%26mcvt%3D4784%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4784%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1246%26pst%3D439%26dur%3D17857%26vmtime%3D4544%26dtos%3D2717%26dtoss%3D2%26dvs%3D2717%26dfvs%3D2717%26dvpt%3D2717%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4784,4784,4784,4784,4784%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1872%26femvt%3D0%26emc%3D28%26emuc%3D0%26emb%3D27,0,0,0,0%26avms%3Dexc%26qi%3D589252412%26psm%3D-2147483617%26psv%3D-2147483617%26psfv%3D-2147483617%26psa%3D0%26pnmm%3D1656988765535%26ptlt%3D1656988773722%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,4784,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.18%26t%3D1656988768240;ecn1=1;etm1=0;eid1=960584;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 013C
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CmYUeX6TDYoPUJeeO9u8PvPiQ8A6k0e-UavS_4IDBDc_7kOPXAhABIOXxnH5gu76ug9AKoAHIx7XyAsgBBagDAcgDE5gEAKoEugJP0EJGXk0UkrsqEbOsLUrcOofDR1cut9iwwBxQxrf-N7QGotYP5LGIOJmMzAqqchPc3Hn6GVBYoWR01Pep1jQ1vkuPB_Gs0SefyiLEn-DToMuJc1np2RyUJrddYaIQ5z_FMZ_QT61qxfu1vvYtkRmi3sBfPSIWcH-jMZ8WJR_aO7tHpZx_fECO0sgpmsf9KcunNEvJWAVXWzZ0QoZuut0-MdvGgG5q6aT92rCjlriD8JYDO3oAq3QEtrJNJmMWbCNSKp2IcXW9-BdmHrNyLONtaXslIg4fmmFqep-lv5Up8wRPdBZ0BsgKDrquVZlOR8HTbxI6EVEA6_yQxuAPBEL5J-zlMx-Hy9Wfr6PDTMpP0wbEhoR0-d7OkjGPciza7JPZ5Pcd5L2gpOnVBbMZiSo8Yg27v1l6zyHbNMAEsdT7kLwD4AQDkAYBoAZOgAeguMqNAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTE4NDc5MzQ2NzYzOTAwODeACgOYCwHICwGADAGwE5GLwwrQEwDYEwyIFALYFAHQFQH4FgGAFwE&sigh=gtEwlar98PU&label=videoplaytime25&ad_mt=4544&acvw=sv%3D929%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D309,404,759,1204%26tos%3D4784,0,0,0,0%26mtos%3D4784,4784,4784,4784,4784%26amtos%3D0,0,0,0,0%26mcvt%3D4784%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4784%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1246%26pst%3D439%26dur%3D17857%26vmtime%3D4544%26dtos%3D2717%26dtoss%3D2%26dvs%3D2717%26dfvs%3D2717%26dvpt%3D2717%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4784,4784,4784,4784,4784%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1872%26femvt%3D0%26emc%3D28%26emuc%3D0%26emb%3D27,0,0,0,0%26avms%3Dexc%26qi%3D589252412%26psm%3D-2147483617%26psv%3D-2147483617%26psfv%3D-2147483617%26psa%3D0%26pnmm%3D1656988765535%26ptlt%3D1656988773722%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,4784,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.18%26t%3D1656988768240&sdkv=h.3.520.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0OTIxMTU2NzAzODNAtAIKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODcwMDM5OTIyCTE0NDczNjUzOEDdAVI2CPkGEBIlAACIQSgBOgsxNDQ3MzY1MzgtMUIER0RDTUi7BVAAWhBDSkVHblpaNTBVdzZnc1RCGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 02:39:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 93D1
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Jntgi-4CXXGRBJ0GJJv5ZVo4v6RYlyIcfVpO0hNfq6uhydSSJbYXT2nHjBJgjL13XYB_ML0I1gGZ6KCVLcVyLE9hTjQIgeAd2R9sc6pYDtJlHv8wupRhRQWNJArWbzw6i0-uDveeoD_fTV1_7yvrWwrdO6vm9UdpG8QKIjB2elhU_kTVvGKeg3zaJZ6Pvl8FX8ljjMInRIl-o8oM6AQ0PXQV_Cn_gSWWeUhUOvUMQqtaX4_opnbohcRAfquDlcHMxPAg7A&sds=2&rev=81891&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YsOkXwABZD8Iu_F9AAivmAr-TcEGJWUvIkJcYw&u=%7C3KzpqDx1Bo%2FUE%2B04%2BvMrLZjvMj6O%2F7g29GuaOlHwS4o%3D%7C&c1=0n2XosTo5cliKCnvh9OE5jqZHIJlQ7xgp7yhsEndoSQQfSwGU1sppLCzv2iiOS9LkPiw93sZyzprpcBW_Kd9DE6XzmaMRJbrT_2NzhcdyW6A2Mj1DXlPfZUcc2XqZigEn5UxmziCPwX6kiNuHpjsFsoAtfeCQvHw4240EUM52N89x8y8WHGRo3MmOV6zbMyzoX2Y0ihCcIVd4d-RVNldOXWICc8oj1YZh9S8YZwpacmeEyJmwFczAxM7nK02GNdKrTzRaXfnmM9rHz0yU8yXyQSkHPWCgeVtolyeGN8GC8AzIu_kxjUgIe3WH3ewWJrdyzDrktK3pP0-z8dvYC2qYxRZvatpkYE77bYdHXAwz8iB7KOnoSB-ElG_VenLyHTN7n-jbo0mRf2_FuOvBgAqMre5xKN3H7mxVhwmr9bY-dZ3wajW8i3HnKQ0HvWiPGNbp_Gx4X51F53O-oSOCznS9Mufy8Txo5HT1EQ19pShrKEQsRTtKk81KA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqetZX6TDYr_IBf3i7_UPmN-iwArkj9KxXKeS4YiIAcCNtwEQASAAYLu-roPQCoIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAG91IjrA8gBCakCfWA6DVlQtD7gAgCoAwGqBPcBT9DB6bdKXH35cnICF2wFV7P8CHNsy003E8nsbsbkVUoGVa461pbC2OJF30GwdBYGeI1baVUXVurHHaxpyAOMeG4oFXscoMKQXQhm5mQXUwgJP6e_oQt-vHP0Jwr22hquD18iAQ9G1EZFnbyXxjV4p6abk1GOs5EGrNkhThuAOxCJQKgMRJMFakNNdMjdgsIWgKANFNxkh8FjhfHAXVsoZnlzP3BwPtWU1d6Mh9zErHfv8tZuS2bD_7wQYPciR6J7b3gorG-iRwVh15K86XRB93MRPCUhCa0HQgAGFX3WjXPqYzJhJ0Rt5IiWDRMDKXCh08PExM4klOAEAYAG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi05MTkyMjIxNzc2MDk1MjIz-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1zoljkdA-KQweL4tw6ifyt8asAnA%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 05 Jul 2022 02:39:34 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
um.wbtrk.net
URL
https://um.wbtrk.net/doubleclick/user/match?google_gid=CAESEHzWTzMgzgMwumL2eMSRDLU&google_cver=1&google_push=ARnp8GBgWr4TqQL6b2R-BoRqY6kyVvIiTymFRcAjhKJ3aeReNYm98IwFXuHkhgh27ngS8ag-zXSO20mADEpEainNAXWdX3Nqu6Th
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/

Verdicts & Comments Add Verdict or Comment

225 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| 43 object| 44 object| 45 object| 46 object| 47 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| admixerML object| adsbygoogle function| gtag object| dataLayer object| __gcse number| 2f1acc6c3a606b082e5eef5e54414ffb object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint string| GoogleAnalyticsObject function| ga undefined| debugScript string| vdo_analyticsID function| vdo_analytics function| logPixel object| requestObject function| logError object| w_vdo object| d_vdo object| vdo_ai_ function| _ object| animationLoad boolean| d2pLoaded object| AdSlotCollection function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages boolean| vdoHlsUrl function| vdo_ga function| initVdo boolean| __isGoogleAllowed object| googletag object| pbjs325474 object| gaplugins object| gaData object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| _googCsa number| nextSearchboxId object| admixerJSONP function| HELPER object| core object| globalAml object| admixerAds object| globalAmlAds object| admixerLoad object| globalAmlLoad object| _google_rum_ns_ function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent function| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| Criteo number| googleNDT_ number| googleAltLoader object| hb_dmx_res object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| sas object| apntag object| _ADAGIO object| vttjs function| WebVTT function| vdo_videojs object| pbjs_vdoChunk object| pbjs_vdo object| mnet string| nobidVersion object| nobid string| vdo_lastLocation object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| M2I2MTllMmY5YzkzOWFjbG9hZGVyX2pz string| M2I2MTllMmY5YzkzOWFjY2FjaGVkX2pz object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| closure_lm_953972 object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| default_ContributorIabTcfV2SignalJs function| __m0F0sJOg2G__ object| default_ContributorServingDetectionClientJs function| __45zy51t9ik3m__ object| closure_lm_944842 object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytExports object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 boolean| google_empty_script_included boolean| c7fcff09-c9a5-45d9-80bd-2586d4f35479 object| default_ContributorServingCookieRefreshClientJs function| __8v31i8woen1z__ function| AdPlayerPro object| DMVAST function| playerPro object| GoogleGcLKhOms object| d2ppbjsChunk object| d2ppbjs object| google_image_requests

109 Cookies

Domain/Path Name / Value
run.admost.com/adx Name: golocc
Value: {'countryCode':'GB'__comma__'city':''}
run.admost.com/adx Name: sid
Value: 1fcf6e9f838
.subject.com.ua/ Name: _ga
Value: GA1.3.1145372659.1656988765
.subject.com.ua/ Name: _gid
Value: GA1.3.605402542.1656988765
.subject.com.ua/ Name: _gat_gtag_UA_113932176_39
Value: 1
subject.com.ua/ Name:
Value: store.test
.subject.com.ua/ Name: __gpi
Value: UID=00000833580fd4fc:T=1656988765:RT=1656988765:S=ALNI_Mbeqp_qurm1Lw2qRO059dZ5uWhgkg
subject.com.ua/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.subject.com.ua/ Name: _sharedID
Value: 6fbe9639-2af9-4a3d-a6d7-495dfdec5ea3
.adnxs.com/ Name: uuid2
Value: 2532584436606599527
.doubleclick.net/ Name: IDE
Value: AHWqTUlz1yxjJySZb7MRKrYaeZNYhf74oX_PVcFcSPznxLBancQV7DZsdcYR5bzwz98
.quantumdex.io/ Name: uid
Value: 42d21265-0570-4171-9bd2-d8d82dd20056
.youtube.com/ Name: YSC
Value: PcfeCGw6J-w
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: pcR98IiDPi8
.casalemedia.com/ Name: CMPS
Value: 2527
.doubleclick.net/ Name: DSID
Value: NO_DATA
.prebid.a-mo.net/ Name: __amc
Value: 2_1656988765_1656988766
.casalemedia.com/ Name: CMID
Value: YsOkXqZha.1iGFYS-EfDlAAA
.casalemedia.com/ Name: CMPRO
Value: 2629
.subject.com.ua/ Name: __gads
Value: ID=1fb775364e7dbffd:T=1656988765:S=ALNI_MZchJsKGDgj5ZW6IaBSbjluH3n0qQ
.subject.com.ua/ Name: FCNEC
Value: [["AKsRol_QLsfWB00gJzjueXG7VxCBF4luyNfXSmVTuYL6o6KYctkj35pZH_gHjlHqI997deGxgXmxz_Lke1AUUCuVRLVsF55U6yZ7c4hgsNIZXWjSWVYPaIp2j9TkFiVIeBfcELFLN10Wx86fQisG-4l7vrsr7hB-Qw=="],null,[]]
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GTynsUGV!]tdA8i_iqf!oN/@E'zz<*Z0QCi'FGbdM$QT/c>DT$WgUu]KKGW<@hV0n3cJ<QG=%9sk@3@'s>T.OzYW
.ads.avads.net/ Name: av-mid
Value: 0e62cb76-5ae7-41e5-b560-28a3aeb3bcee
.ads.avads.net/ Name: av-tp-gadx
Value: 1
.adsby.bidtheatre.com/ Name: __kuid
Value: bc693715-6236-4953-b7c5-2ff41293a030.426202767
.adform.net/ Name: C
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a6bdf7a2-c449-48bd-9f80-00a06f62024e-003%22%7D
.adform.net/ Name: uid
Value: 2175594504735143668
.ctnsnet.com/ Name: cid_2a24525bfbe54f6fb4b401e729d1a2c5
Value: 1
.ctnsnet.com/ Name: gid_CAESELhFA03yj6ZxIpHEAdha_vM
Value: 1
.simpli.fi/ Name: suid
Value: 767E77954A84485088CA923552782A67
.media.net/ Name: visitor-id
Value: 2999903674679076000V10
.media.net/ Name: data-g
Value: CAESEPZN2d0hqenv2gaM9x2zdBI~~3
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a6bdf7a2-c449-48bd-9f80-00a06f62024e-003%22%7D
.openx.net/ Name: i
Value: 4557dd01-f512-451d-b37d-af48dae97bb0|1656988767
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSMja3tDAzNja3MDI2NDY0MDEyEuIz1PUqLSw3jKrIdMlIMgYASaZAtSQAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAAAOOSMXR2dA129QuOKvcw8_YtLSusiC8oiSgMyQgrSwcA5hj_YR4AAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSMja3tDAzNja3MDI2NDY0MDEyEuIz1PUqLSw3jKrIdMlIMgYASaZAtSQAAAA
m.exactag.com/ Name: exactag_new_gk
Value: 776938e5ab6742caac5201d5bc6870f8%7c03.09.2022+02%3a39%3a27
m.exactag.com/ Name: exactag_new_uk
Value: 66ad3f1226c54890bb2fedf397b0b60f%7c
m.exactag.com/ Name: session_session
Value: 88ef1534570249f2a7d0e76e
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&e41e7169-e620-4f94-84df-b2d39addbc0b"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTY5ODg3Njc7MjswMjFJIB+M4hFf5HPZyHq4J7ic/tJlPqYjRx/6J3huXCU3bA==
.linkedin.com/ Name: lidc
Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2338:u=1:x=1:i=1656988767:t=1657075167:v=2:sig=AQG5a8zMx4X1b3giVJNVDKGqqfGMGMb4"
.adhigh.net/ Name: gi_u
Value: uslYABtjfAR1.AikABlGBzDoXdA
.spotxchange.com/ Name: audience
Value: b0c7f4b7-fc0b-11ec-9505-1fd522ee0206
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YsOkYAANx4Q2dQAj
.lijit.com/ Name: ljt_reader
Value: E7CfqGZHanM4f790Thm9zbEH
.yahoo.com/ Name: A3
Value: d=AQABBGCkw2ICEEtm0GqplJPDHVDgiGo-ZiwFEgEBAQH1xGLNYgAAAAAA_eMAAA&S=AQAAAvTFx7JSPN-kf6R-MGcxhNM
.turn.com/ Name: uid
Value: 3616262986304817475
.de17a.com/ Name: guid
Value: 1.6740047736227189082
ads.stickyadstv.com/ Name: UID
Value: f7911f195e6bbd741443bc9d40989e
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESELrGLHOpWGZzQv8UeN_Ms7o
ads.stickyadstv.com/ Name: sessionId
Value: 1694e2b74f76e79786b153e456488d
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2225F58E3A-ECF1-46EB-9071-E5E1888F93EA%22%7D
.360yield.com/ Name: tuuid
Value: 72e9f75c-48c8-45f2-9903-c1a759bf1aec
.360yield.com/ Name: tuuid_lu
Value: 1656988768
subject.com.ua/ Name: unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-07-05T02%3A39%3A29%22%7D
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yl~25u2:192w~25u2"
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: tuuid
Value: 36dcdb41-47c7-52ba-acba-af7cce790b1d
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.id5-sync.com/ Name: id5
Value: 39dd5d83-f565-436c-acc5-9eb02e5ecff9#1656988769097#2
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.betweendigital.com/ Name: ut
Value: YsOkYQAC0qg3xqu3GuHqPQCqE_KhpX8uL_x9DQ==
.casalemedia.com/ Name: CMST
Value: YsOkYWLDpGEA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 0ADD142D-0EB6-46C3-A472-F998E442A896
.c.appier.net/ Name: _auid
Value: 79RX9znzBLSSH2RgYaTDYg
.c.appier.net/ Name: _gu
Value: CAESEMRLDO8FkLZevjw5d-SFx-I
.subject.com.ua/ Name: cto_bidid
Value: pA17EF84VDhiQ25BOVNqZFhUc1JVTjF3VkVhWm5SdiUyQmMzOW5YZiUyQkZqd0JBdnFRYU5UNXIlMkZFSjZBbVpMSjRpS3NXQnpGTTBIOU9GN2pxV0tteGZCR20xT1dHUSUzRCUzRA
.dyntrk.com/ Name: dyn_u
Value: 03030001_62c3a4616db6c
.quantserve.com/ Name: d
Value: EBgBDQHFJrjvsQA
.quantserve.com/ Name: mc
Value: 62c3a461-6e76d-66cb6-8ca02
.w55c.net/ Name: wfivefivec
Value: WgMfoYFY1O8ytj5
.w55c.net/ Name: matchcasale
Value: 5
.casalemedia.com/ Name: CMRUM3
Value: 4962c3a46105a0&b062c3a46105a0&5162c3a46105a0&2d62c3a46005a0CAESEAb11kvJe9n9xRHVqUtKm-s&1862c3a46105a0&c462c3a46105a00&0462c3a46127603616262986304817475&8362c3a46105a0&c362c3a46105a0&da62c3a4612760&1262c3a46105a0&2e62c3a46105a0&0362c3a46105a0&2762c3a4610b40&6f62c3a46105a0&ce62c3a46105a0&3962c3a46105a0&6962c3a46105a00&f162c3a46105a0&9c62c3a46105a0&2f62c3a46105a0&4062c3a46105a0&5a62c3a46105a0&3362c3a46105a0&2962c3a46105a0&1162c3a46105a0&e662c3a4612760&4162c3a46105a0&5862c3a46105a0&8262c3a461a8c0&be62c3a46105a0
.admost.com/ Name: tco
Value: "2022-07-05 05:39:29.408315754 +0300 +03 m=+18227371.069629083"
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAOOSMXR2dA129QuOKvcw8_YtLSusiC8oiSgMyQgrSw_iNTQzNbO0sDA3M7cwNX7FiMr_hcS3tDQ2AAAy2_jQTQAAAA
.deepintent.com/ Name: CDIUSER
Value: di_8e63c4b0f36b4806aef34
.mathtag.com/ Name: uuid
Value: 8a4d62c3-a461-4100-b6b6-af8ebc141780
.company-target.com/ Name: tuuid
Value: a6bc78d5-d5e4-44cf-a11a-9f084b42a84e
.company-target.com/ Name: tuuid_lu
Value: 1656988769
.tribalfusion.com/ Name: ANON_ID
Value: aKnrAkxNeThBeZdwQMhExBcEOFwZbm8UrG09QbVjkrpwxGmq4DTcZcyiCylnWVrr7DrMd1UbKdEvxm0
.disqus.com/ Name: zeta-ssp-user-id
Value: ac7b08a9-d8be-ca37-d3c4-e3dcfe74077d
.casalemedia.com/ Name: CMTS
Value: 2370
.criteo.com/ Name: uid
Value: 25c65483-bd1b-4df3-8a86-8f89e9b72a05
.subject.com.ua/ Name: cto_bundle
Value: 0tzcVV9HdUJzZUFadmVEdTA1cEd5V2poaGxqcWVFOU13NjFNQkl2JTJCJTJCNnpqMjlqaXYzUDM0UmJLbzVpNmpJWnhIYTRxRnFyJTJGJTJCTXdueWJkYzc5SEQ0cG1GODVIZGtzS0tUYm8yQVhoOUlXZWF6bkdhWnZGNUIyNmFxWFlWcEtSTG9yYzdHMndiUzJGeGw0MVdzVGU3ZU9RWmN6QSUzRCUzRA
subject.com.ua/ Name: undefined
Value: %7B%22criteoId%22%3A%22pA17EF84VDhiQ25BOVNqZFhUc1JVTjF3VkVhWm5SdiUyQmMzOW5YZiUyQkZqd0JBdnFRYU5UNXIlMkZFSjZBbVpMSjRpS3NXQnpGTTBIOU9GN2pxV0tteGZCR20xT1dHUSUzRCUzRA%22%7D
.subject.com.ua/ Name: pubCommonId
Value: 4479f66b-ba2b-4aa3-af26-6284341b371c
.adnxs.com/ Name: icu
Value: ChgIjfJbEAoYAyADKAMw4MiOlgY4A0ADSAMKGQjx04ABEAoYASABKAEw5MiOlgY4AUABSAEQ5MiOlgYYAw..
.ads.pubmatic.com/ Name: KCCH
Value: YES
.otm-r.com/ Name: mpid
Value: NjJjM2E0NjQxNGYwZDYwMA==
.rubiconproject.com/ Name: khaos
Value: L57KBZFL-16-7FOQ
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB3atc8Ix12C/6JvvWgC/Qcxgndhc+y7+ZAdY+/zvkQ2dJ/fNiLRMcUNc8eaUYYwigWHxUFRJZfD4YAXuoDlYL8AqYG1CpndbK8=
.smartadserver.com/ Name: pbw
Value: %24b%3d16990%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 509968=4999839
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pid
Value: 757708406892076858
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1500007100%3B%24ql%3DUnknown%3B%24qpc%3Dse1%3B%24qt%3D78_2531_70260t%3B%24dma%3D0&c=1&l=-1013026256&lo=-906521368&lt=637925855726643756&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1500007100%3B%24ql%3DUnknown%3B%24qpc%3Dse1%3B%24qt%3D78_2531_70260t%3B%24dma%3D0

10 Console Messages

Source Level URL
Text
other warning URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 88)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://subject.com.ua/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://subject.com.ua' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
a.rfihub.com
a.tribalfusion.com
a.vdo.ai
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ade.googlesyndication.com
ads.avads.net
ads.betweendigital.com
ads.eu.criteo.com
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
ads.yieldmo.com
adservice.google.ae
adservice.google.co.uk
adservice.google.com
adx.adform.net
analytics.vdo.ai
ap.lijit.com
api.eu.dev2pub.com
b1h.zemanta.com
b1sync.zemanta.com
bid.g.doubleclick.net
bidder.criteo.com
bttrack.com
c1.adform.net
casale-match.dotomi.com
cat.nl.eu.criteo.com
cdn.admixer.net
cdn.connectad.io
cdn.jsdelivr.net
cdnjs.cloudflare.com
clients1.google.com
cm.adgrx.com
cm.g.doubleclick.net
cmp.optad360.io
cs.media.net
cse.google.com
csi.gstatic.com
csm.eu.criteo.net
csync.loopme.me
d.adroll.com
d5p.de17a.com
db3b905744625b15bb1141c655185bce.safeframe.googlesyndication.com
dclk-match.dotomi.com
dpm.demdex.net
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
fastlane.rubiconproject.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
gcm.ctnsnet.com
get.optad360.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
h5.vdo.ai
hbopenbid.pubmatic.com
hbx.media.net
i.connectad.io
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
m.exactag.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
mug.criteo.com
nep.advangelists.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
partners.tremorhub.com
pbjs.e-planning.net
pix.eu.criteo.net
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.quantserve.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.smilewanted.com
pubads.g.doubleclick.net
px.adhigh.net
px.ads.linkedin.com
r.turn.com
r5---sn-aigl6n7z.c.2mdn.net
rtb.adxpremium.services
rtb.fr.eu.criteo.com
rtb.openx.net
rtb2-useast.torchad.com
run.admost.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
serving.stat-rock.com
ssbsync.smartadserver.com
ssp.adriver.ru
ssp.disqus.com
ssp.otm-r.com
ssp.wp.pl
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
std.wpcdn.pl
subject.com.ua
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
tag.eu.dev2pub.com
targeting.vdo.ai
tpc.googlesyndication.com
um.simpli.fi
um.wbtrk.net
ups.analytics.yahoo.com
us-u.openx.net
useast.quantumdex.io
usermatch.targeting.unrulymedia.com
ww1097.smartadserver.com
www.google-analytics.com
www.google.com
www.googleapis.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
x.bidswitch.net
hbopenbid.pubmatic.com
prebid.smilewanted.com
um.wbtrk.net
104.18.18.126
104.18.19.126
104.36.113.23
104.90.104.226
104.90.104.242
104.90.104.26
108.128.165.171
135.125.163.79
139.162.23.100
141.95.98.71
142.250.184.226
142.250.185.226
142.250.74.194
147.75.85.234
151.101.194.49
159.122.14.34
159.65.196.12
174.137.133.49
178.162.133.149
178.250.0.162
178.250.0.165
178.250.2.135
178.250.2.146
178.250.2.148
18.156.0.31
18.158.37.200
18.193.215.198
18.193.237.214
18.235.201.30
185.184.8.90
185.29.134.248
185.33.221.14
185.64.189.112
185.86.137.108
185.86.137.113
185.94.180.125
188.42.191.196
192.132.33.46
193.0.160.128
194.190.76.41
195.201.152.105
195.209.111.4
199.101.135.227
2001:678:cb4:bbbb::11
209.54.176.128
212.77.98.32
212.77.99.29
213.155.156.168
213.19.147.44
213.202.235.9
23.35.228.23
23.35.229.117
23.35.237.56
2600:1f18:1aca:4280:1331:3de6:525d:5ddb
2600:1f18:612b:4264:ca97:405b:dadb:b691
2600:9000:21f3:a600:6:b871:4f00:93a1
2600:9000:223f:4800:1b:5138:8a40:93a1
2600:9000:224a:ce00:8:48e:53c0:93a1
2600:9000:225e:5e00:11:a4de:2580:93a1
2602:803:c004:200::141
2604:9e00:1:129::2:a01
2606:4700:10::ac43:2ac9
2606:4700:10::ac43:8ae
2606:4700:20::681a:9a9
2606:4700:3038::6815:eb09
2606:4700:3038::6815:eb0a
2606:4700:4400::ac40:98f5
2606:4700::6810:5714
2606:4700::6811:190e
2606:4700::6812:372
2606:4700::6813:ac6c
2607:f8b0:4001:c0f::5e
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:21::14
2a00:1450:4001:802::200e
2a00:1450:4001:803::2001
2a00:1450:4001:808::2006
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:813::200a
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::200e
2a00:1450:4014:80f::2002
2a00:1450:401f:3::b
2a02:2638:1::4
2a02:2638::1c
2a02:2638::2
2a02:2638::3
2a02:fa8:8806:13::1370
2a03:90c0:41:2801::254
2a05:d018:d29:3605:c111:9aee:7bd3:6707
31.131.26.2
34.192.82.213
34.193.246.29
34.255.241.13
35.186.193.173
35.186.253.211
35.190.0.66
35.205.207.25
35.244.159.8
37.157.3.30
37.157.4.24
38.91.45.7
46.249.52.249
51.178.20.139
51.75.86.98
51.79.20.94
51.79.79.65
51.91.60.38
52.16.40.114
52.223.40.198
52.30.130.246
54.171.241.185
54.74.12.230
64.202.112.127
64.202.112.223
64.233.166.155
66.155.71.25
72.251.245.179
72.251.249.13
84.17.46.54
004dfef0578a10ad4309cdf6431d4b74e904f11b5836f3920d9afb8e449c4b39
01fb24629611503ba4ea42ea9d94c1b82449d62985a6087c5e22e9e38b9b0ff6
024bc9124560f00b84ad3d590e757ee1d0624bdc56f04ec16061bca327036aae
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0470eab6e59dc578a34653d71dba2e9e3e47a2c63f1d292a9d987aad2af4966d
04b4d4105ce4479cc23d28d8adabeff167c8a3450f8ceec95fc24177f4e33c18
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
071404725633a55031a90aac1b637158dd67b9ab9f140100d22f8e69f9fdaed2
071dc20e06959975ff8f1cdd8495247ee85c6dc3616cb494446a0c5457517c1d
08636323995f6c36f9b860849371a1430e50e239aef09b456cab19aa79756e57
08a0c4f341c2cc8380d5b113b42913e20b33a089c287d2c2259deadb4a2cca07
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a3d696dffca48ce8b54b1750ba72045e9f1f6221a634356409491c66d6943a3
0a5fd4b317139a2cde5a11d5d21b6ca4c19dd6ac246784995b57c9264abdee98
0b2423966cb2c05af92cfb4f27e563a6b7c9e47bd510b6ef1fcd5c86a7a90a7d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9d71929cec28c4265975fbab37e6864dea67957b1f8c5b1635d5d9998950b1
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0dccfb1620a4db7c8e5d1e3e09a8cc5a690ab6dd1d72f562a2a51cb2940a02a8
1267053f2b37e1929526550215621883787b4a2250a27c8655df8d43a9ca99ba
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13578d1af4231b0fe1dce97d8c588932ffd2f70cd593575640a8315463bd2c37
13b6769a5624a39948c1533d285718ccc8188bfe723589082b6fea34786c434d
13de32ec960c3a7e900b2701b494603dd3d78cb8985cfba045a0a9dddd9744f9
146bf0a1dc3487c76d22ace07fdf3c668f7111c5eb4167d203d22643827b7287
156a89db96532096793f7211ea80e871a260de5416be71883362fd6305a434cb
1758268a169457ec7c2601d5c148715d5442a9cf20a465ff05b42cc556aa2259
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e01eba7742b866de79403a3b3f762666d0524d16687161ecb1666fbd29e899
18fea670d670246cb871f9c979342ea1934c586df53614fdf775a9e65e2e4518
19b577be1d11d31c8258405065228dcae313b1d57fe16cd8ec7527048e9365db
1a807eae95f94ba3ce98774b366b04a066ba392cf9f9906ecd10d734077ac5c4
1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a
1c19298ec3c455c4d34d0deee7557baf5ce1f2d64f8f8943bb8c0145aad3bbb2
1dcc19a687ab2dc6db2b4f022a18c9428e4bdb903e695a5d54c1aad2984029f9
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e64b2e7bfaa97b035c4f71b1d3b62bdd9d51793c15d45aa2db501c0cbe9e6e3
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fe0d4888178da26fc6a3dc378b284c71ee2d841994f08f6d2da87c562c458a4
22241fdf7e5d74dbba137a54493600ddeea31c80c829e46d7a90342ca8627b2b
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2412e102b54af446e952d05dd3e5890bd0baa7e5987115e166b54d977d9f37e3
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
2a55dc58c4d39a4ac4eddf8781618150bcec280f0515832d4c01719d946d8329
2a6013662acabfedbe9e84ddcf9d8569dd9a31dae23ab5f80c18ae0650929fd9
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2c837ac7b2c917ebd9f561133f58f2fb595c37bf1ea1b2733bc93ce1a5b4db6b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f6e7ea921346d30b5698d444f235bed87a5a5e4f2fb174b6b1de95bf32b222e
31bd188853351de4ffb30073a5a1823c873b348631fc936268c9100c3abea6fa
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
32d799564052a88013ec97af2ac28cb5b5132d00c62fa3acd8a4732e7ddede24
34538388fdc926429d1544ddba61ea522cfd4a8ef577b1ae2ca5a0f0e57c8735
36eb0e0d0a38e5fb99dbf3b081d4b9ea8aa5822b846047c6dc524fa014788418
374ce995ef52797d2b54db25c71f26e92418b1c91615fbe91404fe6d41967e4b
3921d22e340021189f986befdb097d34a4d1142b3c0a2565ef53f5d0971c1748
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ed193be1d15265678137ca886ffb7bdc7d963232001bf1886e8dace9b3c3b03
3f40592488e9d1e2f71142e473e9978d04ccb007db7587cfb43057b3a1ce2003
40eda45fe4c8ac3e02ba22f5a611ea7fd75c356488fc42bfa73d7e333df50af2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac
4ab0e6df27ae3fe0f509000e3d73db82fd24ff5ae10155e41e660d6dd3491943
4adc34e943aed7192fdbf71e93bc7c7e3281d121e86eb3150b77245da45f5a39
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc560334638100408afb5bc01e7fbc38e01e0c517b1bfd543c489d9cbdc8cff
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54bf721536ae489bd3d0d2e84a76afb7b19650218c8b3c4e9648f260a4ee9e0d
54c2e38fc1eb07a52ed9511df418fa514b7ebf4c6a426dbd8a661472572e1d07
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55df4e1176549ff382928e1124034d576c028fd75c2d08907a4905aeda9af805
55f56026d86468db4135723445d1df3498809ce536fa7a518b2847d7e6a27a96
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
57d4944ce0cbe8e3daba4cb5fcd014b2bf5d4e1d06a2bc6c24bab30eabf3109e
58644b7dfa826a3291e2e5d6c2974b47906616e1aa03a2f757fdd1bde7796621
5925b6ce61e16911c4704a187063891abae9e8096841ac9ca4bb9b5a11c8a217
59f538b98b390530332e4377ce38fda8d639c09219681852731d89966fba299c
5d45cf81d4cd2920ebb16eb19db47895f93140e84b3273fe9d798af6f1a8d1cc
5e5645a6fb948eb0f445dd91ebeb9b353938b82c80b5a4778f4406136a8ea18e
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
5e6345c14a6d04f0ce2cef1b3c110dd9a3ba4ac47a2c11486feb7ba2b2c66d55
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f941f769954b82b40e182fe9e49ff7269e6c39e2622089b71462bc45deda0d
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
6266084a52a1a323e230f023c52a34dec272620f00f2468ace6ef10a090948a6
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6
6482fabea16c1ee1b3760921888758f279eaccc47fe8563f0c10dccc5752d333
662a701e1568bc9c60eb966d8c2200f4441a233d50746596c2cd23ac0240dc62
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6642d84d3a35e0afb73e52a48164c3813939ddf62cc1f29a743f2272382f0696
6662f56724b20e34f24fc6022461d4f2aab396edc20d088da9b4edb0d03f7f4f
67f26bc9668b3122c7e7c8c75e3748597ab4a9623036eaf3a8b60e53afef276a
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cec2ee8aca9d793478470efb93ecf9b897a597e196d970efaa101e0d18ce92c
6e9a215d72b5105fc59f0aa58bf802509b7c0d004e16e11c1d8698abe246b193
707c74e779762b2e450b6959ae22c2c6b0b26079fffe308b6427dcf8347506f2
7108163c3afcc4ab95a0b543c485b8697129dc956a29e09103fdd9192b991496
710bf3b3a54e164c3bde1c64dd239d2e8cafb6277fecfcfff4bda901d81d377b
71e56ba1151fc6fd2f518785ef40441c7f5dab85b6dbb3e809b63e88597bdc3d
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
78471dab945b59d358db49aaa00518f843820e961dd291e7d3ce7127265134e8
79079035ef85018e365005353caff57c4797c437cb07f6460e77bf6477cd3805
794a9e925e80c242e70e27652df3f96be3283c7fea92d139d119713802f46be8
7e57576d3a898b1cbbf87c46245a0272d8134ad3efba26f4664f91483f6988f8
7ff5c9d7e49415ffeeeddff81bdfad825451eeef09e1c2c4ee13ea46f16cff02
8015a89c7e50b71a6597cfc7bc2be462212ae1f57c37e40878a79e7550768ccd
806f20a10c504fd26c743dca9b1ec6e4967e5265e35d9358c7e0f78d96ff4377
8318addea8dc98b34232112ba1b5e29751cfeb8c8ac76b61570e2b7c840bef1a
832c2367a5a0b8b162e1d78f0a6cbbf7cfb30ed67ef8d16da733a97d6094f7d3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836af53447290f759fcedf2d9dedd5f7f9d556505a23f8d7b812f425fe4a0421
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
855141b72447ad59625d3b45984ff3c1e829eb5a15bd5bc0da1f8f7263349a2f
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b441b2a9558e2a5fabec71de00959128e85b1292f2211f84cb30a52a7f3f270
8bae5fdebbf3eb7ff15fdf90b283afc0b345d3cd37df9fa0e3e0e3166de34180
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e32695eb554644820130b6b6c39187282bfaef34cf5b88b9a8c9b10d2da1e03
8e4c75bc1ec08f6057d423247f6d2fe9f7b76cc5184c6eeefa1b239d22096354
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8eee7b34356fcf9fe076bd973b7f78014097060ab9482cb5dcd53628e32e2be0
8f550214ade3d7fb0e99b8addf73e82acd22c990eaa82b9c7fbe65e8e81116e7
9016147cc4ea6ea49172fe940fc7beadeee7d2dcc0e752c5cbe5a2ec76cfe1cb
9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91d7a8383414f65a849e087a7abcdd6c922159112e83e50f58365ffa6d360014
91ef8166c2ff080dd811e40848305898e75cb74aaa0a02b3262239cbd55fd1ab
9319cb4af53d49e9dfaf627048b9c09584bae2798dbf5996db792476d86e87f6
936a87120ddbcda13815561f58e4f45294e8c49939b645adac52704346e4777c
9472cd52932b3f1b59130879dcee9dec0795ff30da99d22c3fb708086705f116
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac59bf2ef1bcff84c51376f56f9a50de1e13f10525ffa8f2864c30b077e11e4
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b
9b9d866b7fa495bfba4c09b8a73dd7b0253c04d739a810bc557fb6b3d051ed2c
9c473141dc73a49904c72500d32938b78834be5772b6dc7ac5a65f48bcc809f3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a170822e6eff5c303f730f469bd1fd94ea9789505eab4541b9a1c2e48854fa53
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a340a6a97453434cf3b78861f253a28133dea87d8f157dd791b6dd2a8c7ac558
a43ae50be81a393bb0611779e3a14c0a7a791e480ef713585de7f10dcbb4bb9b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9bbd2a6bef97cea6bef5814fc9762f4ec9be1e58c4c8073c5cc6fc07a947fb8
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
aba363da63c154691250d5daa4dfa09d2b026bd99245c76e64031390dc6609bb
ac15f8b0203ec1716d5f6582a32002effea867e56808a08901c7ea26c2e3348d
aca4b5ab1c4916c0e2a1a42b600a4192a2f2b46c816af60ad14b0b39d7f3e986
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad42e83d93190ee8fd75d4e430ffc4449e946cf63908953f83eb1a8901809306
af76c748f675285a305ca6d94d1ceb6773dc7b58b16c7be230a110a50f0f65a3
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14768fcdee89f4f1239f1f013a3fed89394d7d17c99c191ab6271efa380ee40
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b56278b5b50883eda39fe40fccdebe7c21e688ffb286f77e956779a8f82c2765
b5d91e83633543543de8c95bfd761fecca7d2d05dcdf7eef526e75a8139a93b3
b5dcf4aad520bb2b3a08a85bdeff452b1550ccd9bd297c578607019f895b38ef
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
ba17f23f1ce7efd38a398bb6b6e8dab40e970965a2a1013229590d8624386b39
bb829740f5144dc6316965aabd9d9eb695fea80a3f7ff3dece65a325ebd5a4bf
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ec1d1a24341f75c3de87b40a90cb16c8a36763a4c07f363e8aa4f4a5d8eb39
c69d94ce6df5eb525a6281c43a1523a7f25feeeda2b25e56cefc569664753494
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
ca5783fe299b27660b21ead92422546b8c903924613ef0975e543c9b7c4a6bf4
caba67500a5d68e55bcb810bee178e47ba0bfe151784ce4f246e3ff484f84ca7
cb326ea58d9ecbfd533ab216aea0934feeeffc4e46862f152a6f5a5d2a35d974
cbc09799090373dabd4bdd3cfb8470dae9424795d12d6936eabbc23039a7328b
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cf937f22bb4c5f8e827a344e6726fa957c379738a0e9f4d5d35406ebb35d0143
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d245e82258fa0cbdc3d1cdd87f32d91f7e0ed0a84da6fe8ab32020efb72f495e
d26cc52139807b8f228d2b56eef13b338eb10b05c9f6b844260b30ffad8fee2a
d6b295c72920882cdfd361e537554d94add26762b96eb408afee7badaaf17a3a
d6babea0ece2c83d3f48544adedeb793677c6ea20343cd6971b608bc8cab571f
d6c8b4aac5dcdf5143c84aecf95492c462aed75d12ba2ed897417a7d3117d729
da9da6cc08f4fae96cb11b10e093fc4d19f871c3d4b46a2a48ee7f26637b92e5
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd506dae155552292b0a774d4d5405aa383640a5f391c505ad41348a98a754d8
dda30ba7e80bbabbcc06f0de349c08c4ba46e1745685e382b0b968cc28f7838e
ddbc9719c72a462df357c3a5209f268d45cd45cc7270c682ebf5724c97cb7364
de4cb3c01a0eb8c8ea1a4d49839cfdcc15a10503da18dca680d5d49705d732cd
e0af59e40d490c923fc7e675b310d9d34470e48d01bf53b349f0c8f510ec649a
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1963b2e32967eb1f725a8d8e2856f4deb72895a289020b9f5b8e5b5bb6433a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e42b37d53e6a4c4600b32310d7d357b74c37058c1a21aac635bdee2aee021d46
e48238a516948e058018923ebde7cc8af0732af5650d65348c7f716a5f45e136
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e81c6df8730a4d1bb72cf74ed5c5bf440505ad49041e9eabbf943a365be7e9b8
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9888041e2a27f0cab4ecc709a22cb28996aaa1504e83d879afbec0c8b1ad50a
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ed2fd2a10dbd3dd732faf98e27d993116bc233e5da8c1032cb93b4238873cf83
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe8f232291b3ef2a18f647e542c85123f12ea046bf8e0ceeee518cc00f47218
f2ead0f81b0dffcb4d83c4ec82c47126a88144870f59ca61598efacbe5805e70
f38cb6b8fb33adfdb27f4d65750c7147b9e81df52d80abd22d0ccff3cf1a02e0
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60
f6b7451606fdcda3eb923c2e26b7f46f2ae959ea6b035204660d1c7714cad9cd
fa09166f32bdf4b9a701031a48aeeabcdc14f275f81e5af1fe3cbe27410de246
fbeeeddcdfdcb5659d9eb9f825c7f2491be4ff8fb18fe098ad93376959170739
fc3098b1038bd0775c25e0de1839ef26063716bae22a95354f9a61425551c1f1
fc9a1e41bfcaa09345ca316d5da548632892354bf40b4b3ba69b5a21d40fff4a
fd41ee4788f6111d1002498276bee3a0f2f322e9f59af4f08bd2ab5256a719ed
fed7eec9f4ea4a819a1c8481108a1bf49a7815f4349dd0a8804d488d873163a0
ffcb552e7b05e9823b6762c57fb2df8d2eb56415a7ecb0242eb9477b1a6d7971