urlscan.io logo urlscan.io
SecurityTrails logo

www.buhoblik.org.ua Open in urlscan Pro
2a06:6440:0:2d02::1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://buhoblik.org.ua/
Effective URL: https://www.buhoblik.org.ua/
Submission: On February 25 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 110 IPs in 18 countries across 122 domains to perform 382 HTTP transactions. The main IP is 2a06:6440:0:2d02::1, located in Ukraine and belongs to UKRAINE-AS, UA. The main domain is www.buhoblik.org.ua.
TLS certificate: Issued by R3 on February 5th 2022. Valid for: 3 months.
This is the only time www.buhoblik.org.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 11 2a06:6440:0:2... 200000 (UKRAINE-AS)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
10 2a03:90c0:41:... 199524 (GCORE)
2 2a00:1450:400... 15169 (GOOGLE)
1 6 95.216.186.40 24940 (HETZNER-AS)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:7a60:0:1... 200000 (UKRAINE-AS)
10 95.163.114.204 12695 (DINET-AS)
1 142.250.185.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 11 146.0.227.110 20773 (GODADDY)
2 3 146.59.18.237 16276 (OVH)
1 3 185.184.8.65 204995 (RTB-HOUSE...)
3 2a0c:5c81:513... 55081 (24SHELLS)
5 6 18.195.234.70 16509 (AMAZON-02)
2 2 193.232.148.140 48061 (UMA-TECH-AS)
1 216.52.2.19 30282 (AS-INAPCD...)
2 193.200.65.6 6681 (GIVEME-CLOUD)
5 9 2.18.234.21 16625 (AKAMAI-AS)
1 2 194.247.175.26 196831 (BEMOBILE-AS)
1 1 80.64.106.152 20764 (RASCOM-AS...)
2 2 96.46.183.20 7979 (SERVERS-COM)
1 2 88.198.31.232 24940 (HETZNER-AS)
2 37.18.16.21 205675 (HYBRID-AS)
2 2 81.222.128.14 20597 (ELTEL-AS)
12 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a02:2638:1::11 44788 (ASN-CRITE...)
2 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 46.249.52.248 50673 (SERVERIUS-AS)
1 67.202.105.34 32748 (STEADFAST)
2 2 23.88.75.187 24940 (HETZNER-AS)
2 13 62.149.0.72 15497 (COLOCALL ...)
2 51.89.9.251 16276 (OVH)
2 3 35.227.252.103 15169 (GOOGLE)
2 2 34.248.69.2 16509 (AMAZON-02)
1 193.200.65.5 6681 (GIVEME-CLOUD)
4 5 185.33.221.88 29990 (ASN-APPNEX)
1 72.251.249.9 29791 (VOXEL-DOT...)
21 2a02:2638::3 44788 (ASN-CRITE...)
3 178.250.2.148 44788 (ASN-CRITE...)
5 178.250.0.162 44788 (ASN-CRITE...)
4 2.18.233.180 16625 (AKAMAI-AS)
2 6 23.37.42.132 16625 (AKAMAI-AS)
3 4 66.155.71.25 13768 (COGECO-PEER1)
4 5 54.78.254.47 16509 (AMAZON-02)
8 9 35.227.248.159 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
10 178.250.0.139 44788 (ASN-CRITE...)
1 1 66.155.71.150 13768 (COGECO-PEER1)
4 46.249.52.249 50673 (SERVERIUS-AS)
4 8 3.228.116.73 14618 (AMAZON-AES)
2 5.178.65.252 50673 (SERVERIUS-AS)
1 3 168.119.79.223 24940 (HETZNER-AS)
3 2600:9000:215... 16509 (AMAZON-02)
1 2 37.157.3.28 198622 (ADFORM)
1 205.234.175.175 30081 (CACHENETW...)
17 2606:4700:10:... 13335 (CLOUDFLAR...)
4 198.47.127.19 62713 (AS-PUBMATIC)
8 10 142.250.186.130 15169 (GOOGLE)
1 2 37.157.4.28 198622 (ADFORM)
6 7 35.71.131.137 16509 (AMAZON-02)
1 2 2a04:4e42:400... 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 3 54.76.200.156 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.104 24961 (MYLOC-AS ...)
3 7 52.30.140.199 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 18.193.91.79 16509 (AMAZON-02)
2 52.214.30.104 16509 (AMAZON-02)
2 4 151.101.2.49 54113 (FASTLY)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 34.195.210.70 14618 (AMAZON-AES)
1 2 52.94.222.140 16509 (AMAZON-02)
2 104.111.215.191 16625 (AKAMAI-AS)
1 1 34.246.50.75 16509 (AMAZON-02)
1 13 3.122.33.49 16509 (AMAZON-02)
1 2 209.54.180.3 16509 (AMAZON-02)
2 2 2001:678:cb4:... 56396 (AMOBEE)
1 1 54.236.185.42 14618 (AMAZON-AES)
2 3 104.111.242.53 16625 (AKAMAI-AS)
3 4 37.157.4.24 198622 (ADFORM)
1 2 178.250.2.151 44788 (ASN-CRITE...)
2 2 213.155.156.184 1299 (TWELVE99 ...)
7 185.64.189.110 62713 (AS-PUBMATIC)
3 3 185.29.132.241 30419 (MEDIAMATH...)
15 185.64.190.80 62713 (AS-PUBMATIC)
1 1 44.193.191.16 14618 (AMAZON-AES)
2 3 52.213.253.251 16509 (AMAZON-02)
1 5.161.47.120 213230 (HETZNER-C...)
1 63.251.232.165 29791 (VOXEL-DOT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
4 4 213.19.147.45 3356 (LEVEL3)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 94.23.73.243 16276 (OVH)
2 198.47.127.20 62713 (AS-PUBMATIC)
4 4 15.235.15.221 16276 (OVH)
1 2 169.50.137.182 36351 (SOFTLAYER)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 18.156.0.31 16509 (AMAZON-02)
1 1 47.252.78.131 45102 (CNNIC-ALI...)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.102.253.54 15169 (GOOGLE)
1 1 37.252.172.249 29990 (ASN-APPNEX)
2 69.173.144.139 26667 (RUBICONPR...)
3 7 2a02:6b8::1:119 208722 (YNDX)
1 143.204.98.111 16509 (AMAZON-02)
1 212.83.160.162 12876 (Online SAS)
1 62.109.14.161 29182 (THEFIRST-AS)
1 92.63.105.49 29182 (THEFIRST-AS)
5 95.217.109.66 24940 (HETZNER-AS)
1 217.197.112.80 20655 (E-STYLEIS...)
2 69.173.144.165 26667 (RUBICONPR...)
1 1 194.213.62.34 13036 (TMOBILE-)
2 17 104.111.216.213 16625 (AKAMAI-AS)
1 1 104.111.245.23 16625 (AKAMAI-AS)
2 87.240.190.78 47541 (VKONTAKTE...)
2 184.30.24.193 16625 (AKAMAI-AS)
2 94.100.180.54 47764 (MAILRU-AS...)
1 1 185.33.221.186 29990 (ASN-APPNEX)
2 2 72.251.244.140 29791 (VOXEL-DOT...)
2 185.64.190.81 62713 (AS-PUBMATIC)
1 3 3.124.210.90 16509 (AMAZON-02)
3 95.217.86.150 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.193.44 54113 (FASTLY)
1 169.197.150.7 398989 (DEEPINTENT)
1 1 3.120.18.167 16509 (AMAZON-02)
2 2 35.158.245.151 16509 (AMAZON-02)
1 38.27.122.158 174 (COGENT-174)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.190.87 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
1 63.33.153.210 16509 (AMAZON-02)
1 1 52.203.60.58 14618 (AMAZON-AES)
1 1 88.212.201.198 39134 (UNITEDNET)
1 1 2001:678:cb4:... 56396 (AMOBEE)
3 77.95.131.196 43226 (SAFEDATA ...)
382 110
11    2a06:6440:0:2d02::1 (Ukraine)

ASN200000 (UKRAINE-AS, UA)
buhoblik.org.ua
www.buhoblik.org.ua
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com.ua
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
7    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
10    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn.admixer.net
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
6    95.216.186.40 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.40.186.216.95.clients.your-server.de
xn--r1a.website
tttttt.me
tlgr.org
10    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:7a60:0:109e::1 (Ukraine)

ASN200000 (UKRAINE-AS, UA)
avto-oblik.com.ua
10    95.163.114.204 (Moscow, Russian Federation)

ASN12695 (DINET-AS, RU)
w.uptolike.com
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
11    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
3    146.59.18.237 (France)

ASN16276 (OVH, FR)
PTR: vps-a61777d5.vps.ovh.net
a4p.adpartner.pro
3    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
3    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
s.console.adtarget.com.tr
6    18.195.234.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-234-70.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    193.232.148.140 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp1.sender.ltmse.com
px.adhigh.net
1    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
2    193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team
m.trafmag.com
9    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
2    194.247.175.26 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
pa.tns-ua.com
1    80.64.106.152 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr7.rutarget.ru
admixer-sync.rutarget.ru
2    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    88.198.31.232 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.198.31.232.clients.your-server.de
exchange.buzzoola.com
2    37.18.16.21 (Russian Federation)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
2    81.222.128.14 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad4.adriver.ru
ad.adriver.ru
12    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
4    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    46.249.52.248 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
1    67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
ic.tynt.com
2    23.88.75.187 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.187.75.88.23.clients.your-server.de
csync.loopme.me
13    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.adtelligent.com
2    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    34.248.69.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-69-2.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
5    185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
21    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
5    178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
4    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
4    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
5    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
loadeu.exelator.com
loada.exelator.com
9    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
10    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
4    46.249.52.249 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
8    3.228.116.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-116-73.compute-1.amazonaws.com
a.audrte.com
2    5.178.65.252 (Amersfoort, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
3    168.119.79.223 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.223.79.119.168.clients.your-server.de
sync.richaudience.com
3    2600:9000:2156:7800:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
2    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
1    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
17    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
4    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
10    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
2    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
7    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f18:6593:f606:2bad:1cf:7b7b:1af (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b001:5899:3097:1c05:cac7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
3    54.76.200.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-200-156.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    151.1.205.165 (Milan, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
2    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    89.163.159.104 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
7    52.30.140.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    18.193.91.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-91-79.eu-central-1.compute.amazonaws.com
aa.agkn.com
2    52.214.30.104 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-30-104.eu-west-1.compute.amazonaws.com
beacon.krxd.net
4    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    34.195.210.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-210-70.compute-1.amazonaws.com
usermatch.krxd.net
2    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    34.246.50.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-50-75.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
13    3.122.33.49 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-33-49.eu-central-1.compute.amazonaws.com
ih.adscale.de
2    209.54.180.3 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    54.236.185.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-185-42.compute-1.amazonaws.com
sync.extend.tv
3    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
4    37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.184 (Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com
d5p.de17a.com
7    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
3    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
15    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    44.193.191.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-191-16.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    52.213.253.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-253-251.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    5.161.47.120 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.120.47.161.5.clients.your-server.de
matching.truffle.bid
1    63.251.232.165 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
4    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    94.23.73.243 (Lisbon, Portugal)

ASN16276 (OVH, FR)
PTR: ip243.ip-94-23-73.eu
green.erne.co
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
4    15.235.15.221 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh
pixel.onaudience.com
2    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    2a05:d018:d29:3602:550:4075:c055:f9b4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    47.252.78.131 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
1    143.204.98.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-111.fra50.r.cloudfront.net
tags.crwdcntrl.net
1    212.83.160.162 (France)

ASN12876 (Online SAS, FR)
PTR: 212-83-160-162.rev.poneytelecom.eu
js.cookieless-data.com
1    62.109.14.161 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: belesta1007.ru
jaclick.ru
1    92.63.105.49 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: belesta1010.ru
grsync.ru
5    95.217.109.66 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de
static.tnsis.ru
umagnet.ru
cdn3.caltat.com
1    217.197.112.80 (Moscow, Russian Federation)

ASN20655 (E-STYLEISP-AS, RU)
PTR: seopult.ru
af.click.ru
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-eu.rubiconproject.com
1    194.213.62.34 (Hrabuvka, Czech Republic)

ASN13036 (TMOBILE-, CZ)
PTR: bbnautid3.ibillboard.com
bbnaut.ibillboard.com
17    104.111.216.213 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-213.deploy.static.akamaitechnologies.com
s.click.aliexpress.com
www.aliexpress.com
m.aliexpress.com
assets.alicdn.com
mbest.aliexpress.com
1    104.111.245.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-245-23.deploy.static.akamaitechnologies.com
sale.aliexpress.com
2    87.240.190.78 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv78-190-240-87.vk.com
vk.com
2    184.30.24.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-193.deploy.static.akamaitechnologies.com
api.pinterest.com
2    94.100.180.54 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: connect.mail.ru
connect.mail.ru
1    185.33.221.186 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 878.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
adscale-emea.adnxs.com
2    72.251.244.140 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
PTR: tracking-failover-01.ams2.m6r.eu
tracking.m6r.eu
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
3    3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
ps.eyeota.net
3    95.217.86.150 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.150.86.217.95.clients.your-server.de
sonar.semantiqo.com
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    3.120.18.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-18-167.eu-central-1.compute.amazonaws.com
docker.creative-serving.com
2    35.158.245.151 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-245-151.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    38.27.122.158 (United States)

ASN174 (COGENT-174, US)
match.bnmla.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.190.87 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    77.243.60.138 (Viby, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    63.33.153.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-153-210.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    52.203.60.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-60-58.compute-1.amazonaws.com
sync.ipredictive.com
1    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
3    77.95.131.196 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
intercollectcontact.ru
Apex Domain
Subdomains		 Transfer
36 criteo.net
static.criteo.net — Cisco Umbrella Rank: 638
csm.eu.criteo.net — Cisco Umbrella Rank: 7893
pix.eu.criteo.net — Cisco Umbrella Rank: 7678
833 KB
35 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 429
image6.pubmatic.com — Cisco Umbrella Rank: 582
image2.pubmatic.com — Cisco Umbrella Rank: 752
simage2.pubmatic.com — Cisco Umbrella Rank: 552
image4.pubmatic.com — Cisco Umbrella Rank: 738
simage4.pubmatic.com — Cisco Umbrella Rank: 1024
aud.pubmatic.com — Cisco Umbrella Rank: 3815
48 KB
21 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 44426
inv-nets.admixer.net — Cisco Umbrella Rank: 2092
203 KB
20 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
65 KB
18 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
339 KB
17 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1178
mwzeom.zeotap.com — Cisco Umbrella Rank: 1486
5 KB
16 adscale.de
js.adscale.de — Cisco Umbrella Rank: 7241
ih.adscale.de — Cisco Umbrella Rank: 4945
17 KB
15 adtelligent.com
s.adtelligent.com — Cisco Umbrella Rank: 4300
sync.adtelligent.com — Cisco Umbrella Rank: 2421
8 KB
12 alicdn.com
assets.alicdn.com — Cisco Umbrella Rank: 11062
ae01.alicdn.com Failed
173 KB
11 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 7942
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14241
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12444
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9904
dis.criteo.com — Cisco Umbrella Rank: 619
111 KB
11 buhoblik.org.ua
buhoblik.org.ua
www.buhoblik.org.ua
231 KB
10 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 917
eus.rubiconproject.com — Cisco Umbrella Rank: 512
token.rubiconproject.com — Cisco Umbrella Rank: 593
pixel.rubiconproject.com — Cisco Umbrella Rank: 288
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2038
22 KB
10 uptolike.com
w.uptolike.com — Cisco Umbrella Rank: 116044
73 KB
9 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 357
4 KB
9 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 3099
u-ams02.e-planning.net — Cisco Umbrella Rank: 51355
s.e-planning.net — Cisco Umbrella Rank: 4802
i.e-planning.net — Cisco Umbrella Rank: 4860
4 KB
9 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463
ssum.casalemedia.com — Cisco Umbrella Rank: 1125
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488
10 KB
8 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 629
sync.crwdcntrl.net — Cisco Umbrella Rank: 662
tags.crwdcntrl.net — Cisco Umbrella Rank: 2036
15 KB
8 adform.net
cm.adform.net — Cisco Umbrella Rank: 1576
dmp.adform.net — Cisco Umbrella Rank: 2002
c1.adform.net — Cisco Umbrella Rank: 529
track.adform.net — Cisco Umbrella Rank: 3678
3 KB
8 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2683
11 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
3 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
secure.adnxs.com — Cisco Umbrella Rank: 350
adscale-emea.adnxs.com — Cisco Umbrella Rank: 16741
5 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
91 KB
6 aliexpress.com
s.click.aliexpress.com — Cisco Umbrella Rank: 23127
sale.aliexpress.com — Cisco Umbrella Rank: 33325
www.aliexpress.com — Cisco Umbrella Rank: 21026
m.aliexpress.com — Cisco Umbrella Rank: 36515
mbest.aliexpress.com — Cisco Umbrella Rank: 132669
acs.aliexpress.com Failed
13 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 265
3 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 28275
2 KB
5 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 891
loadeu.exelator.com — Cisco Umbrella Rank: 6812
loada.exelator.com — Cisco Umbrella Rank: 20824
3 KB
5 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 542
pixel.sitescout.com — Cisco Umbrella Rank: 2837
3 KB
4 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1400
2 KB
4 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1361
s.amazon-adsystem.com — Cisco Umbrella Rank: 266
3 KB
4 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1050
sync.mathtag.com — Cisco Umbrella Rank: 387
3 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 491
779 B
4 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 855
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419
ups.analytics.yahoo.com — Cisco Umbrella Rank: 269
3 KB
4 tlgr.org
tlgr.org
37 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
153 KB
3 intercollectcontact.ru
intercollectcontact.ru — Cisco Umbrella Rank: 299791
3 KB
3 semantiqo.com
sonar.semantiqo.com — Cisco Umbrella Rank: 54674
8 KB
3 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 845
2 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 480
2 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 444
2 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 789
1 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 653
d.turn.com — Cisco Umbrella Rank: 754
1 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 371
usermatch.krxd.net — Cisco Umbrella Rank: 981
942 B
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 187
2 KB
3 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 571
match.taboola.com — Cisco Umbrella Rank: 1834
610 B
3 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1515
744 B
3 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1330
598 B
3 trafmag.com
m.trafmag.com — Cisco Umbrella Rank: 104816
t.trafmag.com — Cisco Umbrella Rank: 6501
1 KB
3 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5927
creativecdn.com — Cisco Umbrella Rank: 585
us.creativecdn.com Failed
859 B
3 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 53119
4 KB
3 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 236
www.google-analytics.com — Cisco Umbrella Rank: 31 Failed
37 KB
2 caltat.com
cdn3.caltat.com — Cisco Umbrella Rank: 148872
964 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1051
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3352
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 704
1 KB
2 m6r.eu
tracking.m6r.eu — Cisco Umbrella Rank: 11465
1 KB
2 mail.ru
connect.mail.ru — Cisco Umbrella Rank: 55919
1 KB
2 pinterest.com
api.pinterest.com — Cisco Umbrella Rank: 2494
776 B
2 vk.com
vk.com — Cisco Umbrella Rank: 5435
957 B
2 umagnet.ru
umagnet.ru — Cisco Umbrella Rank: 203238
113 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2932
50 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 691
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 683
s.tribalfusion.com — Cisco Umbrella Rank: 1640
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4441
634 B
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 425
529 B
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 23557
674 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1393
1 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 977
793 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 197
10 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 621
657 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 865
2 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 911
415 B
2 adriver.ru
ad.adriver.ru — Cisco Umbrella Rank: 23572
1 KB
2 hybrid.ai
dm.hybrid.ai — Cisco Umbrella Rank: 6079
475 B
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 22253
543 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1448
1 KB
2 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 88852
468 B
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 696
ap.lijit.com — Cisco Umbrella Rank: 598
625 B
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 11262
871 B
1 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 8633
332 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 882
522 B
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 978
209 B
1 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 1320
114 B
1 creative-serving.com
docker.creative-serving.com — Cisco Umbrella Rank: 4314
475 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 807
44 B
1 ibillboard.com
bbnaut.ibillboard.com — Cisco Umbrella Rank: 17653
550 B
1 click.ru
af.click.ru — Cisco Umbrella Rank: 147280
865 B
1 tnsis.ru
static.tnsis.ru — Cisco Umbrella Rank: 135030
499 B
1 grsync.ru
grsync.ru — Cisco Umbrella Rank: 147565
4 KB
1 jaclick.ru
jaclick.ru — Cisco Umbrella Rank: 147145
319 B
1 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 4583
535 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3101
465 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2481
104 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2152
534 B
1 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 2604
264 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 374
538 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 12245
328 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 1613
891 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 821
535 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 4797
277 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1259
408 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 5066
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 768
621 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1410
546 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 160499
214 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 388
381 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 19441
335 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 125516
659 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 9578
411 B
1 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 5930
sync.console.adtarget.com.tr Failed
1 KB
1 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 4079
1 rutarget.ru
admixer-sync.rutarget.ru — Cisco Umbrella Rank: 93555
288 B
1 google.com
adservice.google.com — Cisco Umbrella Rank: 59
549 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 9027
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 741
646 B
1 avto-oblik.com.ua
avto-oblik.com.ua
72 KB
1 tttttt.me
tttttt.me
2 KB
1 xn--r1a.website
xn--r1a.website — Cisco Umbrella Rank: 868167
462 B
1 google.com.ua
www.google.com.ua — Cisco Umbrella Rank: 15661
324 B
0 Failed
function sub() { [native code] }. Failed
0 googletagmanager.com Failed
www.googletagmanager.com Failed
0 spotim.market Failed
sync.spotim.market Failed
382 122
Domain Requested by
21 static.criteo.net ads.eu.criteo.com
15 simage2.pubmatic.com ads.pubmatic.com
s.adtelligent.com
13 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
13 mwzeom.zeotap.com ads.us.e-planning.net
s.adtelligent.com
13 sync.adtelligent.com 2 redirects s.adtelligent.com
ads.pubmatic.com
ads.us.e-planning.net
12 assets.alicdn.com m.aliexpress.com
assets.alicdn.com
12 tpc.googlesyndication.com googleads.g.doubleclick.net
11 inv-nets.admixer.net 1 redirects cdn.admixer.net
www.buhoblik.org.ua
10 cm.g.doubleclick.net 8 redirects spl.zeotap.com
ssum.casalemedia.com
10 pix.eu.criteo.net ads.eu.criteo.com
10 w.uptolike.com www.buhoblik.org.ua
w.uptolike.com
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
10 cdn.admixer.net www.buhoblik.org.ua
cdn.admixer.net
9 pixel.tapad.com 8 redirects ads.us.e-planning.net
9 www.buhoblik.org.ua www.buhoblik.org.ua
8 a.audrte.com 4 redirects ads.us.e-planning.net
a.audrte.com
s.adtelligent.com
7 image2.pubmatic.com ads.pubmatic.com
7 match.adsrvr.org 6 redirects ssum.casalemedia.com
6 x.bidswitch.net 5 redirects ssum.casalemedia.com
6 pagead2.googlesyndication.com www.buhoblik.org.ua
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
5 mc.yandex.com 2 redirects www.buhoblik.org.ua
5 fonts.gstatic.com fonts.googleapis.com
5 csm.eu.criteo.net ads.eu.criteo.com
5 ib.adnxs.com 4 redirects spl.zeotap.com
4 sync.crwdcntrl.net 1 redirects bcp.crwdcntrl.net
4 pixel.onaudience.com 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
4 sync-tm.everesttech.net 2 redirects spl.zeotap.com
ads.pubmatic.com
4 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
4 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
ads.pubmatic.com
4 tlgr.org tttttt.me
tlgr.org
4 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
ads.pubmatic.com
4 pixel-sync.sitescout.com 3 redirects bcp.crwdcntrl.net
4 eus.rubiconproject.com s.adtelligent.com
ads.us.e-planning.net
eus.rubiconproject.com
4 ads.pubmatic.com s.adtelligent.com
s.console.adtarget.com.tr
ads.us.e-planning.net
ads.pubmatic.com
4 fonts.googleapis.com googleads.g.doubleclick.net
tttttt.me
cdnjs.cloudflare.com
4 www.googletagservices.com googleads.g.doubleclick.net
3 intercollectcontact.ru cdn3.caltat.com
intercollectcontact.ru
3 sonar.semantiqo.com umagnet.ru
sonar.semantiqo.com
www.buhoblik.org.ua
3 ps.eyeota.net 1 redirects s.adtelligent.com
3 sync.1rx.io 3 redirects
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 sync.mathtag.com 3 redirects
3 px.owneriq.net 2 redirects ssum.casalemedia.com
3 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
3 dpm.demdex.net 2 redirects bcp.crwdcntrl.net
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 sync.richaudience.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
3 cat.nl.eu.criteo.com ads.eu.criteo.com
3 rtb.openx.net 2 redirects ads.us.e-planning.net
3 ads.eu.criteo.com googleads.g.doubleclick.net
3 ssum-sec.casalemedia.com 3 redirects
3 a4p.adpartner.pro 2 redirects cdn.admixer.net
2 cdn3.caltat.com umagnet.ru
2 uipglob.semasio.net 1 redirects s.adtelligent.com
2 visitor.fiftyt.com 2 redirects
2 pm.w55c.net 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 tracking.m6r.eu 2 redirects
2 connect.mail.ru w.uptolike.com
2 api.pinterest.com w.uptolike.com
2 vk.com w.uptolike.com
2 m.aliexpress.com grsync.ru
m.aliexpress.com
2 umagnet.ru static.tnsis.ru
umagnet.ru
2 mc.yandex.ru 1 redirects w.uptolike.com
2 token.rubiconproject.com eus.rubiconproject.com
2 ups.analytics.yahoo.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 loada.exelator.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 dis.criteo.com 1 redirects ads.pubmatic.com
2 ad.turn.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 tags.bluekai.com spl.zeotap.com
bcp.crwdcntrl.net
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 idsync.frontend.weborama.fr 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 sync.tidaltv.com 2 redirects
2 trc.taboola.com 1 redirects spl.zeotap.com
2 dmp.adform.net 1 redirects spl.zeotap.com
2 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
2 s.e-planning.net ads.us.e-planning.net
2 cdnjs.cloudflare.com ads.eu.criteo.com
2 loadm.exelator.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 ad.360yield.com 2 redirects
2 onetag-sys.com s.adtelligent.com
ads.us.e-planning.net
2 csync.loopme.me 2 redirects
2 ads.us.e-planning.net 1 redirects s.adtelligent.com
2 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
2 ad.adriver.ru 2 redirects
2 dm.hybrid.ai www.buhoblik.org.ua
s.adtelligent.com
2 exchange.buzzoola.com 1 redirects www.buhoblik.org.ua
2 ads.betweendigital.com 2 redirects
2 pa.tns-ua.com 1 redirects www.buhoblik.org.ua
2 m.trafmag.com www.buhoblik.org.ua
2 creativecdn.com 1 redirects www.buhoblik.org.ua
2 px.adhigh.net 2 redirects
2 s.adtelligent.com inv-nets.admixer.net
s.adtelligent.com
2 ssl.google-analytics.com www.buhoblik.org.ua
2 www.gstatic.com www.buhoblik.org.ua
googleads.g.doubleclick.net
2 buhoblik.org.ua 2 redirects
1 d.turn.com 1 redirects
1 counter.yadro.ru 1 redirects
1 sync.ipredictive.com 1 redirects
1 rtb.gumgum.com s.adtelligent.com
1 aud.pubmatic.com s.adtelligent.com
1 match.bnmla.com ads.pubmatic.com
1 docker.creative-serving.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 www.google-analytics.com assets.alicdn.com
tttttt.me
1 mbest.aliexpress.com assets.alicdn.com
1 adscale-emea.adnxs.com 1 redirects
1 track.adform.net 1 redirects
1 www.aliexpress.com 1 redirects
1 sale.aliexpress.com 1 redirects
1 s.click.aliexpress.com 1 redirects
1 bbnaut.ibillboard.com 1 redirects
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 pixel.rubiconproject.com eus.rubiconproject.com
1 af.click.ru w.uptolike.com
1 static.tnsis.ru w.uptolike.com
1 grsync.ru w.uptolike.com
1 jaclick.ru w.uptolike.com
1 js.cookieless-data.com s.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 event.clientgear.com 1 redirects
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 pixel.quantserve.com 1 redirects
1 green.erne.co 1 redirects
1 ad4m.at ads.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 sync.extend.tv 1 redirects
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 i.e-planning.net ads.us.e-planning.net
1 cm.adform.net s.console.adtarget.com.tr
1 pixel.sitescout.com 1 redirects
1 ap.lijit.com s.adtelligent.com
1 t.trafmag.com s.adtelligent.com
1 s.console.adtarget.com.tr s.adtelligent.com
1 ic.tynt.com s.adtelligent.com
1 rtb.nl.eu.criteo.com googleads.g.doubleclick.net
1 admixer-sync.rutarget.ru 1 redirects
1 ce.lijit.com www.buhoblik.org.ua
1 prebid-eu.creativecdn.com cdn.admixer.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 avto-oblik.com.ua www.buhoblik.org.ua
1 tttttt.me www.buhoblik.org.ua
1 xn--r1a.website 1 redirects
1 www.google.com.ua 1 redirects
0 resolve Failed tttttt.me
0 us.creativecdn.com Failed assets.alicdn.com
0 www.googletagmanager.com Failed assets.alicdn.com
0 acs.aliexpress.com Failed assets.alicdn.com
0 ae01.alicdn.com Failed m.aliexpress.com
0 sync.console.adtarget.com.tr Failed s.console.adtarget.com.tr
js.adscale.de
0 sync.spotim.market Failed s.adtelligent.com
382 181

This site contains links to these domains. Also see Links.

Domain
uptolike.ru
promopult.ru
Subject Issuer Validity Valid
www.buhoblik.org.ua
R3		 2022-02-05 -
2022-05-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2021-06-08 -
2022-06-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
tttttt.me
R3		 2022-02-25 -
2022-05-26		 3 months crt.sh
www.avto-oblik.com.ua
R3		 2022-02-09 -
2022-05-10		 3 months crt.sh
uptolike.com
R3		 2021-12-25 -
2022-03-25		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
adpartner.pro
R3		 2022-01-10 -
2022-04-10		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-02-01 -
2022-05-02		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-06-10 -
2022-06-22		 a year crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-10		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-04		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
ads.us.e-planning.net
R3		 2022-02-24 -
2022-05-25		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-01-29 -
2022-04-29		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-01-28 -
2022-04-28		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-03 -
2022-05-02		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.audrte.com
Amazon		 2022-02-24 -
2023-03-24		 a year crt.sh
*.e-planning.net
R3		 2021-12-30 -
2022-03-30		 3 months crt.sh
tlgr.org
R3		 2022-02-23 -
2022-05-24		 3 months crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2021-02-03 -
2022-03-06		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.theadex.com
AlphaSSL CA - SHA256 - G2		 2021-10-01 -
2022-11-02		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-11-24 -
2022-04-26		 5 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
truffle.bid
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.iprom.net
R3		 2021-12-29 -
2022-03-29		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
js.cookieless-data.com
R3		 2022-02-15 -
2022-05-16		 3 months crt.sh
jaclick.ru
R3		 2022-02-24 -
2022-05-25		 3 months crt.sh
grsync.ru
R3		 2022-02-24 -
2022-05-25		 3 months crt.sh
static.tnsis.ru
R3		 2022-01-20 -
2022-04-20		 3 months crt.sh
*.click.ru
R3		 2021-12-15 -
2022-03-15		 3 months crt.sh
umagnet.ru
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
ru.aliexpress.com
DigiCert SHA2 Secure Server CA		 2022-02-15 -
2023-02-16		 a year crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-09 -
2022-06-10		 2 years crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-26 -
2022-08-05		 a year crt.sh
*.mail.ru
GeoTrust RSA CA 2018		 2021-11-01 -
2022-12-02		 a year crt.sh
semantiqo.com
R3		 2022-01-20 -
2022-04-20		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
cdn3.caltat.com
R3		 2022-01-20 -
2022-04-20		 3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
intercollectcontact.ru
R3		 2022-01-02 -
2022-04-02		 3 months crt.sh

This page contains 73 frames:

Primary Page: https://www.buhoblik.org.ua/
Frame ID: A012C90E565268C2572CCB3DEE375C46
Requests: 67 HTTP requests in this frame

Frame: tg://resolve?domain=buhoblik_org_ua
Frame ID: 711148D7D932BB3443CB7F4CCBFA4F89
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/zrt_lookup.html
Frame ID: A8921A9C445F5B3FA2883A5763801753
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/43512/c.html?b=43512
Frame ID: 5D8F74E03C0D3AD5929AF05B1913D1C9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/43512/c.html?b=43512
Frame ID: E19E2FC7C6F50E2274DF2732C9458C68
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1645815954&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957799&bpp=5&bdt=722&idt=206&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=7601375539490&frm=20&pv=2&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WvsY0L7M9l&p=https%3A//www.buhoblik.org.ua&dtd=233
Frame ID: 8F677679229DB934ACEDD70DFCAA39D7
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645815954&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957821&bpp=2&bdt=744&idt=234&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vsTZsVWvho&p=https%3A//www.buhoblik.org.ua&dtd=238
Frame ID: 169C6F84596B19867ADE9939206522F6
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&adk=1812271804&adf=3025194257&lmt=1645815954&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957845&bpp=1&bdt=768&idt=231&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280&nras=1&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=238
Frame ID: 3E46FE2F033256A27338E4AF59B7E687
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645815954&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957846&bpp=2&bdt=769&idt=246&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280%2C0x0&nras=1&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&cms=3&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V7Tuoh3Xd6&p=https%3A//www.buhoblik.org.ua&dtd=251
Frame ID: 14BDA495635814A72F5ACF167C5336C0
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=90&slotname=9743280908&adk=360469529&adf=4285100924&pi=t.ma~as.9743280908&w=728&lmt=1645815954&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957893&bpp=9&bdt=816&idt=215&shv=r20220223&mjsv=m202202090102&ptt=5&saldr=sa&abxe=1&prev_fmts=730x280%2C336x280%2C0x0%2C730x280&nras=1&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=311&ady=5851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3ZtUIVhGjB&p=https%3A//www.buhoblik.org.ua&dtd=219
Frame ID: 229F606A6A127476D162CD1C3A365174
Requests: 7 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: 12293251778F0CEC2BE1776B5C21F460
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABcIgIu8o8AALsuEHmYqS0zLKoIjqMJQ&u=%7C9DNl%2FNZD8EzgKpNt%2FEkMa86sTrmg%2BHDwP0UScpM4RpI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxunIYlLJFtWD51zkiyHbjJwfwBN2-jKKLd2_evI08hUbtBu-iNWzNDS2u775Y-F2nod4iC_KLF2CJkP7DqteMOYTDsehzT1oaAln7ohlpSP9evfNHMN9-7LNYCLT2obJUzl0fbtnkWqMVmq_e4WzwaSk0z8HSDf3-nsSHWI3_5aDfru17a91Q-OwmIOf1uvbP9Nidd8C2RSc0dk-wmKzhloX6RaZTYCQ1G8xNNH7zU9Insyo8OJdWp2vcRmYC_Ts-8QGY1NRNVdSvQDIRHxO5LRfco0vYOKJ7MF3sBB_9Z5YOJ5KzVYCkyJtc4pmvT1NcIp-1j93Cqdft0JMvmO9V4PBHYICT8m5ctfWJ4FYP89KWhR3T3g7yUI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgj4vlCgZYojhBbyU7_UPuNmLsAvJntKxXMWMi-CaAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLU2S1G4N2yPqgDAaoE5QFP0GP0rn_Lr55TzpYk1X5WHCiqBumWAYnecN0siCsK3dUlO9BxY9S5FOToeQQqkPW4CA6YbXwZLT57GW0I3dLdIxQ6C8snrwzgnhoaZSMlG3QSUeLlFNNRONc6Z9GWh8yf4wAx43fwvRbexxqJkTqDl_ftJa3_SAl6ooLuHkcTyUlFmLitZv4k5U-5f4FGp0bJGf9B4089uLR5Wy85dzGOLL0iMACk-c3rIrOjrKRolVU1EBI297s-hyafXmoQQKeJ9reio6RhZiZEPzstuKptY6PjVwW36omb7bd1YkKq_5Tqat-tgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0oTWDxHC_ItCcs0ZDNjxFApZMGng%26client%3Dca-pub-5630956766216465%26adurl%3D
Frame ID: F4AEA5FAFE872EBD304FB663E301A3F4
Requests: 20 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABkS8Iu8pcAAVzrQ5a-oSaJ1_JgO8ZYg&u=%7C9DNl%2FNZD8EwjI%2FPvYlUzI9T2KYJvsER74BBhRFSCPjQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxmKns7mQVDO43o3WyRS9RBeklJ1OOpQ44wZOWNyASwR77FacyA5dO-6hAJeff7TTFuH77gxU6ZcIHX_RSRnc2Vnvr7_4_7jf2oC6ojf-YuFne3mUFiQm8mhN0Yz7ociZyCg-dFoJ6w9zQOnQIUw8VF_5mS2bjgaQS6oFO6e66Pkl068K005ljAnAi2JKEoNw0sIp_7hIXb105l9NkrUloaOOVbaOiIUOGnP69Uy3ywPfY4Zs04qGBSgpOin617pFwB0rJ-pARt_b3fH0PP_ksNh9T7XbbeUoE1fkJuNmqC0DtELOTWalhiKIAzG8ue5OGUTDDMMBvvSH0rVLVbViEk5x58HQHo3y2dkC5t903AsD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXvjslCgZYq-iBtyU7_UPreeVgAPJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTgAU_QHUPWBuFEnxw0wKviLJAwPumTYp-VLRFnp4_OF_Njgdl98K2D_RmWNB6OUQSxIsxDD-wZpDBHlHLvsE1JJLXB5SJCBN-cd9x0HmZj5YtHJn1AYXTF5od2fk5JMuSOrbsulw4g2nwW3Mq7sSr73Icpc0PE06LJNcAPdrPViUpnXzbBFpJqaaIU3dvWSbXaUr239_PEMQrCWufEtpEiV7-yo7J3k1y0B3xmLjGL-v81w44rfBMjPMjaka_c4t4ycdLDeFHhl3e8fh3R993QOQ4YoHTis9YYew4nToirj-3CgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_08xzuAhvtDMHtRyrU0O4mBIFu4yw%26client%3Dca-pub-5630956766216465%26adurl%3D
Frame ID: E3C59A55C3343C878B340C1D28E42D6E
Requests: 20 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABmQIIu8NfAALM0fLbct4-M7CzZWMddA&u=%7C9DNl%2FNZD8EyNOGVwg6M2WiyzYZo5AMliUbETLwrTBNI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyJQ-FXRqPyq_frWmxVPsqVQikP_PbXujY_bGBb7fEvHRTcC2JfUtYOXYOedQiceZrU4AY8pI9pGqygzZaFq159l_vVf0Zw_B2uJ7EP7FZIEkrSBQKsA5cWvRQ8PSRtDnKWSM3qf6N1vAukp2qbyyDZAtxTO-Xkem-MT4pSdOfh45aqS-8F8mP8kpibcKTEpq6h4f8fHncESJe_VUg7lpoM0dsuhClL8B8NE7eUUJ0X9bnMMPlS1DIJ74TchZZuCzgpF11PUu0zTz0GT8cJHW-ax0VwSKm5ijPMuvqe50iBeU7Gxsk9FcgZE-HOep-M8QgyI3FgmwltB6NY6kSOtedwedlydaggNF3Mk3Y3crvU7wbC-hsPqADGfF8rKubhkl1Mw6JxBkKjO0WSYc-sETBHtDtINmPSvC2Y_HylF2IHeyeDwuQxuhfg55VkevgZYq4blFfwpzdnAD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrOkmlCgZYoKyBt-G7_UP0ZmL8ALJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTkAU_QzvP4NIz3BxeivR_1-3Wf25yxk-kU45D6T86jtHoLo3LmtvAfJ--L3TzUwiSKOBNcIos7mM24HkGQrSZ7p4Dqwl82UJqSst3zLQEQSMmStYcrBBKD0xnziFf9eJDtqGYxzBGiX9pMgBr0KSLgj8BOz8Txvt2ly2Xsfimqt4FHi75zy3UVOBQrUvrffLEp6WzRDtLafk_rFWU_AKdYbTjMbVpiLkASnYY5GJsxT6_l6xvRY1KInSEZSmAh1VlAbDQorlgGjJQxzCNKG46Nbpt8MwLZRGybgxxXLStIPVzBwSCh64AGw9-iw_Xd9Yb_AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ox_JaKg4_Nl2AoF-8AtkWlXmD1g%26client%3Dca-pub-5630956766216465%26adurl%3D
Frame ID: 3D8ECEE9E7C0D509BEA5F75E234A5E05
Requests: 10 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: B7F7B6D51F27CBE5190210ED0416FE75
Requests: 6 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 2BEAA09188F519F9AFC23F8ED9D765EC
Requests: 12 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 8D28E4906B540A65C31039E1832F124D
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=d6bccc13-2e1b-48a5-84c9-7d5b6db90a98
Frame ID: B4BE5634C42CAC2712127478CC9B2B56
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 616C811F0726478C8BABC53ED917C871
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=712122
Frame ID: 63CDDC8427F15F8049720E6E0FF41610
Requests: 3 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?redir=https://fo-ssp.omnitagjs.com/fo-ssp/sync?gdpr=0&gdpr_consent_string={gdpr_consent)
Frame ID: 56BA36D69C93AFE7C0AA33A1F1509259
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: FCED3148E86E24C6C34A241EFE337DB3
Requests: 21 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 1B452F1371D3DD5C0BE9C317377E2510
Requests: 4 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=1177295049587875137
Frame ID: C7ED80D6CEF1BDF850EC590D253971F6
Requests: 1 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Frame ID: 3BE8032A137E079AEE5394C177BCAC30
Requests: 8 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/impression.html?5e5f39385e9edc9f82706afd51e24398
Frame ID: CE44CFC629D342AAEBB3409020300812
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=dal1VIFarWhMb20JIVmp&pi=admatic
Frame ID: CB076523FB69314D805B55E93D253E81
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: 7C6C15F868E14891AD5ED3A755E84E96
Requests: 2 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 1D2D6FFCB9D3BD1DADE6101FFE840103
Requests: 5 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Frame ID: 2E8E94DFED2E712B60BD2E46D31E5944
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=550214&extuid=${USER_ID}
Frame ID: E54E777CF1814DCD1D4DA5F5AD196CE6
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 1DEC0CE5074E8E26834773DACF1CAE36
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: 53F71078D958683E7C1A374917CC102E
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Frame ID: 4013A1486DF59919AB7D6EEEF4A92C30
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 4EC539F656482382E33B4C757BDAB2CB
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Daca622f3d168ad40%26uid%3D
Frame ID: FD784D10494E69A90C764907BFF42D9A
Requests: 9 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Daca622f3d168ad40%26uid%3D
Frame ID: E129C8ACCE339E80711F828B339617F7
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 669DF7128E9BFCADF9542B6167FF9DD0
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 4BEF9CE28C9D3D231D58BE806F2D6D96
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361&cmp=0
Frame ID: 472B4857C359CA87D31DF87B95F76D9F
Requests: 30 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
Frame ID: 326E4BCAC9FBAE6AA5ECCC9EB9169402
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=195ECDD6-E5E1-467D-A566-3B8FDE51B157
Frame ID: 6756D755E6673FE764D757FE5345A12F
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 3E54829B19ABE615D4C30FC9298E521C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=331010996556342211
Frame ID: 2F17C54FBBAE1D93B36548BCBBD9ACA8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0a326219-2895-4400-a64b-e3198aebe87a&gdpr=0&gdpr_consent=
Frame ID: 8CEAAC0D7BC4E5AE776917E5A995821B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7068725710564620427
Frame ID: 2172DB7DEAC6A047E02D92F5C41C137A
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 3473BDF4DD60561A4ACA1366DBEAD413
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jQowcZxqR0xtety9fhJTbFLHgik
Frame ID: 5C9FC6A997D1E6E164B7F7F68C7E9D9C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: C451CF474449D63FC75B9C517BB8B58A
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: A29FE8706AE4D9D1C7B838F83A1F9C1F
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: A8FC2248CCF00DD135E557D44D993BF3
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 1D35174BB00AD68E64E2FDF95B64EA4D
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 9931713972D28E2DB8B275F65524A39C
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 4E21135DFC6E623DE3BBB5ACC4D4009A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ac6aae25-0e72-45b3-a444-c79b10316345-003
Frame ID: 1957B085398E63CC4ADE81E022615432
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 103E9A581472D5D43279F3FD76882B9E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=VkPvWFM6cK6IXAEDZNLvYYg5
Frame ID: 286ABCFFBF3422421E7403C5AA29E5DB
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=195ECDD6-E5E1-467D-A566-3B8FDE51B157
Frame ID: B144CE4EF8AFE9990FA7F3A420E7900C
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 26A30923D05D0793DE405714C2D8EB10
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AF57iPnwDoRVzUsH
Frame ID: 417303E8AA1C78A259FF1484C5FF7C09
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 0B60A6A07B7F1F8D2B57FB1AE617FBC4
Requests: 11 HTTP requests in this frame

Frame: https://mbest.aliexpress.com/m/promote.htm?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db
Frame ID: 7BC9D758B607EB1E4F6BAB59EA31F506
Requests: 34 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/zp/support.html
Frame ID: D201A276BFA242DEC1473AB186A5B2F3
Requests: 1 HTTP requests in this frame

Frame: https://us.creativecdn.com/tags?type=iframe&id=pr_Ss52YF3IAd5cEVfrVcQ0_home&id=pr_Ss52YF3IAd5cEVfrVcQ0_uid_unknown&id=pr_Ss52YF3IAd5cEVfrVcQ0_lid_3z2q75VgpQrFRszozhDV&su=https%3A%2F%2Fm.aliexpress.com%2F%3Ftracelog%3Dwwwhome2mobilesitehome%26aff_fcid%3D6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp%26tt%3DCPS_NORMAL%26aff_fsk%3D_9i9ptp%26aff_platform%3Dportals-promotion%26sk%3D_9i9ptp%26aff_trace_key%3D6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp%26terminal_id%3Db0679dcfebc54cf6ac1ea43322afa8db&sr=https%3A%2F%2Fwww.buhoblik.org.ua%2F&ts=1645815962156
Frame ID: 1A908F4C8503DB3D9B0B5C82BC50DA33
Requests: 1 HTTP requests in this frame

Frame: https://sonar.semantiqo.com/i/
Frame ID: 72FC0404D77AF94E10C4A9580EA78FAE
Requests: 2 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f71d827d-d02d-4b6c-b555-a3c20d0ec89c-tuct912ae18&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 2CD7784534197E045A1A5F2E838F76B7
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 64550B1ECBCA6E4AB0A0B538456BEA06
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=a62e0b1d-bc55-44c1-9b8e-c61d9ed7700a
Frame ID: 9C40AC14F7F5AAAD2FB9493BD7E8E7D8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:9SFmwGc41NnFUI5&gdpr=0&gdpr_consent=
Frame ID: 0AC6221B60D70A8AAE39060A6441368C
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: B955979449EBA099E181F6D7EF12ED00
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AE82394518B545469440C07B7DC93915
Frame ID: 232448D665509FCB307B0D1286012AB1
Requests: 1 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=aca622f3d168ad40&uid=195ECDD6-E5E1-467D-A566-3B8FDE51B157
Frame ID: CB85C54F6A575125A0BC8A0F5CE31958
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=840865962/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/rt=ifr
Frame ID: 93FD65A9A0B92CA25D6343976B6D841B
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Бухучет в Украине : Бухгалтерский и налоговый учет

Page URL History Show full URLs

  1. http://buhoblik.org.ua/ HTTP 301
    https://buhoblik.org.ua/ HTTP 301
    https://www.buhoblik.org.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

382
Requests

71 %
HTTPS

22 %
IPv6

122
Domains

181
Subdomains

110
IPs

18
Countries

2773 kB
Transfer

5684 kB
Size

185
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://buhoblik.org.ua/ HTTP 301
    https://buhoblik.org.ua/ HTTP 301
    https://www.buhoblik.org.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://www.google.com.ua/cse/brand?form=cse-search-box%E2%8C%A9=ru HTTP 301
  • https://www.gstatic.com/prose/brandjs.js
Request Chain 11
  • https://xn--r1a.website/s/buhoblik_org_ua HTTP 302
  • https://tttttt.me/buhoblik_org_ua
Request Chain 37
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=c9946af36a2a46eb98a9c9f5e1815abe&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=c9946af36a2a46eb98a9c9f5e1815abe&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://px.adhigh.net/p/cm/bsw?u=c64d842a-61a4-4f60-94d2-59680be6a474&bidswitch_ssp_id=admixer HTTP 302
  • https://px.adhigh.net/p/cm/bsw?u=c64d842a-61a4-4f60-94d2-59680be6a474&bidswitch_ssp_id=admixer&bounced=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=9&user_id=uL05vGpMFQR3.AikABlF_MkaF1A&expires=30&ssp=admixer HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=c64d842a-61a4-4f60-94d2-59680be6a474&gdpr=&consent=&gdpr_pd=
Request Chain 39
  • https://creativecdn.com/cm-notify?pi=admixer HTTP 302
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
Request Chain 41
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YhkolIiGO-verl-gglINwQAAApwAAAIB
Request Chain 42
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=c9946af36a2a46eb98a9c9f5e1815abe HTTP 302
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZF553FC380D64FBB8918F150A9E17225&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=c9946af36a2a46eb98a9c9f5e1815abe
Request Chain 43
  • https://admixer-sync.rutarget.ru/sync HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=76391747-8C01-44B5-BA9C-B7DA670E100C&id=ULqVbueui9yk
Request Chain 44
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=cf1e2b83-7e17-49ff-95d1-db00e3cd37cd
Request Chain 45
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=3b95811b-4779-5338-957c-2c4ef76504da
Request Chain 46
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=c9946af36a2a46eb98a9c9f5e1815abe HTTP 307
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=c9946af36a2a46eb98a9c9f5e1815abe
Request Chain 49
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806 HTTP 302
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806&tuid=-4327654948 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=AAs_4jpkTYiW_ZrnOblcMMw
Request Chain 84
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Request Chain 86
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=d6bccc13-2e1b-48a5-84c9-7d5b6db90a98
Request Chain 89
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=e5549b9c-f4b0-4f07-90c6-729024194ec2
Request Chain 90
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=c8b42e30-b81e-480d-8bb8-10b5f3898523
Request Chain 91
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=cceba9e670db1a97
Request Chain 92
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1177295049587875137
Request Chain 93
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=cf1e2b83-7e17-49ff-95d1-db00e3cd37cd
Request Chain 96
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=c9946af36a2a46eb98a9c9f5e1815abe
Request Chain 113
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 114
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D323548%2526extuid%253D%2524UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=1177295049587875137
Request Chain 115
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D&ox_sc=1 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=
Request Chain 116
  • https://b1h-apac1.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D509691%26extuid%3D__ZUID__%20 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=509691&extuid=&gdpr=0
Request Chain 117
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dc5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348%26partner_url%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309017%2526extuid%253Dc5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348&partner_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3Dc5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348&partner_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3Dc5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348
Request Chain 118
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YhkolIiGO.verl.gglINwQAA%26668
Request Chain 144
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Daca622f3d168ad40 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dc5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348%26partner_url%3Dhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fuid%253Dc5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348%2526dc%253D0abbcb4eba840e59%2526fi%253Daca622f3d168ad40 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348&partner_url=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3Dc5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348%26dc%3D0abbcb4eba840e59%26fi%3Daca622f3d168ad40 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348&partner_url=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3Dc5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348%26dc%3D0abbcb4eba840e59%26fi%3Daca622f3d168ad40 HTTP 302
  • https://u-ams02.e-planning.net/um?uid=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348&dc=0abbcb4eba840e59&fi=aca622f3d168ad40
Request Chain 148
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Daca622f3d168ad40 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 149
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Daca622f3d168ad40%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=aca622f3d168ad40&uid=1177295049587875137
Request Chain 157
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=dal1VIFarWhMb20JIVmp&pi=admatic
Request Chain 168
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 192
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D820cc4a1-03b6-492e-480d-5ebb6517d89b%26reqId%3D01a69fb6-c7bf-446c-5838-202b90b7ba20%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D820cc4a1-03b6-492e-480d-5ebb6517d89b%26reqId%3D01a69fb6-c7bf-446c-5838-202b90b7ba20%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=cbece377-c25c-4789-a956-26f96151f013&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Request Chain 194
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D820cc4a1-03b6-492e-480d-5ebb6517d89b%26reqId%3D01a69fb6-c7bf-446c-5838-202b90b7ba20%26zdid%3D1361 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D820cc4a1-03b6-492e-480d-5ebb6517d89b%26reqId%3D01a69fb6-c7bf-446c-5838-202b90b7ba20%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=bbb5af77-8ea4-4fc9-90b8-7526b9721ab5&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Request Chain 198
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=b64d5f46-ffe7-4f40-9c98-7a485e032534&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 199
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=820cc4a1-03b6-492e-480d-5ebb6517d89b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D820cc4a1-03b6-492e-480d-5ebb6517d89b%26reqId%3D01a69fb6-c7bf-446c-5838-202b90b7ba20%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=820cc4a1-03b6-492e-480d-5ebb6517d89b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D820cc4a1-03b6-492e-480d-5ebb6517d89b%26reqId%3D01a69fb6-c7bf-446c-5838-202b90b7ba20%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=63985929241775489452071687403370720383&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Request Chain 201
  • https://bn01.er.bemail.it/zeotap.php?_bid=820cc4a1-03b6-492e-480d-5ebb6517d89b&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022022520-20670-0.686161001645815958-99825aba5a952277a87ad57c0713f4b2&zdid=533&env=mWeb
Request Chain 202
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D820cc4a1-03b6-492e-480d-5ebb6517d89b%26reqId%3D01a69fb6-c7bf-446c-5838-202b90b7ba20%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7068725710564620433&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Request Chain 203
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=820cc4a1-03b6-492e-480d-5ebb6517d89b HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=820cc4a1-03b6-492e-480d-5ebb6517d89b
Request Chain 204
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=820cc4a1-03b6-492e-480d-5ebb6517d89b&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D820cc4a1-03b6-492e-480d-5ebb6517d89b%26reqId%3D01a69fb6-c7bf-446c-5838-202b90b7ba20%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=820cc4a1-03b6-492e-480d-5ebb6517d89b&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D820cc4a1-03b6-492e-480d-5ebb6517d89b%26reqId%3D01a69fb6-c7bf-446c-5838-202b90b7ba20%26zdid%3D1361&bounce=1&random=2420869833 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=akOr4e8nVpretqmN7op3ue&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Request Chain 206
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=820cc4a1-03b6-492e-480d-5ebb6517d89b?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=820cc4a1-03b6-492e-480d-5ebb6517d89b?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=7531a24999b680d598936a31e2a3ff15&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Request Chain 207
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-f4bV9dpE2opsRrG.TuC7IvNy3bI.0yRV3w--~A&zpartnerid=570&env=mWeb
Request Chain 208
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=YtLEkm4VeI60u%2F0BkJmFD5sNlV6cFP%2Fp%2BS41iYitP1U%3D
Request Chain 212
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D820cc4a1-03b6-492e-480d-5ebb6517d89b%26reqId%3D01a69fb6-c7bf-446c-5838-202b90b7ba20%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=0a326219-2895-4400-a64b-e3198aebe87a&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Request Chain 213
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Request Chain 214
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=820cc4a1-03b6-492e-480d-5ebb6517d89b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=820cc4a1-03b6-492e-480d-5ebb6517d89b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361&dcc=t
Request Chain 216
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D820cc4a1-03b6-492e-480d-5ebb6517d89b%26reqId%3D01a69fb6-c7bf-446c-5838-202b90b7ba20%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Request Chain 219
  • https://ih.adscale.de/uu?cbfn=receive&t=1645815959 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1645815959&nut&uu=b8c55fcbcbf94b47950c293cf7ca6cc2
Request Chain 221
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YhkolIiGO.verl.gglINwQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGigl7PIg2LFHk9cqdMfYO8&google_cver=1&gdpr=1&google_hm=2
Request Chain 223
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhkolIiGO-verl-gglINwQAAApwAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhkolIiGO-verl-gglINwQAAApwAAAIB&dcc=t
Request Chain 225
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3244929989922712878
Request Chain 226
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=1ff8a76c-f2ab-4621-868b-4fa3c871ad1b
Request Chain 227
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6991023571048765491&uid=Q6991023571048765491&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 233
  • https://c1.adform.net/serving/cookie/match?party=14&cid=195ECDD6-E5E1-467D-A566-3B8FDE51B157 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=195ECDD6-E5E1-467D-A566-3B8FDE51B157
Request Chain 235
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=331010996556342211
Request Chain 236
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0a326219-2895-4400-a64b-e3198aebe87a&gdpr=0&gdpr_consent=
Request Chain 237
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7068725710564620427
Request Chain 239
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jQowcZxqR0xtety9fhJTbFLHgik
Request Chain 240
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 241
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGYUNrN0VNbEVBQUFJWm9wYzl0UQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 244
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 246
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1645815957600 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3512712254 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/b4601307-57d2-4990-b1d9-9b5e4e0f1f26 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ac6aae25-0e72-45b3-a444-c79b10316345-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-ac6aae25-0e72-45b3-a444-c79b10316345-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ac6aae25-0e72-45b3-a444-c79b10316345-003
Request Chain 248
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=VkPvWFM6cK6IXAEDZNLvYYg5
Request Chain 250
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GV7N1uXhRn2lZjuP3lGxVw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 251
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a8c76219-2895-4400-8537-827dfd3887db
Request Chain 252
  • https://pixel.onaudience.com/?partner=214&mapped=195ECDD6-E5E1-467D-A566-3B8FDE51B157 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=7531a24999b680d598936a31e2a3ff15 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=b4601307-57d2-4990-b1d9-9b5e4e0f1f26&icm HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=8337d36e4c24a2b6c1c295a5c8c6319f HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=cb4342c2ddfde958
Request Chain 253
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTk1RUNERDYtRTVFMS00NjdELUE1NjYtM0I4RkRFNTFCMTU3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEzhFAxfGR-1eoiUpIeokEM&google_cver=1
Request Chain 256
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7765723041879162743
Request Chain 257
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b4601307-57d2-4990-b1d9-9b5e4e0f1f26
Request Chain 258
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1177295049587875137&gdpr=0&gdpr_consent=
Request Chain 259
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HOUsihjvJIYH7inSSLIwhE7hfoQH7i2FGLUQBQ-n
Request Chain 261
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=195ECDD6-E5E1-467D-A566-3B8FDE51B157&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=195ECDD6-E5E1-467D-A566-3B8FDE51B157&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AT.iw6lE2uXeT4HiAiFKWpFAqyfM3OQ-~A&gdpr=0&gdpr_consent=
Request Chain 262
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c64d842a-61a4-4f60-94d2-59680be6a474 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk875ab135-ed62-46ca-823a-f6263e5401d6&expires=7&user_group=5&ssp=pubmatic&bsw_param=c64d842a-61a4-4f60-94d2-59680be6a474 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c64d842a-61a4-4f60-94d2-59680be6a474&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 263
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2884923494709783854&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 264
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:ade80291-506b-48f2-b3f9-431276e0e4ee&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 266
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348&gdpr=0&gdpr_consent=
Request Chain 267
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1177295049587875137
Request Chain 288
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9560.XKb3nfBXlru0q-Nrsukpc2KnsJVR-6K2mvagUCLkkIh_k9yjgu4CcCAFCZlqQq90.C5AnohmGQWz-QUPCQoxny4g_Vqw%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9560.NKnCRd8eIwWSLaaIJ3FOc2PxtTrOEcKM373tmgHdf0Zh6XuNRAW3fLOWA4yo_qC6bp7kMTx3thTvxBBSnYozjw%2C%2C.Q5-BIAhbHRoH8bMT6GV-E5Akh8E%2C
Request Chain 293
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=b8c55fcbcbf94b47950c293cf7ca6cc2&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F54a7e0f069f643a59085bd43af163c59%2F1645815957868%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/img?tpid=101&tpuid=BBID-01-03205299582133562-16535160
Request Chain 294
  • https://s.click.aliexpress.com/e/_9i9ptp HTTP 302
  • https://sale.aliexpress.com/September_fashion_new_lianmeng.htm?aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db HTTP 302
  • https://www.aliexpress.com/?aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db HTTP 302
  • https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db
Request Chain 295
  • https://mc.yandex.com/watch/23414332?wmode=7&page-url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afp%3A1969%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1616343038617%3Ahid%3A437930172%3Az%3A0%3Ai%3A20220225190559%3Aet%3A1645815960%3Ac%3A1%3Arn%3A844682669%3Arqn%3A1%3Au%3A1645815960640694045%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1645815955359%3Ads%3A0%2C0%2C485%2C1%2C1104%2C0%2C%2C1020%2C3%2C%2C%2C%2C2630%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1645815960%3At%3A%D0%91%D1%83%D1%85%D1%83%D1%87%D0%B5%D1%82%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%3A%20%D0%91%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D1%83%D1%87%D0%B5%D1%82&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afp%3A1969%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1616343038617%3Ahid%3A437930172%3Az%3A0%3Ai%3A20220225190559%3Aet%3A1645815960%3Ac%3A1%3Arn%3A844682669%3Arqn%3A1%3Au%3A1645815960640694045%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1645815955359%3Ads%3A0%2C0%2C485%2C1%2C1104%2C0%2C%2C1020%2C3%2C%2C%2C%2C2630%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1645815960%3At%3A%D0%91%D1%83%D1%85%D1%83%D1%87%D0%B5%D1%82%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%3A%20%D0%91%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D1%83%D1%87%D0%B5%D1%82&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 296
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=4768bb1e1879df0e855a46f5d7d85becee40d2e33fffee50af988699ac004bbd&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F54a7e0f069f643a59085bd43af163c59%2F1645815957868%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YhkolIiGO.verl.gglINwQAA%26668
Request Chain 298
  • https://track.adform.net/serving/cookie/match/?party=9&uid=11f0bff24ae5c1f1d63cc47b8e15139d3ef582d6c25c6531076c07b2fe9a07df&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F54a7e0f069f643a59085bd43af163c59%2F1645815957868%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/img?tpid=42&gdpr=0&tpuid=7765723041879162743
Request Chain 306
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=7c3aeaac051c666ad566ce16a953b508fb199cc4f5c7b137cb8202c1dab5fdb3&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F54a7e0f069f643a59085bd43af163c59%2F1645815957868%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=61dc3367-e9ed-4c7a-8a9b-3493bdffd6da&gdpr=0
Request Chain 307
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=d4c26fd599b3ec6eb799bed7a37d0123b00ad428b436bd33918caab81dab6459&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F54a7e0f069f643a59085bd43af163c59%2F1645815957868%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=0a326219-2895-4400-a64b-e3198aebe87a&gdpr=0&gdpr_consent=
Request Chain 308
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=dde1196e49706afe57c7c19be8a9db16fd904d685f8e387c64873f8aa6333b17&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F54a7e0f069f643a59085bd43af163c59%2F1645815957868%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/img?uid=dde1196e49706afe57c7c19be8a9db16fd904d685f8e387c64873f8aa6333b17&tpid=38&gdpr=0&tpuid=CAESEOi0VdWb1B9_Hmb3sURBHsk&google_cver=1
Request Chain 309
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F54a7e0f069f643a59085bd43af163c59%2F1645815957868%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/img?tpid=75&tpuid=1177295049587875137&gdpr=0
Request Chain 311
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=9abbb865bd2d58a1c4ef167d2f1e471207d8e0b172dd4bae98991f969d2a9ba3&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F54a7e0f069f643a59085bd43af163c59%2F1645815957868%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=9abbb865bd2d58a1c4ef167d2f1e471207d8e0b172dd4bae98991f969d2a9ba3&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F54a7e0f069f643a59085bd43af163c59%2F1645815957868%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/js?tpid=48&tpuid=eeca0c4d67a4d454e0f30b434e540a60
Request Chain 322
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7765723041879162743 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEJuNRgEU76Tx39Nn1IAbhzo&google_cver=1 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=fc834q4OKQkRWquMN0t9WrmXQ&gdpr=0&gdpr_consent=
Request Chain 323
  • https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=fc834q4OKQkRWquMN0t9WrmXQ&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=fc834q4OKQkRWquMN0t9WrmXQ&gdpr=0&gdpr_consent=
Request Chain 324
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=fc834q4OKQkRWquMN0t9WrmXQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=fc834q4OKQkRWquMN0t9WrmXQ&gdpr=0&gdpr_consent=&google_gid=CAESEJuNRgEU76Tx39Nn1IAbhzo&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 359
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f71d827d-d02d-4b6c-b555-a3c20d0ec89c-tuct912ae18&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 361
  • https://docker.creative-serving.com/cm?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=${UUID} HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=a62e0b1d-bc55-44c1-9b8e-c61d9ed7700a
Request Chain 362
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:9SFmwGc41NnFUI5&gdpr=0&gdpr_consent=
Request Chain 364
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AE82394518B545469440C07B7DC93915
Request Chain 366
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=195ECDD6-E5E1-467D-A566-3B8FDE51B157&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=195ECDD6-E5E1-467D-A566-3B8FDE51B157&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=195ECDD6-E5E1-467D-A566-3B8FDE51B157&addseg=11,34,40
Request Chain 367
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=195ECDD6-E5E1-467D-A566-3B8FDE51B157&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=195ECDD6-E5E1-467D-A566-3B8FDE51B157&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 369
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=195ECDD6-E5E1-467D-A566-3B8FDE51B157 HTTP 302
  • https://a.audrte.com/p
Request Chain 371
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=f8b2517f-966d-11ec-a977-0544ef27bb02&gdpr=0&gdpr_consent=
Request Chain 378
  • https://counter.yadro.ru/id127/reff-id.gif?sid=829dd9eeabb44081afc89ede6a6968ab HTTP 302
  • https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=829dd9eeabb44081afc89ede6a6968ab
Request Chain 382
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=7531a24999b680d598936a31e2a3ff15&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=cbece377-c25c-4789-a956-26f96151f013
Request Chain 383
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/7531a24999b680d598936a31e2a3ff15/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=1 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2884923494709783854/gdpr=1
Request Chain 384
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D1&_test=YhkomgAI3XEQJAAy HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YhkomgAI3XEQJAAy/gdpr=1&_test=YhkomgAI3XEQJAAy

382 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.buhoblik.org.ua/
Redirect Chain
  • http://buhoblik.org.ua/
  • https://buhoblik.org.ua/
  • https://www.buhoblik.org.ua/
85 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
9a9ae18df2794e90c3f0657da4efd2ee7cb9c7dd294f1f3a9199e4f8bab554f3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

server
nginx
date
Fri, 25 Feb 2022 19:05:54 GMT
content-type
text/html; charset=utf-8
content-length
15645
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
permissions-policy
interest-cohort=()
expires
Wed, 17 Aug 2005 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0 public
pragma
no-cache
x-ray
p953:0.330/wn26941:0.330/wa26941:D=324677
last-modified
Fri, 25 Feb 2022 19:05:54 GMT
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

server
nginx
date
Fri, 25 Feb 2022 19:05:54 GMT
content-type
text/html; charset=iso-8859-1
content-length
236
x-ray
p953:0.007/wn26941:0.010/wa26941:D=6539
location
https://www.buhoblik.org.ua/
cache-control
max-age=0
expires
Fri, 25 Feb 2022 19:05:54 GMT
5ae88bc53bb2a870aa7eb201075fa2cb.css
www.buhoblik.org.ua/media/com_jchoptimize/cache/css/ 		161 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.buhoblik.org.ua/media/com_jchoptimize/cache/css/5ae88bc53bb2a870aa7eb201075fa2cb.css
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
88467b23c1044f571783e76997720036df1c0a9925eee5f428c7ff150fa7da56

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-ray
p953:0.007/wn26941:0.000/
content-encoding
br
last-modified
Fri, 25 Feb 2022 18:58:02 GMT
server
nginx
etag
W/"621926ba-28387"
content-type
text/css
cache-control
max-age=2592000
date
Fri, 25 Feb 2022 19:05:55 GMT
expires
Sun, 27 Mar 2022 19:05:55 GMT
0a71639e87b69ef0957d8cf5c1d7e6e3.js
www.buhoblik.org.ua/media/com_jchoptimize/cache/js/ 		137 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.buhoblik.org.ua/media/com_jchoptimize/cache/js/0a71639e87b69ef0957d8cf5c1d7e6e3.js
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
39d7baa5797d401733cfc40ff26c35e4f4d7318ffcaa221ecf767b4f33bb26cc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-ray
p953:0.012/wn26941:0.000/
content-encoding
br
last-modified
Fri, 25 Feb 2022 18:58:02 GMT
server
nginx
etag
W/"621926ba-223b2"
content-type
application/javascript
cache-control
max-age=2592000
date
Fri, 25 Feb 2022 19:05:55 GMT
expires
Sun, 27 Mar 2022 19:05:55 GMT
brandjs.js
www.gstatic.com/prose/
Redirect Chain
  • https://www.google.com.ua/cse/brand?form=cse-search-box%E2%8C%A9=ru
  • https://www.gstatic.com/prose/brandjs.js
14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/prose/brandjs.js
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 12:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5807
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 15:14:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 26 Feb 2022 12:16:32 GMT

Redirect headers

date
Fri, 25 Feb 2022 19:02:04 GMT
x-content-type-options
nosniff
server
sffe
age
231
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/prose/brandjs.js
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 25 Feb 2022 19:32:04 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c7464e5ffa964637861f94de3d75d7b3ca3932f7ddb6812cbd826d598904d68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53811
x-xss-protection
0
server
cafe
etag
222050377681796107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 25 Feb 2022 19:05:55 GMT
youtube-32.png
www.buhoblik.org.ua/images/ 		918 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buhoblik.org.ua/images/youtube-32.png
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
c6d254ee6b05a14666952b2b7629dedc518103bfed8a8d6ee0c1cbe28f76c6fd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-ray
p953:0.000/wn26941:0.000/
last-modified
Sat, 21 Mar 2020 22:41:20 GMT
server
nginx
etag
"5e769810-396"
content-type
image/png
cache-control
max-age=2592000
date
Fri, 25 Feb 2022 19:05:55 GMT
accept-ranges
bytes
content-length
918
expires
Sun, 27 Mar 2022 19:05:55 GMT
list_black.png
www.buhoblik.org.ua/images/ 		417 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buhoblik.org.ua/images/list_black.png
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
002a93857ca724d4828a347c2b419a56eabfd275f206a5febc48246ccfe5830d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-ray
p953:0.000/wn26941:0.000/
last-modified
Thu, 27 Aug 2015 18:43:06 GMT
server
nginx
etag
"55df5a3a-1a1"
content-type
image/png
cache-control
max-age=2592000
date
Fri, 25 Feb 2022 19:05:55 GMT
accept-ranges
bytes
content-length
417
expires
Sun, 27 Mar 2022 19:05:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5630956766216465
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01e4f178cabed5f54cda7846ca2fac2d0c8d95fb5a43ef9fa1d5a62d3db56975
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.buhoblik.org.ua/
Origin
https://www.buhoblik.org.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53788
x-xss-protection
0
server
cafe
etag
11965234570887428908
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 25 Feb 2022 19:05:55 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a848f4ba76e34a35cd995394dcafa2a3423fa76c761968db197ac1de002d2fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40136
x-xss-protection
0
server
cafe
etag
18374043148577082196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 25 Feb 2022 19:05:55 GMT
loader2.js
cdn.admixer.net/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
b53e598b65927cfe813d8fc0140e38492dc672c81062f1c5db566c23b04459fc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Fri, 25 Feb 2022 19:05:55 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 10:29:07 GMT
server
nginx
etag
W/"62039773-2c0e6"
x-cached-since
2022-02-25T18:59:45+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Thu, 17 Feb 2022 15:24:06 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7075
date
Fri, 25 Feb 2022 17:08:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Fri, 25 Feb 2022 19:08:00 GMT
module-main3.png
www.buhoblik.org.ua/images/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buhoblik.org.ua/images/module-main3.png
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
8dfbfa16c85400143f85eb24eef8df723fd19c190f841c2c5ff22b8d0a5eeb09

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-ray
p953:0.000/wn26941:0.000/
last-modified
Sun, 13 Feb 2022 17:15:45 GMT
server
nginx
etag
"62093cc1-11743"
content-type
image/png
cache-control
max-age=2592000
date
Fri, 25 Feb 2022 19:05:55 GMT
accept-ranges
bytes
content-length
71491
expires
Sun, 27 Mar 2022 19:05:55 GMT
buhoblik_org_ua
tttttt.me/ Frame 7111
Redirect Chain
  • https://xn--r1a.website/s/buhoblik_org_ua
  • https://tttttt.me/buhoblik_org_ua
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tttttt.me/buhoblik_org_ua
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
6d50a69b479029d0d1cc0f1e90759a3bcdf1895c518bf4e5bd59879d5f299448
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

Server
nginx
Date
Fri, 25 Feb 2022 19:05:56 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Pragma
no-cache
Cache-control
no-store
Strict-Transport-Security
max-age=35768000
Access-Control-Allow-Origin
*
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Fri, 25 Feb 2022 19:05:56 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Pragma
no-cache
Cache-control
no-store
Location
https://tttttt.me/buhoblik_org_ua
Strict-Transport-Security
max-age=35768000
Access-Control-Allow-Origin
*
num_star.png
www.buhoblik.org.ua/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buhoblik.org.ua/images/num_star.png
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
a4d35007c83b3689910808811412e63293a2ae2abf1180a2dbaf4b3f7bb91ce9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-ray
p953:0.000/wn26941:0.000/
last-modified
Tue, 03 Jan 2017 22:58:31 GMT
server
nginx
etag
"586c2c97-652"
content-type
image/png
cache-control
max-age=2592000
date
Fri, 25 Feb 2022 19:05:55 GMT
accept-ranges
bytes
content-length
1618
expires
Sun, 27 Mar 2022 19:05:55 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/ 		290 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b7ea24747712484c1c05b0337f5538e246fb01a18b8d14ddd2de428f444ea92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106770
x-xss-protection
0
server
cafe
etag
8686337993692154243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 25 Feb 2022 19:05:55 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/ Frame A892 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Fri, 25 Feb 2022 04:58:03 GMT
expires
Fri, 11 Mar 2022 04:58:03 GMT
cache-control
public, max-age=1209600
age
50872
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
__utm.gif
ssl.google-analytics.com/r/ 		35 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=783279137&utmhn=www.buhoblik.org.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%91%D1%83%D1%85%D1%83%D1%87%D0%B5%D1%82%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%3A%20%D0%91%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D1%83%D1%87%D0%B5%D1%82&utmhid=287414095&utmr=-&utmp=%2F&utmht=1645815957868&utmac=UA-23922474-1&utmcc=__utma%3D21695912.104275366.1645815958.1645815958.1645815958.1%3B%2B__utmz%3D21695912.1645815958.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=795514733&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
pdf-sborniki-vnizu-115-2022.png
avto-oblik.com.ua/images/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avto-oblik.com.ua/images/pdf-sborniki-vnizu-115-2022.png
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:109e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
89c114dc23d61c6b428f26c214e96d1fd49b43c8f777c8fcbb9ffdee7a84d81f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-ray
p15931:0.000/wn503:0.000/
last-modified
Mon, 27 Dec 2021 15:47:26 GMT
server
nginx
etag
"61c9e00e-1201c"
content-type
image/png
cache-control
max-age=2592000
date
Fri, 25 Feb 2022 19:05:56 GMT
accept-ranges
bytes
content-length
73756
expires
Sun, 27 Mar 2022 19:05:56 GMT
dovidnik-buhgaltera-238.png
www.buhoblik.org.ua/normativka/spravochniki/spravochnik-buhgaltera/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buhoblik.org.ua/normativka/spravochniki/spravochnik-buhgaltera/dovidnik-buhgaltera-238.png
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
052155039c13b233f324882bd10dc38150b5bd74fb44f27c0ead4d518fbc901b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-ray
p953:0.001/wn26941:0.000/
last-modified
Wed, 26 Jul 2017 08:14:12 GMT
server
nginx
etag
"59784f54-3eb3"
content-type
image/png
cache-control
max-age=2592000
date
Fri, 25 Feb 2022 19:05:55 GMT
accept-ranges
bytes
content-length
16051
expires
Sun, 27 Mar 2022 19:05:55 GMT
sidebar-uchet-2021.png
www.buhoblik.org.ua/images/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buhoblik.org.ua/images/sidebar-uchet-2021.png
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d02::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
8fd5f6e7503d4078925f3fada4d3b42ec4e036bf844ee62621f9c6c0272a1495

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-ray
p953:0.001/wn26941:0.000/
last-modified
Tue, 12 Oct 2021 18:15:43 GMT
server
nginx
etag
"6165d0cf-e6ff"
content-type
image/png
cache-control
max-age=2592000
date
Fri, 25 Feb 2022 19:05:55 GMT
accept-ranges
bytes
content-length
59135
expires
Sun, 27 Mar 2022 19:05:55 GMT
c.html
cdn.admixer.net/scripts3/43512/ Frame 5D8F 		738 B
510 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/43512/c.html?b=43512
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

server
nginx
date
Fri, 25 Feb 2022 19:05:55 GMT
content-type
text/html
last-modified
Wed, 09 Feb 2022 10:29:22 GMT
vary
Accept-Encoding
etag
W/"62039782-2e2"
expires
Sat, 18 Feb 2023 15:14:06 GMT
cache-control
max-age=31622400
cache
HIT
x-cached-since
2022-02-17T15:14:06+00:00
x-id
fr5-up-gc28
content-encoding
gzip
0967ebea4a2a8854ab82.b.js
cdn.admixer.net/scripts3/43512/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/43512/0967ebea4a2a8854ab82.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
09ef43311f60323feb3ecd8c3f5e81064548c7e632d58e27253e6fef25bc0e7f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Fri, 25 Feb 2022 19:05:55 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 10:29:08 GMT
server
nginx
etag
W/"62039774-5d41"
vary
Accept-Encoding
x-cached-since
2022-02-17T15:14:06+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 18 Feb 2023 15:14:06 GMT
98ebe154e9517b8e1108.b.js
cdn.admixer.net/scripts3/43512/ 		74 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/43512/98ebe154e9517b8e1108.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
3887f0e3d7b1971098416bd5e0dc53064bdadeacea122b51053a2ed74dbb177f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Fri, 25 Feb 2022 19:05:55 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 10:29:19 GMT
server
nginx
etag
W/"6203977f-12985"
vary
Accept-Encoding
x-cached-since
2022-02-17T15:14:06+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 18 Feb 2023 15:14:06 GMT
c.html
cdn.admixer.net/scripts3/43512/ Frame E19E 		738 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/43512/c.html?b=43512
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

server
nginx
date
Fri, 25 Feb 2022 19:05:55 GMT
content-type
text/html
last-modified
Wed, 09 Feb 2022 10:29:22 GMT
vary
Accept-Encoding
etag
W/"62039782-2e2"
expires
Sat, 18 Feb 2023 15:14:06 GMT
cache-control
max-age=31622400
cache
HIT
x-cached-since
2022-02-17T15:14:06+00:00
x-id
fr5-up-gc28
content-encoding
gzip
uptolike.js
w.uptolike.com/widgets/v1/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/widgets/v1/uptolike.js
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
c23f13dc75521d634c0f19c8566969275e9e56cd3de9bb6652e38923d4ac99d2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:56 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Expires
Fri, 25 Feb 2022 19:35:56 GMT
cookie.js
partner.googleadservices.com/gampad/ 		219 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.buhoblik.org.ua&callback=_gfp_s_&client=ca-pub-5630956766216465
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
72312896f981109051b84114eeb536be4f5022de13514660739d253f0ed09304
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.buhoblik.org.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.buhoblik.org.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8F67 		25 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1645815954&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957799&bpp=5&bdt=722&idt=206&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=7601375539490&frm=20&pv=2&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WvsY0L7M9l&p=https%3A//www.buhoblik.org.ua&dtd=233
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae12e6ecdb6dea284bb7dffd4868d0e21f27d6f730cf6544e31f940a61412e5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 25 Feb 2022 19:05:56 GMT
server
cafe
content-length
10198
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 25 Feb 2022 19:05:56 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 169C 		78 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645815954&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957821&bpp=2&bdt=744&idt=234&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vsTZsVWvho&p=https%3A//www.buhoblik.org.ua&dtd=238
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
025f21eecffd5e4f53f86bfa0cab271497f9e7971e629bb23b8ebe6a8a3f42c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 25 Feb 2022 19:05:56 GMT
server
cafe
content-length
29222
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 25 Feb 2022 19:05:56 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 3E46 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&adk=1812271804&adf=3025194257&lmt=1645815954&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957845&bpp=1&bdt=768&idt=231&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280&nras=1&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=238
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 25 Feb 2022 19:05:56 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 25 Feb 2022 19:05:56 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 14BD 		25 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645815954&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957846&bpp=2&bdt=769&idt=246&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280%2C0x0&nras=1&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&cms=3&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V7Tuoh3Xd6&p=https%3A//www.buhoblik.org.ua&dtd=251
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fbe1d847315188ea2d92fc31cffac79b123cccf0db720e905d22ef7685a066ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 25 Feb 2022 19:05:56 GMT
server
cafe
content-length
10274
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 25 Feb 2022 19:05:56 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 229F 		25 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=90&slotname=9743280908&adk=360469529&adf=4285100924&pi=t.ma~as.9743280908&w=728&lmt=1645815954&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957893&bpp=9&bdt=816&idt=215&shv=r20220223&mjsv=m202202090102&ptt=5&saldr=sa&abxe=1&prev_fmts=730x280%2C336x280%2C0x0%2C730x280&nras=1&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=311&ady=5851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3ZtUIVhGjB&p=https%3A//www.buhoblik.org.ua&dtd=219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5630956766216465&plah=www.buhoblik.org.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b89a9f540b409599b6239fdd4d237c3e0da0cb019e3b04cf0dcc89c1db82d378
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 25 Feb 2022 19:05:56 GMT
server
cafe
content-length
10260
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 25 Feb 2022 19:05:56 GMT
cache-control
private
dsp.aspx
inv-nets.admixer.net/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=3181889068135923.5&cpv=a243e374-8d4e-eafc-3633-b432e6e2e4bb&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%222f569cf4-069f-e4b3-333a-a23552411ecf%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fwww.buhoblik.org.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Linux%3B%20Android%2011)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F86.0.4240.185%20Mobile%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22cb563754-eba9-52e5-1a30-ee75491f6371%22%2C%22tagid%22%3A%22dab6be62-b1e7-4d05-a12c-0a70b3291504%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_dab6be62b1e74d05a12c0a70b3291504_zone_1393_sect_956_site_943%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
0ed54caee84c318d07d509d9c9202e69cbcc2cea84cee602621292e7618808ff
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:56 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
2129
X-Xss-Protection
0
version.js
w.uptolike.com/widgets/v1/ 		70 B
844 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1645815958284339
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/uptolike.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
d1da0b01a7288710a9b8eb6922accfe64f9a895633ad63867e56f1f41b6da05f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:56 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
*
Cache-Control
no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Expires
Fri, 28 Jan 2022 08:03:17 GMT
bid
a4p.adpartner.pro/hb/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/hb/bid?tag=6818&sizes=240x350,240x400&referer=www.buhoblik.org.ua%2F
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/43512/0967ebea4a2a8854ab82.b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.59.18.237 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-a61777d5.vps.ovh.net
Software
nginx /
Resource Hash
aae7a0b108e6ba697943a6db3cc86164fefc835f8070a9a93425487776cef956

Request headers

Referer
https://www.buhoblik.org.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.buhoblik.org.ua
date
Fri, 25 Feb 2022 19:05:56 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/json
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/43512/0967ebea4a2a8854ab82.b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.buhoblik.org.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.buhoblik.org.ua
date
Fri, 25 Feb 2022 19:05:56 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
sync.html
s.adtelligent.com/ Frame 1229 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=3181889068135923.5&cpv=a243e374-8d4e-eafc-3633-b432e6e2e4bb&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%222f569cf4-069f-e4b3-333a-a23552411ecf%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fwww.buhoblik.org.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Linux%3B%20Android%2011)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F86.0.4240.185%20Mobile%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22cb563754-eba9-52e5-1a30-ee75491f6371%22%2C%22tagid%22%3A%22dab6be62-b1e7-4d05-a12c-0a70b3291504%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_dab6be62b1e74d05a12c0a70b3291504_zone_1393_sect_956_site_943%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
364d35565bf184c65b556bdf437f92ae4308d3c837416f48f79d66d9a343aa3a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

Server
Adtelligent
Date
Fri, 25 Feb 2022 19:05:56 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
1238
Access-Control-Allow-Origin
https://www.buhoblik.org.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=c9946af36a2a46eb98a9c9f5e1815abe&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=c9946af36a2a46eb98a9c9f5e1815abe&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://px.adhigh.net/p/cm/bsw?u=c64d842a-61a4-4f60-94d2-59680be6a474&bidswitch_ssp_id=admixer
  • https://px.adhigh.net/p/cm/bsw?u=c64d842a-61a4-4f60-94d2-59680be6a474&bidswitch_ssp_id=admixer&bounced=1
  • https://x.bidswitch.net/sync?dsp_id=9&user_id=uL05vGpMFQR3.AikABlF_MkaF1A&expires=30&ssp=admixer
  • https://inv-nets.admixer.net/bs/cm.aspx?id=c64d842a-61a4-4f60-94d2-59680be6a474&gdpr=&consent=&gdpr_pd=
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=c64d842a-61a4-4f60-94d2-59680be6a474&gdpr=&consent=&gdpr_pd=
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:57 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

Location
//inv-nets.admixer.net/bs/cm.aspx?id=c64d842a-61a4-4f60-94d2-59680be6a474&gdpr=&consent=&gdpr_pd=
Date
Fri, 25 Feb 2022 19:05:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ 		0
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=380632&3pid=c9946af36a2a46eb98a9c9f5e1815abe&us_privacy=$(US_PRIVACY)&gdpr=&gdpr_consent=&location=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%5BSOVRNID%5D
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:56 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT
cm-notify
creativecdn.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admixer
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:56 GMT, Fri, 25 Feb 2022 19:05:56 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://creativecdn.com/cm-notify?pi=admixer&tc=1
date
Fri, 25 Feb 2022 19:05:56 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
1px-matching-admixer.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-admixer.gif?id=c9946af36a2a46eb98a9c9f5e1815abe
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:56 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YhkolIiGO-verl-gglINwQAAApwAAAIB
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YhkolIiGO-verl-gglINwQAAApwAAAIB
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:56 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YhkolIiGO-verl-gglINwQAAApwAAAIB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
304
Expires
Fri, 25 Feb 2022 19:05:56 GMT
pic.gif
pa.tns-ua.com/bug/
Redirect Chain
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=c9946af36a2a46eb98a9c9f5e1815abe
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZF553FC380D64FBB8918F150A9E17225&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=c9946af36a2a46eb98a9c9f5e1815abe
56 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZF553FC380D64FBB8918F150A9E17225&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=c9946af36a2a46eb98a9c9f5e1815abe
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0
content-type
image/gif
expires
-1

Redirect headers

location
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZF553FC380D64FBB8918F150A9E17225&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=c9946af36a2a46eb98a9c9f5e1815abe
date
Fri, 25 Feb 2022 19:05:56 GMT
cache-control
no-cache
server
nginx/1.18.0
content-length
0
expires
-1
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://admixer-sync.rutarget.ru/sync
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=76391747-8C01-44B5-BA9C-B7DA670E100C&id=ULqVbueui9yk
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=76391747-8C01-44B5-BA9C-B7DA670E100C&id=ULqVbueui9yk
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:56 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=76391747-8C01-44B5-BA9C-B7DA670E100C&id=ULqVbueui9yk
date
Fri, 25 Feb 2022 19:05:56 GMT
server
nginx
content-length
0
p3p
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=cf1e2b83-7e17-49ff-95d1-db00e3cd37cd
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=cf1e2b83-7e17-49ff-95d1-db00e3cd37cd
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:56 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=cf1e2b83-7e17-49ff-95d1-db00e3cd37cd
date
Fri, 25 Feb 2022 19:05:56 GMT
cache-control
no-store no-transform
server
nginx
content-length
190
content-type
text/html; charset=utf-8
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=3b95811b-4779-5338-957c-2c4ef76504da
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=3b95811b-4779-5338-957c-2c4ef76504da
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:56 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=3b95811b-4779-5338-957c-2c4ef76504da
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
admixer
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=c9946af36a2a46eb98a9c9f5e1815abe
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=c9946af36a2a46eb98a9c9f5e1815abe
43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=c9946af36a2a46eb98a9c9f5e1815abe
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Server
88.198.31.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.198.31.232.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif

Redirect headers

location
/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=c9946af36a2a46eb98a9c9f5e1815abe
date
Fri, 25 Feb 2022 19:05:56 GMT
server
nginx
etag
W/"fa513e76960284de18b5d6f876e5ba9e3dbff6ea147ac92f61ba76f94a5b33a2"
content-length
122
serverid
TODO
content-type
text/html; charset=utf-8
1px-matching-go2net.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=c9946af36a2a46eb98a9c9f5e1815abe
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:56 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
match
dm.hybrid.ai/ 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=128&vid=c9946af36a2a46eb98a9c9f5e1815abe&gdpr=&gdpr_consent=
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:56 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
115
x-xss-protection
1; mode=block
expires
-1
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806&tuid=-4327654948
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=AAs_4jpkTYiW_ZrnOblcMMw
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=AAs_4jpkTYiW_ZrnOblcMMw
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:57 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:57 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location
https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=AAs_4jpkTYiW_ZrnOblcMMw
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 14BD 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645815954&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957846&bpp=2&bdt=769&idt=246&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280%2C0x0&nras=1&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&cms=3&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V7Tuoh3Xd6&p=https%3A//www.buhoblik.org.ua&dtd=251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:00:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
340
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 19:00:16 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 14BD 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645815954&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957846&bpp=2&bdt=769&idt=246&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280%2C0x0&nras=1&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&cms=3&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V7Tuoh3Xd6&p=https%3A//www.buhoblik.org.ua&dtd=251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:03:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6434
x-xss-protection
0
server
cafe
etag
16791967082338318403
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 19:03:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 14BD 		124 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645815954&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957846&bpp=2&bdt=769&idt=246&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280%2C0x0&nras=1&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&cms=3&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V7Tuoh3Xd6&p=https%3A//www.buhoblik.org.ua&dtd=251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38829
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645619776399499"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 25 Feb 2022 19:05:56 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame F4AE 		137 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABcIgIu8o8AALsuEHmYqS0zLKoIjqMJQ&u=%7C9DNl%2FNZD8EzgKpNt%2FEkMa86sTrmg%2BHDwP0UScpM4RpI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxunIYlLJFtWD51zkiyHbjJwfwBN2-jKKLd2_evI08hUbtBu-iNWzNDS2u775Y-F2nod4iC_KLF2CJkP7DqteMOYTDsehzT1oaAln7ohlpSP9evfNHMN9-7LNYCLT2obJUzl0fbtnkWqMVmq_e4WzwaSk0z8HSDf3-nsSHWI3_5aDfru17a91Q-OwmIOf1uvbP9Nidd8C2RSc0dk-wmKzhloX6RaZTYCQ1G8xNNH7zU9Insyo8OJdWp2vcRmYC_Ts-8QGY1NRNVdSvQDIRHxO5LRfco0vYOKJ7MF3sBB_9Z5YOJ5KzVYCkyJtc4pmvT1NcIp-1j93Cqdft0JMvmO9V4PBHYICT8m5ctfWJ4FYP89KWhR3T3g7yUI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgj4vlCgZYojhBbyU7_UPuNmLsAvJntKxXMWMi-CaAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLU2S1G4N2yPqgDAaoE5QFP0GP0rn_Lr55TzpYk1X5WHCiqBumWAYnecN0siCsK3dUlO9BxY9S5FOToeQQqkPW4CA6YbXwZLT57GW0I3dLdIxQ6C8snrwzgnhoaZSMlG3QSUeLlFNNRONc6Z9GWh8yf4wAx43fwvRbexxqJkTqDl_ftJa3_SAl6ooLuHkcTyUlFmLitZv4k5U-5f4FGp0bJGf9B4089uLR5Wy85dzGOLL0iMACk-c3rIrOjrKRolVU1EBI297s-hyafXmoQQKeJ9reio6RhZiZEPzstuKptY6PjVwW36omb7bd1YkKq_5Tqat-tgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0oTWDxHC_ItCcs0ZDNjxFApZMGng%26client%3Dca-pub-5630956766216465%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645815954&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957846&bpp=2&bdt=769&idt=246&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280%2C0x0&nras=1&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&cms=3&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V7Tuoh3Xd6&p=https%3A//www.buhoblik.org.ua&dtd=251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2485fd84df2f7888bfb99c499ea6cafb20f39127ec6fd0f72ddc2b77d02fdf08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=DMPUecNjIKp-27jdVJHZXF-Xngkr7f5mTBpqjTf-083RKmQw5g49H3FNPRWGlp_lQqAONI8kIU3jAixUwDElLKzXUGWhHqGdjGzyWQqaY2h3rb19VFH-WNSvfy084gHMr0jflWpYDzBN3whqlG-HyD2xmdDZ8EJpSHkg54tCiDeqkgQCbLK895NiZQAFBGTqahMed7CEhmpVafWc73FstIiIs_PBmc7BisaJNo-rrOUzgaG-msaFTzJw1STJQTOOkBf57g"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
121616458
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
adview
googleads.g.doubleclick.net/pagead/ Frame 14BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CHtOelCgZYojhBbyU7_UPuNmLsAvJntKxXMWMi-CaAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLU2S1G4N2yPqgDAaoE4gFP0GP0rn_Lr55TzpYk1X5WHCiqBumWAYnecN0siCsK3dUlO9BxY9S5FOToeQQqkPW4CA6YbXwZLT57GW0I3dLdIxQ6C8snrwzgnhoaZSMlG3QSUeLlFNNRONc6Z9GWh8yf4wAx43fwvRbexxqJkTqDl_ftJa3_SAl6ooLuHkcTyUlFmLitZv4k5U-5f4FGp0bJGf9B4089uLR5Wy85dzGOLL0iMACk-c3rIrOjrKRolVU1EBI297s-hyafXigSYTUOeSuxHDh1xfZ5mcMkrKDbaY371bF_1y9pUqlZescAe4dVgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTYzMDk1Njc2NjIxNjQ2NRgA&sigh=gynp7ZZnjB0&uach_m=[UACH]&cid=CAQSGwCNIrLMC-giaeHo1GaxmgOCHBLt96YwgrXeLRgB&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645815954&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957846&bpp=2&bdt=769&idt=246&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280%2C0x0&nras=1&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&cms=3&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V7Tuoh3Xd6&p=https%3A//www.buhoblik.org.ua&dtd=251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645815954&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957846&bpp=2&bdt=769&idt=246&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280%2C0x0&nras=1&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&cms=3&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V7Tuoh3Xd6&p=https%3A//www.buhoblik.org.ua&dtd=251
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 25 Feb 2022 19:05:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 25 Feb 2022 19:05:56 GMT
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 14BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UsDUEcz6RNoFmAKdg2ICAgAAAO5igEQ3rr8m2nHJuhCUKBlizZ-mNUBb-biPLU4AEg&wp=YhkolAABcIgIu8o8AALsuEHmYqS0zLKoIjqMJQ&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=6954100132&adk=3374070490&adf=4207227173&pi=t.ma~as.6954100132&w=730&fwrn=4&fwrnh=100&lmt=1645815954&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957846&bpp=2&bdt=769&idt=246&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C336x280%2C0x0&nras=1&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3765&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&cms=3&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=V7Tuoh3Xd6&p=https%3A//www.buhoblik.org.ua&dtd=251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
server
Kestrel
server-processing-duration-in-ticks
259991
content-length
0
strict-transport-security
max-age=31536000; preload;
widgetsModule.js
w.uptolike.com/widgets/v1/ 		172 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/widgets/v1/widgetsModule.js?v=5e5f39385e9edc9f82706afd51e24398
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/uptolike.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
624108d126aaea46f83bb807588d0fd9a1ad3ce8b237577f70cd5ee6232cbfb4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:56 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript;charset=utf-8
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 25 Feb 2022 19:35:56 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 8F67 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1645815954&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957799&bpp=5&bdt=722&idt=206&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=7601375539490&frm=20&pv=2&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WvsY0L7M9l&p=https%3A//www.buhoblik.org.ua&dtd=233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:00:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
340
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 19:00:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8F67 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1645815954&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957799&bpp=5&bdt=722&idt=206&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=7601375539490&frm=20&pv=2&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WvsY0L7M9l&p=https%3A//www.buhoblik.org.ua&dtd=233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38829
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645619776399499"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 25 Feb 2022 19:05:56 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 8F67 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1645815954&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957799&bpp=5&bdt=722&idt=206&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=7601375539490&frm=20&pv=2&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WvsY0L7M9l&p=https%3A//www.buhoblik.org.ua&dtd=233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:03:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6434
x-xss-protection
0
server
cafe
etag
16791967082338318403
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 19:03:59 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 8F67 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C4E7OlCgZYq-iBtyU7_UPreeVgAPJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTdAU_QHUPWBuFEnxw0wKviLJAwPumTYp-VLRFnp4_OF_Njgdl98K2D_RmWNB6OUQSxIsxDD-wZpDBHlHLvsE1JJLXB5SJCBN-cd9x0HmZj5YtHJn1AYXTF5od2fk5JMuSOrbsulw4g2nwW3Mq7sSr73Icpc0PE06LJNcAPdrPViUpnXzbBFpJqaaIU3dvWSbXaUr239_PEMQrCWufEtpEiV7-yo7J3k1y0B3xmLjGL-v81w44rfBMjPIrYsD1bbUIhzk7X24HcMY-1ahdn_fPIu7rQndIQDMg0Y4uNypsUgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTYzMDk1Njc2NjIxNjQ2NRgA&sigh=dKSI0uikXgk&uach_m=[UACH]&cid=CAQSGwCNIrLMQAbRnV3Py1-_Dqz1Xx2CC1HHdO4P3RgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1645815954&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957799&bpp=5&bdt=722&idt=206&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=7601375539490&frm=20&pv=2&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WvsY0L7M9l&p=https%3A//www.buhoblik.org.ua&dtd=233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1645815954&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957799&bpp=5&bdt=722&idt=206&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=7601375539490&frm=20&pv=2&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WvsY0L7M9l&p=https%3A//www.buhoblik.org.ua&dtd=233
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 25 Feb 2022 19:05:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 25 Feb 2022 19:05:56 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 8F67 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UsDUEcz6RNoFmAKdg2ICAgAAAL3dF7qT-P8r2nHJuhCUKBli8I2PJunK1ijehbkAEg&wp=YhkolAABkS8Iu8pcAAVzrQ5a-oSaJ1_JgO8ZYg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1645815954&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957799&bpp=5&bdt=722&idt=206&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=7601375539490&frm=20&pv=2&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WvsY0L7M9l&p=https%3A//www.buhoblik.org.ua&dtd=233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
server
Kestrel
server-processing-duration-in-ticks
343058
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame E3C5 		133 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABkS8Iu8pcAAVzrQ5a-oSaJ1_JgO8ZYg&u=%7C9DNl%2FNZD8EwjI%2FPvYlUzI9T2KYJvsER74BBhRFSCPjQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxmKns7mQVDO43o3WyRS9RBeklJ1OOpQ44wZOWNyASwR77FacyA5dO-6hAJeff7TTFuH77gxU6ZcIHX_RSRnc2Vnvr7_4_7jf2oC6ojf-YuFne3mUFiQm8mhN0Yz7ociZyCg-dFoJ6w9zQOnQIUw8VF_5mS2bjgaQS6oFO6e66Pkl068K005ljAnAi2JKEoNw0sIp_7hIXb105l9NkrUloaOOVbaOiIUOGnP69Uy3ywPfY4Zs04qGBSgpOin617pFwB0rJ-pARt_b3fH0PP_ksNh9T7XbbeUoE1fkJuNmqC0DtELOTWalhiKIAzG8ue5OGUTDDMMBvvSH0rVLVbViEk5x58HQHo3y2dkC5t903AsD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXvjslCgZYq-iBtyU7_UPreeVgAPJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTgAU_QHUPWBuFEnxw0wKviLJAwPumTYp-VLRFnp4_OF_Njgdl98K2D_RmWNB6OUQSxIsxDD-wZpDBHlHLvsE1JJLXB5SJCBN-cd9x0HmZj5YtHJn1AYXTF5od2fk5JMuSOrbsulw4g2nwW3Mq7sSr73Icpc0PE06LJNcAPdrPViUpnXzbBFpJqaaIU3dvWSbXaUr239_PEMQrCWufEtpEiV7-yo7J3k1y0B3xmLjGL-v81w44rfBMjPMjaka_c4t4ycdLDeFHhl3e8fh3R993QOQ4YoHTis9YYew4nToirj-3CgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_08xzuAhvtDMHtRyrU0O4mBIFu4yw%26client%3Dca-pub-5630956766216465%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9597306129&adk=3078983205&adf=3223326304&pi=t.ma~as.9597306129&w=730&fwrn=4&fwrnh=100&lmt=1645815954&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957799&bpp=5&bdt=722&idt=206&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=7601375539490&frm=20&pv=2&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WvsY0L7M9l&p=https%3A//www.buhoblik.org.ua&dtd=233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf9e6d1a665711c4f829583ad797c12a623991cb1cce1b4f54f32bfb6859f27b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Fri, 25 Feb 2022 19:05:55 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=YUyyncNjIKp-27jdJ90YJwsuWIJ7TE8SFKDOOYggrTv_DDc4ex3lqBLcCbZf8J4LWaZx65Z49gBvOdcMU_ekF2i8UXwBAB8h5H_xKdwHCx934VCmFr-mP3o5r-L6lRz__O7f3ciyvWCu5ulW4eilmWg8o8Ny43ec_mymEa7EpEXGMaFjjT7C9UisesplXXyMaYLNeotvEnl7h3iXSuXskpxSLwkmA3tBvZbQOEGvfjlT_kteTjeTnNMo5dt-EdnLiihxYg"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
72318419
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 229F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=90&slotname=9743280908&adk=360469529&adf=4285100924&pi=t.ma~as.9743280908&w=728&lmt=1645815954&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957893&bpp=9&bdt=816&idt=215&shv=r20220223&mjsv=m202202090102&ptt=5&saldr=sa&abxe=1&prev_fmts=730x280%2C336x280%2C0x0%2C730x280&nras=1&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=311&ady=5851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3ZtUIVhGjB&p=https%3A//www.buhoblik.org.ua&dtd=219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:00:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
340
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 19:00:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 229F 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=90&slotname=9743280908&adk=360469529&adf=4285100924&pi=t.ma~as.9743280908&w=728&lmt=1645815954&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957893&bpp=9&bdt=816&idt=215&shv=r20220223&mjsv=m202202090102&ptt=5&saldr=sa&abxe=1&prev_fmts=730x280%2C336x280%2C0x0%2C730x280&nras=1&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=311&ady=5851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3ZtUIVhGjB&p=https%3A//www.buhoblik.org.ua&dtd=219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38829
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645619776399499"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 25 Feb 2022 19:05:56 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 229F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=90&slotname=9743280908&adk=360469529&adf=4285100924&pi=t.ma~as.9743280908&w=728&lmt=1645815954&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957893&bpp=9&bdt=816&idt=215&shv=r20220223&mjsv=m202202090102&ptt=5&saldr=sa&abxe=1&prev_fmts=730x280%2C336x280%2C0x0%2C730x280&nras=1&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=311&ady=5851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3ZtUIVhGjB&p=https%3A//www.buhoblik.org.ua&dtd=219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:03:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6434
x-xss-protection
0
server
cafe
etag
16791967082338318403
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 19:03:59 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 229F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CapFxlCgZYoKyBt-G7_UP0ZmL8ALJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgThAU_QzvP4NIz3BxeivR_1-3Wf25yxk-kU45D6T86jtHoLo3LmtvAfJ--L3TzUwiSKOBNcIos7mM24HkGQrSZ7p4Dqwl82UJqSst3zLQEQSMmStYcrBBKD0xnziFf9eJDtqGYxzBGiX9pMgBr0KSLgj8BOz8Txvt2ly2Xsfimqt4FHi75zy3UVOBQrUvrffLEp6WzRDtLafk_rFWU_AKdYbTjMbVpiLkASnYY5GJsxT6_l6xvRY1KInSEZSmBj13jS67u0veeamDfh8YWyEpqH2JFSK4BtjFE9caNJATPNl9jSfoAGw9-iw_Xd9Yb_AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU2MzA5NTY3NjYyMTY0NjUYAA&sigh=K5TXFldM4mE&uach_m=[UACH]&cid=CAQSGwCNIrLMX2xA7ZZr_gIXzF8PbF6tZOp-_34JsBgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=90&slotname=9743280908&adk=360469529&adf=4285100924&pi=t.ma~as.9743280908&w=728&lmt=1645815954&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957893&bpp=9&bdt=816&idt=215&shv=r20220223&mjsv=m202202090102&ptt=5&saldr=sa&abxe=1&prev_fmts=730x280%2C336x280%2C0x0%2C730x280&nras=1&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=311&ady=5851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3ZtUIVhGjB&p=https%3A//www.buhoblik.org.ua&dtd=219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=90&slotname=9743280908&adk=360469529&adf=4285100924&pi=t.ma~as.9743280908&w=728&lmt=1645815954&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957893&bpp=9&bdt=816&idt=215&shv=r20220223&mjsv=m202202090102&ptt=5&saldr=sa&abxe=1&prev_fmts=730x280%2C336x280%2C0x0%2C730x280&nras=1&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=311&ady=5851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3ZtUIVhGjB&p=https%3A//www.buhoblik.org.ua&dtd=219
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 25 Feb 2022 19:05:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 25 Feb 2022 19:05:56 GMT
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 229F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UpWeEd6BMNgFWp2DYgICAAAABsFJaWxYaHDaccm6EJMoGWLD-e821ZnYpMqHgwAS&wp=YhkolAABmQIIu8NfAALM0fLbct4-M7CzZWMddA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=90&slotname=9743280908&adk=360469529&adf=4285100924&pi=t.ma~as.9743280908&w=728&lmt=1645815954&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957893&bpp=9&bdt=816&idt=215&shv=r20220223&mjsv=m202202090102&ptt=5&saldr=sa&abxe=1&prev_fmts=730x280%2C336x280%2C0x0%2C730x280&nras=1&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=311&ady=5851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3ZtUIVhGjB&p=https%3A//www.buhoblik.org.ua&dtd=219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:55 GMT
server
Kestrel
server-processing-duration-in-ticks
288590
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 3D8E 		46 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABmQIIu8NfAALM0fLbct4-M7CzZWMddA&u=%7C9DNl%2FNZD8EyNOGVwg6M2WiyzYZo5AMliUbETLwrTBNI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyJQ-FXRqPyq_frWmxVPsqVQikP_PbXujY_bGBb7fEvHRTcC2JfUtYOXYOedQiceZrU4AY8pI9pGqygzZaFq159l_vVf0Zw_B2uJ7EP7FZIEkrSBQKsA5cWvRQ8PSRtDnKWSM3qf6N1vAukp2qbyyDZAtxTO-Xkem-MT4pSdOfh45aqS-8F8mP8kpibcKTEpq6h4f8fHncESJe_VUg7lpoM0dsuhClL8B8NE7eUUJ0X9bnMMPlS1DIJ74TchZZuCzgpF11PUu0zTz0GT8cJHW-ax0VwSKm5ijPMuvqe50iBeU7Gxsk9FcgZE-HOep-M8QgyI3FgmwltB6NY6kSOtedwedlydaggNF3Mk3Y3crvU7wbC-hsPqADGfF8rKubhkl1Mw6JxBkKjO0WSYc-sETBHtDtINmPSvC2Y_HylF2IHeyeDwuQxuhfg55VkevgZYq4blFfwpzdnAD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrOkmlCgZYoKyBt-G7_UP0ZmL8ALJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTkAU_QzvP4NIz3BxeivR_1-3Wf25yxk-kU45D6T86jtHoLo3LmtvAfJ--L3TzUwiSKOBNcIos7mM24HkGQrSZ7p4Dqwl82UJqSst3zLQEQSMmStYcrBBKD0xnziFf9eJDtqGYxzBGiX9pMgBr0KSLgj8BOz8Txvt2ly2Xsfimqt4FHi75zy3UVOBQrUvrffLEp6WzRDtLafk_rFWU_AKdYbTjMbVpiLkASnYY5GJsxT6_l6xvRY1KInSEZSmAh1VlAbDQorlgGjJQxzCNKG46Nbpt8MwLZRGybgxxXLStIPVzBwSCh64AGw9-iw_Xd9Yb_AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ox_JaKg4_Nl2AoF-8AtkWlXmD1g%26client%3Dca-pub-5630956766216465%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=90&slotname=9743280908&adk=360469529&adf=4285100924&pi=t.ma~as.9743280908&w=728&lmt=1645815954&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957893&bpp=9&bdt=816&idt=215&shv=r20220223&mjsv=m202202090102&ptt=5&saldr=sa&abxe=1&prev_fmts=730x280%2C336x280%2C0x0%2C730x280&nras=1&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=311&ady=5851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3ZtUIVhGjB&p=https%3A//www.buhoblik.org.ua&dtd=219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
df924700bda8bec99aa5731304e351c07299e5b5df92a6dfedbe857871358cbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=bWoJ5MNjIKp-27jdju-HOLRdt65EQ2Ng-0HJxZ0nVgGgyffgDfIdKWnMoDm86iibfYgZ8qI4E9TX3hoO_EuJt9DN8WH-W3cZ00wVFSymgjpG_yRT7tYyhu3dzAHta-JWVnjiew9bHoiiNboGxu9bZDgfAAmrFOCA3pb07G4oPUaH-xk8E51XnYIPJJJJBk2lS0PN8J2AM59JNcObNkuOn1cDryWqtVzwBC5Sua7WuEl0FMjjzSbOu0jjCdalo70SVTQHuQ"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
4416881
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
css
fonts.googleapis.com/ Frame 169C 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645815954&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957821&bpp=2&bdt=744&idt=234&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vsTZsVWvho&p=https%3A//www.buhoblik.org.ua&dtd=238
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e114394d6b0349144b28d679b6c44fcadbcab634789db73b84ca6e4b55c61dc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Feb 2022 18:17:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 25 Feb 2022 19:05:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Feb 2022 19:05:56 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 169C 		2 KB
984 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645815954&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957821&bpp=2&bdt=744&idt=234&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vsTZsVWvho&p=https%3A//www.buhoblik.org.ua&dtd=238
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:00:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
340
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 19:00:16 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 169C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CDZNNlCgZYtT3BY6f7_UPk46syAKL84bSaKmfiKSdD-eJhIbnDxABIOfk8hZglQKgAbbdv9ECyAEBqQLU2S1G4N2yPqgDAcgDywSqBPYBT9DQkzsVzZ8BeeaQVO9N4F-ONX8UEJgSKTklzrRQX3K0gPpY4bosMNrb1r0YhpFa4THcehTZmDJSAMCy5_TEpZxkIahlYJPhZPQIzwLU5B4f69ibNIjRHV17EPgwu6SVtww6YWp0kamdA7UqtvzE-31-uYHLVBo_9wb2JuJ2LXyGWRNmo5UOx91IOmsfQYyYyYTBFVjfEHiNIkcNvfTynICDl8nGRWTbJfMLKfPdjsKf-OZ1ONSLrrVbuUurHdeE_4-peU_0LW0QVtu7K3PgM5CIXQ_yuL-fcL_ypt2Jbre_80kGf6fURJcZNDrEmVa5e0HsM_y_wAS67u-E9wOIBdKlyIs9kgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi7YBgKAB7KiwK4BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQ6nWgCOQRsAgC0ggJCIDhgBAQARgfgAoByAsBuBOdJ9gTAoIUFRoTd3d3LmJ1aG9ibGlrLm9yZy51YdAVAYAXAbIXHAoaCAASFHB1Yi01NjMwOTU2NzY2MjE2NDY1GAA&sigh=6ZUKWARORvM&uach_m=[UACH]&template_id=5021
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645815954&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957821&bpp=2&bdt=744&idt=234&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vsTZsVWvho&p=https%3A//www.buhoblik.org.ua&dtd=238
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645815954&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957821&bpp=2&bdt=744&idt=234&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vsTZsVWvho&p=https%3A//www.buhoblik.org.ua&dtd=238
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 25 Feb 2022 19:05:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 25 Feb 2022 19:05:56 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/ Frame 169C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645815954&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957821&bpp=2&bdt=744&idt=234&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vsTZsVWvho&p=https%3A//www.buhoblik.org.ua&dtd=238
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f328f4ae2fe983386843cc07db0af78c5fe9fa5ae67812f80062d5baa0e61047
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:02:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7875
x-xss-protection
0
server
cafe
etag
9606807595520751986
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 19:02:24 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/17116218171329320318/ Frame 169C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17116218171329320318/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645815954&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957821&bpp=2&bdt=744&idt=234&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vsTZsVWvho&p=https%3A//www.buhoblik.org.ua&dtd=238
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7720e800816b4a0252763ebfe9df86db00185b67657b87c2d0c8096023e1c93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 24 Feb 2022 14:58:09 GMT
x-content-type-options
nosniff
age
101267
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4222
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 12:55:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 24 Feb 2023 14:58:09 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/11924268426403454854/ Frame 169C 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11924268426403454854/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645815954&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957821&bpp=2&bdt=744&idt=234&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vsTZsVWvho&p=https%3A//www.buhoblik.org.ua&dtd=238
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2655e4b9178a58fcc8f24db4f58c58a80a4825f7a4819f8d3e162fc91fd6efbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Thu, 24 Feb 2022 15:26:45 GMT
x-content-type-options
nosniff
age
99551
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31694
x-xss-protection
0
last-modified
Fri, 04 Dec 2020 07:51:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 24 Feb 2023 15:26:45 GMT
truncated
/ Frame 169C 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8e9dc9ff0e6bac845dc13ae72500cd84a2cb5c09e14a51a20f37e3a35b26c5a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 169C 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type
image/svg+xml
ev_prebid.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=DE&am-uid=c9946af36a2a46eb98a9c9f5e1815abe&zone=DAB6BE62-B1E7-4D05-A12C-0A70B3291504&device=6&rule=A115463E-E95D-4D45-91E3-2BE636EF4375&requestId=43fccb8f-f568-46f7-b635-c8df21bb3f0e&hp=-967666016&page=www.buhoblik.org.ua%2F&segments=496%2C2%2C6&ts=637814127562176286&ap=MA%3D%3D&asign=-903884433&sync=80%2C3%2C98%2C96&bt=3&carr=Core-Backbone&connt=1&devt=4&isapp=0&os=Android&osv=11&adtype=0&extpubid=1A4D80BD-B81F-427C-A6F6-12DD363AA495&inst=ADS-EU-7&pxl=0&pvid=3f9b07a3-d8cb-4f9b-b2ab-54d9ab665f38&ip=82.199.130.41&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&isopt=0&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 25 Feb 2022 19:05:56 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 169C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645815954&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957821&bpp=2&bdt=744&idt=234&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vsTZsVWvho&p=https%3A//www.buhoblik.org.ua&dtd=238
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:00:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
340
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 19:00:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 169C 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645815954&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957821&bpp=2&bdt=744&idt=234&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vsTZsVWvho&p=https%3A//www.buhoblik.org.ua&dtd=238
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38829
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645619776399499"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 25 Feb 2022 19:05:56 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 169C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645815954&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957821&bpp=2&bdt=744&idt=234&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vsTZsVWvho&p=https%3A//www.buhoblik.org.ua&dtd=238
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:03:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6434
x-xss-protection
0
server
cafe
etag
16791967082338318403
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 19:03:59 GMT
638238a1c081a92848b457a11fb7df3a.js
www.gstatic.com/mysidia/ Frame 169C 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/638238a1c081a92848b457a11fb7df3a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645815954&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957821&bpp=2&bdt=744&idt=234&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vsTZsVWvho&p=https%3A//www.buhoblik.org.ua&dtd=238
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 23 Feb 2022 11:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201721
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11768
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 15:01:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 24 May 2022 11:03:55 GMT
truncated
/ Frame 14BD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d49d19615523e1f1c471ed886c0580af7a1ced862c588cccdbea5589d31a5acb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type
image/png
sync.html
s.adtelligent.com/ Frame B7F7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
46f8f0467866bd42499166befd0405d7aa79804d7c6e6811127737ea3edacf11

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/sync.html?aid=707176

Response headers

Server
Adtelligent
Date
Fri, 25 Feb 2022 19:05:56 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
1067
Access-Control-Allow-Origin
https://s.adtelligent.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
/
ads.us.e-planning.net/uspd/1/ Frame 2BEA
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
8a71d1d3969b52863691197945e25159d7171b948524d9b9c224395dd6676b2e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/

Response headers

server
openresty
date
Fri, 25 Feb 2022 19:05:56 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Fri, 25 Feb 2022 19:05:56 GMT
x-sid
AMS-739
content-encoding
gzip

Redirect headers

server
openresty
date
Fri, 25 Feb 2022 19:05:56 GMT
content-type
text/html; charset=iso-8859-1
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
x-sid
AMS-739
d
ic.tynt.com/r/ Frame 8D28 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/

Response headers

server
nginx/1.16.1
date
Fri, 25 Feb 2022 19:05:56 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
csync
sync.adtelligent.com/ Frame B4BE
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=d6bccc13-2e1b-48a5-84c9-7d5b6db90a98
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=d6bccc13-2e1b-48a5-84c9-7d5b6db90a98
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/

Response headers

Server
VertaMedia 1.0
Date
Fri, 25 Feb 2022 19:05:57 GMT
Content-Length
0
Etag
cceba9e670db1a97

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=d6bccc13-2e1b-48a5-84c9-7d5b6db90a98
content-length
0
date
Fri, 25 Feb 2022 19:05:56 GMT
server
_
/
onetag-sys.com/usync/ Frame 616C 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
sync.html
s.console.adtarget.com.tr/ Frame 63CD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=712122
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
6cfb1efd2df33497cd72c419b6d3937b1d23e58f355b71f567e1adfdedd818f6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/

Response headers

Server
Adtelligent
Date
Fri, 25 Feb 2022 19:05:56 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
869
Access-Control-Allow-Origin
https://s.adtelligent.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
csync
sync.adtelligent.com/ Frame 1229
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=e5549b9c-f4b0-4f07-90c6-729024194ec2
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=e5549b9c-f4b0-4f07-90c6-729024194ec2
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:06:00 GMT
Server
VertaMedia 1.0
Etag
5e3ca9e6700c1a97
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:56 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=e5549b9c-f4b0-4f07-90c6-729024194ec2
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
m1dhbitit3efhc9cu8m5v0pp0cgjlhp9
csync
sync.adtelligent.com/ Frame 1229
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=c8b42e30-b81e-480d-8bb8-10b5f3898523
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=c8b42e30-b81e-480d-8bb8-10b5f3898523
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:59 GMT
Server
VertaMedia 1.0
Etag
5e3ca9e6700c1a97
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=c8b42e30-b81e-480d-8bb8-10b5f3898523
date
Fri, 25 Feb 2022 19:05:56 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
1px-matching-adtelligent.gif
t.trafmag.com/images/images/ Frame 1229
Redirect Chain
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=cceba9e670db1a97
35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=cceba9e670db1a97
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:59 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

Location
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=cceba9e670db1a97
Date
Fri, 25 Feb 2022 19:05:58 GMT
Server
VertaMedia 1.0
Etag
cceba9e670db1a97
Content-Length
0
csync
sync.adtelligent.com/ Frame 1229
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1177295049587875137
0
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1177295049587875137
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:06:00 GMT
Server
VertaMedia 1.0
Etag
5e3ca9e6700c1a97
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:56 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b5d432c7-694a-4ca6-9c5d-864e7c2bd5ca
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1177295049587875137
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 1229
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=cf1e2b83-7e17-49ff-95d1-db00e3cd37cd
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=cf1e2b83-7e17-49ff-95d1-db00e3cd37cd
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:59 GMT
Server
VertaMedia 1.0
Etag
cceba9e670db1a97
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=cf1e2b83-7e17-49ff-95d1-db00e3cd37cd
date
Fri, 25 Feb 2022 19:05:56 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
pixel
ap.lijit.com/ Frame 1229 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 25 Feb 2022 19:05:56 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
match
dm.hybrid.ai/ Frame 1229 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=186&burl=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D324902%26extuid%3D%24%7BVID%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:56 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
111
x-xss-protection
1; mode=block
expires
-1
csync
sync.adtelligent.com/ Frame 1229
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=c9946af36a2a46eb98a9c9f5e1815abe
0
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=c9946af36a2a46eb98a9c9f5e1815abe
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:06:00 GMT
Server
VertaMedia 1.0
Etag
cceba9e670db1a97
Content-Length
0

Redirect headers

Date
Fri, 25 Feb 2022 19:05:59 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=c9946af36a2a46eb98a9c9f5e1815abe
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 3D8E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABmQIIu8NfAALM0fLbct4-M7CzZWMddA&u=%7C9DNl%2FNZD8EyNOGVwg6M2WiyzYZo5AMliUbETLwrTBNI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyJQ-FXRqPyq_frWmxVPsqVQikP_PbXujY_bGBb7fEvHRTcC2JfUtYOXYOedQiceZrU4AY8pI9pGqygzZaFq159l_vVf0Zw_B2uJ7EP7FZIEkrSBQKsA5cWvRQ8PSRtDnKWSM3qf6N1vAukp2qbyyDZAtxTO-Xkem-MT4pSdOfh45aqS-8F8mP8kpibcKTEpq6h4f8fHncESJe_VUg7lpoM0dsuhClL8B8NE7eUUJ0X9bnMMPlS1DIJ74TchZZuCzgpF11PUu0zTz0GT8cJHW-ax0VwSKm5ijPMuvqe50iBeU7Gxsk9FcgZE-HOep-M8QgyI3FgmwltB6NY6kSOtedwedlydaggNF3Mk3Y3crvU7wbC-hsPqADGfF8rKubhkl1Mw6JxBkKjO0WSYc-sETBHtDtINmPSvC2Y_HylF2IHeyeDwuQxuhfg55VkevgZYq4blFfwpzdnAD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrOkmlCgZYoKyBt-G7_UP0ZmL8ALJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTkAU_QzvP4NIz3BxeivR_1-3Wf25yxk-kU45D6T86jtHoLo3LmtvAfJ--L3TzUwiSKOBNcIos7mM24HkGQrSZ7p4Dqwl82UJqSst3zLQEQSMmStYcrBBKD0xnziFf9eJDtqGYxzBGiX9pMgBr0KSLgj8BOz8Txvt2ly2Xsfimqt4FHi75zy3UVOBQrUvrffLEp6WzRDtLafk_rFWU_AKdYbTjMbVpiLkASnYY5GJsxT6_l6xvRY1KInSEZSmAh1VlAbDQorlgGjJQxzCNKG46Nbpt8MwLZRGybgxxXLStIPVzBwSCh64AGw9-iw_Xd9Yb_AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ox_JaKg4_Nl2AoF-8AtkWlXmD1g%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Feb 2023 19:05:56 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 3D8E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABmQIIu8NfAALM0fLbct4-M7CzZWMddA&u=%7C9DNl%2FNZD8EyNOGVwg6M2WiyzYZo5AMliUbETLwrTBNI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyJQ-FXRqPyq_frWmxVPsqVQikP_PbXujY_bGBb7fEvHRTcC2JfUtYOXYOedQiceZrU4AY8pI9pGqygzZaFq159l_vVf0Zw_B2uJ7EP7FZIEkrSBQKsA5cWvRQ8PSRtDnKWSM3qf6N1vAukp2qbyyDZAtxTO-Xkem-MT4pSdOfh45aqS-8F8mP8kpibcKTEpq6h4f8fHncESJe_VUg7lpoM0dsuhClL8B8NE7eUUJ0X9bnMMPlS1DIJ74TchZZuCzgpF11PUu0zTz0GT8cJHW-ax0VwSKm5ijPMuvqe50iBeU7Gxsk9FcgZE-HOep-M8QgyI3FgmwltB6NY6kSOtedwedlydaggNF3Mk3Y3crvU7wbC-hsPqADGfF8rKubhkl1Mw6JxBkKjO0WSYc-sETBHtDtINmPSvC2Y_HylF2IHeyeDwuQxuhfg55VkevgZYq4blFfwpzdnAD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrOkmlCgZYoKyBt-G7_UP0ZmL8ALJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTkAU_QzvP4NIz3BxeivR_1-3Wf25yxk-kU45D6T86jtHoLo3LmtvAfJ--L3TzUwiSKOBNcIos7mM24HkGQrSZ7p4Dqwl82UJqSst3zLQEQSMmStYcrBBKD0xnziFf9eJDtqGYxzBGiX9pMgBr0KSLgj8BOz8Txvt2ly2Xsfimqt4FHi75zy3UVOBQrUvrffLEp6WzRDtLafk_rFWU_AKdYbTjMbVpiLkASnYY5GJsxT6_l6xvRY1KInSEZSmAh1VlAbDQorlgGjJQxzCNKG46Nbpt8MwLZRGybgxxXLStIPVzBwSCh64AGw9-iw_Xd9Yb_AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ox_JaKg4_Nl2AoF-8AtkWlXmD1g%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Feb 2023 19:05:56 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 3D8E 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABmQIIu8NfAALM0fLbct4-M7CzZWMddA&u=%7C9DNl%2FNZD8EyNOGVwg6M2WiyzYZo5AMliUbETLwrTBNI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyJQ-FXRqPyq_frWmxVPsqVQikP_PbXujY_bGBb7fEvHRTcC2JfUtYOXYOedQiceZrU4AY8pI9pGqygzZaFq159l_vVf0Zw_B2uJ7EP7FZIEkrSBQKsA5cWvRQ8PSRtDnKWSM3qf6N1vAukp2qbyyDZAtxTO-Xkem-MT4pSdOfh45aqS-8F8mP8kpibcKTEpq6h4f8fHncESJe_VUg7lpoM0dsuhClL8B8NE7eUUJ0X9bnMMPlS1DIJ74TchZZuCzgpF11PUu0zTz0GT8cJHW-ax0VwSKm5ijPMuvqe50iBeU7Gxsk9FcgZE-HOep-M8QgyI3FgmwltB6NY6kSOtedwedlydaggNF3Mk3Y3crvU7wbC-hsPqADGfF8rKubhkl1Mw6JxBkKjO0WSYc-sETBHtDtINmPSvC2Y_HylF2IHeyeDwuQxuhfg55VkevgZYq4blFfwpzdnAD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrOkmlCgZYoKyBt-G7_UP0ZmL8ALJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTkAU_QzvP4NIz3BxeivR_1-3Wf25yxk-kU45D6T86jtHoLo3LmtvAfJ--L3TzUwiSKOBNcIos7mM24HkGQrSZ7p4Dqwl82UJqSst3zLQEQSMmStYcrBBKD0xnziFf9eJDtqGYxzBGiX9pMgBr0KSLgj8BOz8Txvt2ly2Xsfimqt4FHi75zy3UVOBQrUvrffLEp6WzRDtLafk_rFWU_AKdYbTjMbVpiLkASnYY5GJsxT6_l6xvRY1KInSEZSmAh1VlAbDQorlgGjJQxzCNKG46Nbpt8MwLZRGybgxxXLStIPVzBwSCh64AGw9-iw_Xd9Yb_AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ox_JaKg4_Nl2AoF-8AtkWlXmD1g%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 20 Feb 2023 19:05:56 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 3D8E 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABmQIIu8NfAALM0fLbct4-M7CzZWMddA&u=%7C9DNl%2FNZD8EyNOGVwg6M2WiyzYZo5AMliUbETLwrTBNI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyJQ-FXRqPyq_frWmxVPsqVQikP_PbXujY_bGBb7fEvHRTcC2JfUtYOXYOedQiceZrU4AY8pI9pGqygzZaFq159l_vVf0Zw_B2uJ7EP7FZIEkrSBQKsA5cWvRQ8PSRtDnKWSM3qf6N1vAukp2qbyyDZAtxTO-Xkem-MT4pSdOfh45aqS-8F8mP8kpibcKTEpq6h4f8fHncESJe_VUg7lpoM0dsuhClL8B8NE7eUUJ0X9bnMMPlS1DIJ74TchZZuCzgpF11PUu0zTz0GT8cJHW-ax0VwSKm5ijPMuvqe50iBeU7Gxsk9FcgZE-HOep-M8QgyI3FgmwltB6NY6kSOtedwedlydaggNF3Mk3Y3crvU7wbC-hsPqADGfF8rKubhkl1Mw6JxBkKjO0WSYc-sETBHtDtINmPSvC2Y_HylF2IHeyeDwuQxuhfg55VkevgZYq4blFfwpzdnAD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrOkmlCgZYoKyBt-G7_UP0ZmL8ALJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTkAU_QzvP4NIz3BxeivR_1-3Wf25yxk-kU45D6T86jtHoLo3LmtvAfJ--L3TzUwiSKOBNcIos7mM24HkGQrSZ7p4Dqwl82UJqSst3zLQEQSMmStYcrBBKD0xnziFf9eJDtqGYxzBGiX9pMgBr0KSLgj8BOz8Txvt2ly2Xsfimqt4FHi75zy3UVOBQrUvrffLEp6WzRDtLafk_rFWU_AKdYbTjMbVpiLkASnYY5GJsxT6_l6xvRY1KInSEZSmAh1VlAbDQorlgGjJQxzCNKG46Nbpt8MwLZRGybgxxXLStIPVzBwSCh64AGw9-iw_Xd9Yb_AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ox_JaKg4_Nl2AoF-8AtkWlXmD1g%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Mon, 20 Feb 2023 19:05:56 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 3D8E 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=rTeSQpcMeAjcHJvr0l5DbSBOiB5QOJF77OiURcM3X313MI5Vzm9u41QmPx2HZD1ZaIxWpVqoR8n1MGg2IBVTR8yYBeFQDN6Ehd2cpl9Kt6bonC0fX24qPKidqqGbRp3A3RUJ_dee30U_or2Psfl06fM8_iGNEYmsXglY6OLNPomyXdf2wk4kDhDHthsm1bUqzpCnFhFnW-FL1FBOHu82dzASZoYataS3jgXILDmIIt_ARU_oZHUMilbrKKPVmWLKSoNODJ9yH96WEo0df-SX2hK0E4ltY7biEEMX6aGLyvIxaBICfSFaZW0gMd4j4JyTWQt1IoOnJwiR2s5TPoPUzV7z5KSQRtG93NNR8X2FYFmmtgMUJ2LuB97-ZBVXNlfFY_zmCdltC56DdXuDtOS3odwxinudAC51lPAz_hV1OBXZIyfrEjkhqUdxH3ik7-_2m-EleA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABmQIIu8NfAALM0fLbct4-M7CzZWMddA&u=%7C9DNl%2FNZD8EyNOGVwg6M2WiyzYZo5AMliUbETLwrTBNI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyJQ-FXRqPyq_frWmxVPsqVQikP_PbXujY_bGBb7fEvHRTcC2JfUtYOXYOedQiceZrU4AY8pI9pGqygzZaFq159l_vVf0Zw_B2uJ7EP7FZIEkrSBQKsA5cWvRQ8PSRtDnKWSM3qf6N1vAukp2qbyyDZAtxTO-Xkem-MT4pSdOfh45aqS-8F8mP8kpibcKTEpq6h4f8fHncESJe_VUg7lpoM0dsuhClL8B8NE7eUUJ0X9bnMMPlS1DIJ74TchZZuCzgpF11PUu0zTz0GT8cJHW-ax0VwSKm5ijPMuvqe50iBeU7Gxsk9FcgZE-HOep-M8QgyI3FgmwltB6NY6kSOtedwedlydaggNF3Mk3Y3crvU7wbC-hsPqADGfF8rKubhkl1Mw6JxBkKjO0WSYc-sETBHtDtINmPSvC2Y_HylF2IHeyeDwuQxuhfg55VkevgZYq4blFfwpzdnAD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrOkmlCgZYoKyBt-G7_UP0ZmL8ALJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTkAU_QzvP4NIz3BxeivR_1-3Wf25yxk-kU45D6T86jtHoLo3LmtvAfJ--L3TzUwiSKOBNcIos7mM24HkGQrSZ7p4Dqwl82UJqSst3zLQEQSMmStYcrBBKD0xnziFf9eJDtqGYxzBGiX9pMgBr0KSLgj8BOz8Txvt2ly2Xsfimqt4FHi75zy3UVOBQrUvrffLEp6WzRDtLafk_rFWU_AKdYbTjMbVpiLkASnYY5GJsxT6_l6xvRY1KInSEZSmAh1VlAbDQorlgGjJQxzCNKG46Nbpt8MwLZRGybgxxXLStIPVzBwSCh64AGw9-iw_Xd9Yb_AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ox_JaKg4_Nl2AoF-8AtkWlXmD1g%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:56 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3017173
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
d5c3de526d294b0b89f55f174a325055_image_ad_728x90.gif
static.criteo.net/design/dt/88477/210924/ Frame 3D8E 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/88477/210924/d5c3de526d294b0b89f55f174a325055_image_ad_728x90.gif
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABmQIIu8NfAALM0fLbct4-M7CzZWMddA&u=%7C9DNl%2FNZD8EyNOGVwg6M2WiyzYZo5AMliUbETLwrTBNI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyJQ-FXRqPyq_frWmxVPsqVQikP_PbXujY_bGBb7fEvHRTcC2JfUtYOXYOedQiceZrU4AY8pI9pGqygzZaFq159l_vVf0Zw_B2uJ7EP7FZIEkrSBQKsA5cWvRQ8PSRtDnKWSM3qf6N1vAukp2qbyyDZAtxTO-Xkem-MT4pSdOfh45aqS-8F8mP8kpibcKTEpq6h4f8fHncESJe_VUg7lpoM0dsuhClL8B8NE7eUUJ0X9bnMMPlS1DIJ74TchZZuCzgpF11PUu0zTz0GT8cJHW-ax0VwSKm5ijPMuvqe50iBeU7Gxsk9FcgZE-HOep-M8QgyI3FgmwltB6NY6kSOtedwedlydaggNF3Mk3Y3crvU7wbC-hsPqADGfF8rKubhkl1Mw6JxBkKjO0WSYc-sETBHtDtINmPSvC2Y_HylF2IHeyeDwuQxuhfg55VkevgZYq4blFfwpzdnAD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrOkmlCgZYoKyBt-G7_UP0ZmL8ALJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTkAU_QzvP4NIz3BxeivR_1-3Wf25yxk-kU45D6T86jtHoLo3LmtvAfJ--L3TzUwiSKOBNcIos7mM24HkGQrSZ7p4Dqwl82UJqSst3zLQEQSMmStYcrBBKD0xnziFf9eJDtqGYxzBGiX9pMgBr0KSLgj8BOz8Txvt2ly2Xsfimqt4FHi75zy3UVOBQrUvrffLEp6WzRDtLafk_rFWU_AKdYbTjMbVpiLkASnYY5GJsxT6_l6xvRY1KInSEZSmAh1VlAbDQorlgGjJQxzCNKG46Nbpt8MwLZRGybgxxXLStIPVzBwSCh64AGw9-iw_Xd9Yb_AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ox_JaKg4_Nl2AoF-8AtkWlXmD1g%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
7d11b40d79fdc071dec110e88bc6fbd99e832b197180d0c9515cc8f99603c29c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
last-modified
Fri, 24 Sep 2021 19:25:24 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"614e2624-14847"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
84039
expires
Mon, 20 Feb 2023 19:05:56 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame E3C5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABkS8Iu8pcAAVzrQ5a-oSaJ1_JgO8ZYg&u=%7C9DNl%2FNZD8EwjI%2FPvYlUzI9T2KYJvsER74BBhRFSCPjQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxmKns7mQVDO43o3WyRS9RBeklJ1OOpQ44wZOWNyASwR77FacyA5dO-6hAJeff7TTFuH77gxU6ZcIHX_RSRnc2Vnvr7_4_7jf2oC6ojf-YuFne3mUFiQm8mhN0Yz7ociZyCg-dFoJ6w9zQOnQIUw8VF_5mS2bjgaQS6oFO6e66Pkl068K005ljAnAi2JKEoNw0sIp_7hIXb105l9NkrUloaOOVbaOiIUOGnP69Uy3ywPfY4Zs04qGBSgpOin617pFwB0rJ-pARt_b3fH0PP_ksNh9T7XbbeUoE1fkJuNmqC0DtELOTWalhiKIAzG8ue5OGUTDDMMBvvSH0rVLVbViEk5x58HQHo3y2dkC5t903AsD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXvjslCgZYq-iBtyU7_UPreeVgAPJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTgAU_QHUPWBuFEnxw0wKviLJAwPumTYp-VLRFnp4_OF_Njgdl98K2D_RmWNB6OUQSxIsxDD-wZpDBHlHLvsE1JJLXB5SJCBN-cd9x0HmZj5YtHJn1AYXTF5od2fk5JMuSOrbsulw4g2nwW3Mq7sSr73Icpc0PE06LJNcAPdrPViUpnXzbBFpJqaaIU3dvWSbXaUr239_PEMQrCWufEtpEiV7-yo7J3k1y0B3xmLjGL-v81w44rfBMjPMjaka_c4t4ycdLDeFHhl3e8fh3R993QOQ4YoHTis9YYew4nToirj-3CgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_08xzuAhvtDMHtRyrU0O4mBIFu4yw%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Feb 2023 19:05:56 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame E3C5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABkS8Iu8pcAAVzrQ5a-oSaJ1_JgO8ZYg&u=%7C9DNl%2FNZD8EwjI%2FPvYlUzI9T2KYJvsER74BBhRFSCPjQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxmKns7mQVDO43o3WyRS9RBeklJ1OOpQ44wZOWNyASwR77FacyA5dO-6hAJeff7TTFuH77gxU6ZcIHX_RSRnc2Vnvr7_4_7jf2oC6ojf-YuFne3mUFiQm8mhN0Yz7ociZyCg-dFoJ6w9zQOnQIUw8VF_5mS2bjgaQS6oFO6e66Pkl068K005ljAnAi2JKEoNw0sIp_7hIXb105l9NkrUloaOOVbaOiIUOGnP69Uy3ywPfY4Zs04qGBSgpOin617pFwB0rJ-pARt_b3fH0PP_ksNh9T7XbbeUoE1fkJuNmqC0DtELOTWalhiKIAzG8ue5OGUTDDMMBvvSH0rVLVbViEk5x58HQHo3y2dkC5t903AsD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXvjslCgZYq-iBtyU7_UPreeVgAPJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTgAU_QHUPWBuFEnxw0wKviLJAwPumTYp-VLRFnp4_OF_Njgdl98K2D_RmWNB6OUQSxIsxDD-wZpDBHlHLvsE1JJLXB5SJCBN-cd9x0HmZj5YtHJn1AYXTF5od2fk5JMuSOrbsulw4g2nwW3Mq7sSr73Icpc0PE06LJNcAPdrPViUpnXzbBFpJqaaIU3dvWSbXaUr239_PEMQrCWufEtpEiV7-yo7J3k1y0B3xmLjGL-v81w44rfBMjPMjaka_c4t4ycdLDeFHhl3e8fh3R993QOQ4YoHTis9YYew4nToirj-3CgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_08xzuAhvtDMHtRyrU0O4mBIFu4yw%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Feb 2023 19:05:56 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame E3C5 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABkS8Iu8pcAAVzrQ5a-oSaJ1_JgO8ZYg&u=%7C9DNl%2FNZD8EwjI%2FPvYlUzI9T2KYJvsER74BBhRFSCPjQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxmKns7mQVDO43o3WyRS9RBeklJ1OOpQ44wZOWNyASwR77FacyA5dO-6hAJeff7TTFuH77gxU6ZcIHX_RSRnc2Vnvr7_4_7jf2oC6ojf-YuFne3mUFiQm8mhN0Yz7ociZyCg-dFoJ6w9zQOnQIUw8VF_5mS2bjgaQS6oFO6e66Pkl068K005ljAnAi2JKEoNw0sIp_7hIXb105l9NkrUloaOOVbaOiIUOGnP69Uy3ywPfY4Zs04qGBSgpOin617pFwB0rJ-pARt_b3fH0PP_ksNh9T7XbbeUoE1fkJuNmqC0DtELOTWalhiKIAzG8ue5OGUTDDMMBvvSH0rVLVbViEk5x58HQHo3y2dkC5t903AsD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXvjslCgZYq-iBtyU7_UPreeVgAPJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTgAU_QHUPWBuFEnxw0wKviLJAwPumTYp-VLRFnp4_OF_Njgdl98K2D_RmWNB6OUQSxIsxDD-wZpDBHlHLvsE1JJLXB5SJCBN-cd9x0HmZj5YtHJn1AYXTF5od2fk5JMuSOrbsulw4g2nwW3Mq7sSr73Icpc0PE06LJNcAPdrPViUpnXzbBFpJqaaIU3dvWSbXaUr239_PEMQrCWufEtpEiV7-yo7J3k1y0B3xmLjGL-v81w44rfBMjPMjaka_c4t4ycdLDeFHhl3e8fh3R993QOQ4YoHTis9YYew4nToirj-3CgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_08xzuAhvtDMHtRyrU0O4mBIFu4yw%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 20 Feb 2023 19:05:56 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame E3C5 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABkS8Iu8pcAAVzrQ5a-oSaJ1_JgO8ZYg&u=%7C9DNl%2FNZD8EwjI%2FPvYlUzI9T2KYJvsER74BBhRFSCPjQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxmKns7mQVDO43o3WyRS9RBeklJ1OOpQ44wZOWNyASwR77FacyA5dO-6hAJeff7TTFuH77gxU6ZcIHX_RSRnc2Vnvr7_4_7jf2oC6ojf-YuFne3mUFiQm8mhN0Yz7ociZyCg-dFoJ6w9zQOnQIUw8VF_5mS2bjgaQS6oFO6e66Pkl068K005ljAnAi2JKEoNw0sIp_7hIXb105l9NkrUloaOOVbaOiIUOGnP69Uy3ywPfY4Zs04qGBSgpOin617pFwB0rJ-pARt_b3fH0PP_ksNh9T7XbbeUoE1fkJuNmqC0DtELOTWalhiKIAzG8ue5OGUTDDMMBvvSH0rVLVbViEk5x58HQHo3y2dkC5t903AsD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXvjslCgZYq-iBtyU7_UPreeVgAPJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTgAU_QHUPWBuFEnxw0wKviLJAwPumTYp-VLRFnp4_OF_Njgdl98K2D_RmWNB6OUQSxIsxDD-wZpDBHlHLvsE1JJLXB5SJCBN-cd9x0HmZj5YtHJn1AYXTF5od2fk5JMuSOrbsulw4g2nwW3Mq7sSr73Icpc0PE06LJNcAPdrPViUpnXzbBFpJqaaIU3dvWSbXaUr239_PEMQrCWufEtpEiV7-yo7J3k1y0B3xmLjGL-v81w44rfBMjPMjaka_c4t4ycdLDeFHhl3e8fh3R993QOQ4YoHTis9YYew4nToirj-3CgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_08xzuAhvtDMHtRyrU0O4mBIFu4yw%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Mon, 20 Feb 2023 19:05:56 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame E3C5 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=JYcuSQHbIRnoGeKlU3uCLY8ITtMd6bFT3nCyv5vXXh1XXFEUL8g3df6IOS73ftcDn1ba3NbLIMjaHi7TMEE6i29sHOKyDVeFEDUWQ8BqRy0eXwZmifvW02yQPbG2VM6guxoAWVcTl7tEEw1nZB7U73oF63tVzH9Ex1QNC03fZL-uwTomBoM37Li9MizuaMAj6m5G2Klivz-99tEcwLIO_2aYlspzcYK8Gf_eT4vDnnRDK2VigJhKlcNfQ4WjVD04BkpT-4MXMFaoNGSY56l6bBF9T4ILPdwWi4EsNcqFceeuze-5r2U-uXKAnxGYcMD6GsIbegnkGGg3-2zI_T6PegLqa2JjgM0BMxKLHAdHY4xcPbwCZdCmlshBAp8rFwCBHTkP1GVZCCLfM3rfIUGBIYLu92iE3JTn6f4_YuIZ3ImM6626pauCuY8ZxwrvUhXtsIRtGQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABkS8Iu8pcAAVzrQ5a-oSaJ1_JgO8ZYg&u=%7C9DNl%2FNZD8EwjI%2FPvYlUzI9T2KYJvsER74BBhRFSCPjQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxmKns7mQVDO43o3WyRS9RBeklJ1OOpQ44wZOWNyASwR77FacyA5dO-6hAJeff7TTFuH77gxU6ZcIHX_RSRnc2Vnvr7_4_7jf2oC6ojf-YuFne3mUFiQm8mhN0Yz7ociZyCg-dFoJ6w9zQOnQIUw8VF_5mS2bjgaQS6oFO6e66Pkl068K005ljAnAi2JKEoNw0sIp_7hIXb105l9NkrUloaOOVbaOiIUOGnP69Uy3ywPfY4Zs04qGBSgpOin617pFwB0rJ-pARt_b3fH0PP_ksNh9T7XbbeUoE1fkJuNmqC0DtELOTWalhiKIAzG8ue5OGUTDDMMBvvSH0rVLVbViEk5x58HQHo3y2dkC5t903AsD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXvjslCgZYq-iBtyU7_UPreeVgAPJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTgAU_QHUPWBuFEnxw0wKviLJAwPumTYp-VLRFnp4_OF_Njgdl98K2D_RmWNB6OUQSxIsxDD-wZpDBHlHLvsE1JJLXB5SJCBN-cd9x0HmZj5YtHJn1AYXTF5od2fk5JMuSOrbsulw4g2nwW3Mq7sSr73Icpc0PE06LJNcAPdrPViUpnXzbBFpJqaaIU3dvWSbXaUr239_PEMQrCWufEtpEiV7-yo7J3k1y0B3xmLjGL-v81w44rfBMjPMjaka_c4t4ycdLDeFHhl3e8fh3R993QOQ4YoHTis9YYew4nToirj-3CgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_08xzuAhvtDMHtRyrU0O4mBIFu4yw%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:56 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3093169
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
all
csm.eu.criteo.net/ Frame 3D8E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=bWoJ5MNjIKp-27jdju-HOLRdt65EQ2Ng-0HJxZ0nVgGgyffgDfIdKWnMoDm86iibfYgZ8qI4E9TX3hoO_EuJt9DN8WH-W3cZ00wVFSymgjpG_yRT7tYyhu3dzAHta-JWVnjiew9bHoiiNboGxu9bZDgfAAmrFOCA3pb07G4oPUaH-xk8E51XnYIPJJJJBk2lS0PN8J2AM59JNcObNkuOn1cDryWqtVzwBC5Sua7WuEl0FMjjzSbOu0jjCdalo70SVTQHuQ&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABmQIIu8NfAALM0fLbct4-M7CzZWMddA&u=%7C9DNl%2FNZD8EyNOGVwg6M2WiyzYZo5AMliUbETLwrTBNI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyJQ-FXRqPyq_frWmxVPsqVQikP_PbXujY_bGBb7fEvHRTcC2JfUtYOXYOedQiceZrU4AY8pI9pGqygzZaFq159l_vVf0Zw_B2uJ7EP7FZIEkrSBQKsA5cWvRQ8PSRtDnKWSM3qf6N1vAukp2qbyyDZAtxTO-Xkem-MT4pSdOfh45aqS-8F8mP8kpibcKTEpq6h4f8fHncESJe_VUg7lpoM0dsuhClL8B8NE7eUUJ0X9bnMMPlS1DIJ74TchZZuCzgpF11PUu0zTz0GT8cJHW-ax0VwSKm5ijPMuvqe50iBeU7Gxsk9FcgZE-HOep-M8QgyI3FgmwltB6NY6kSOtedwedlydaggNF3Mk3Y3crvU7wbC-hsPqADGfF8rKubhkl1Mw6JxBkKjO0WSYc-sETBHtDtINmPSvC2Y_HylF2IHeyeDwuQxuhfg55VkevgZYq4blFfwpzdnAD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrOkmlCgZYoKyBt-G7_UP0ZmL8ALJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTkAU_QzvP4NIz3BxeivR_1-3Wf25yxk-kU45D6T86jtHoLo3LmtvAfJ--L3TzUwiSKOBNcIos7mM24HkGQrSZ7p4Dqwl82UJqSst3zLQEQSMmStYcrBBKD0xnziFf9eJDtqGYxzBGiX9pMgBr0KSLgj8BOz8Txvt2ly2Xsfimqt4FHi75zy3UVOBQrUvrffLEp6WzRDtLafk_rFWU_AKdYbTjMbVpiLkASnYY5GJsxT6_l6xvRY1KInSEZSmAh1VlAbDQorlgGjJQxzCNKG46Nbpt8MwLZRGybgxxXLStIPVzBwSCh64AGw9-iw_Xd9Yb_AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ox_JaKg4_Nl2AoF-8AtkWlXmD1g%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 25 Feb 2022 19:05:56 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3D8E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABmQIIu8NfAALM0fLbct4-M7CzZWMddA&u=%7C9DNl%2FNZD8EyNOGVwg6M2WiyzYZo5AMliUbETLwrTBNI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyJQ-FXRqPyq_frWmxVPsqVQikP_PbXujY_bGBb7fEvHRTcC2JfUtYOXYOedQiceZrU4AY8pI9pGqygzZaFq159l_vVf0Zw_B2uJ7EP7FZIEkrSBQKsA5cWvRQ8PSRtDnKWSM3qf6N1vAukp2qbyyDZAtxTO-Xkem-MT4pSdOfh45aqS-8F8mP8kpibcKTEpq6h4f8fHncESJe_VUg7lpoM0dsuhClL8B8NE7eUUJ0X9bnMMPlS1DIJ74TchZZuCzgpF11PUu0zTz0GT8cJHW-ax0VwSKm5ijPMuvqe50iBeU7Gxsk9FcgZE-HOep-M8QgyI3FgmwltB6NY6kSOtedwedlydaggNF3Mk3Y3crvU7wbC-hsPqADGfF8rKubhkl1Mw6JxBkKjO0WSYc-sETBHtDtINmPSvC2Y_HylF2IHeyeDwuQxuhfg55VkevgZYq4blFfwpzdnAD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrOkmlCgZYoKyBt-G7_UP0ZmL8ALJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTkAU_QzvP4NIz3BxeivR_1-3Wf25yxk-kU45D6T86jtHoLo3LmtvAfJ--L3TzUwiSKOBNcIos7mM24HkGQrSZ7p4Dqwl82UJqSst3zLQEQSMmStYcrBBKD0xnziFf9eJDtqGYxzBGiX9pMgBr0KSLgj8BOz8Txvt2ly2Xsfimqt4FHi75zy3UVOBQrUvrffLEp6WzRDtLafk_rFWU_AKdYbTjMbVpiLkASnYY5GJsxT6_l6xvRY1KInSEZSmAh1VlAbDQorlgGjJQxzCNKG46Nbpt8MwLZRGybgxxXLStIPVzBwSCh64AGw9-iw_Xd9Yb_AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ox_JaKg4_Nl2AoF-8AtkWlXmD1g%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Feb 2023 19:05:56 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 3D8E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABmQIIu8NfAALM0fLbct4-M7CzZWMddA&u=%7C9DNl%2FNZD8EyNOGVwg6M2WiyzYZo5AMliUbETLwrTBNI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyJQ-FXRqPyq_frWmxVPsqVQikP_PbXujY_bGBb7fEvHRTcC2JfUtYOXYOedQiceZrU4AY8pI9pGqygzZaFq159l_vVf0Zw_B2uJ7EP7FZIEkrSBQKsA5cWvRQ8PSRtDnKWSM3qf6N1vAukp2qbyyDZAtxTO-Xkem-MT4pSdOfh45aqS-8F8mP8kpibcKTEpq6h4f8fHncESJe_VUg7lpoM0dsuhClL8B8NE7eUUJ0X9bnMMPlS1DIJ74TchZZuCzgpF11PUu0zTz0GT8cJHW-ax0VwSKm5ijPMuvqe50iBeU7Gxsk9FcgZE-HOep-M8QgyI3FgmwltB6NY6kSOtedwedlydaggNF3Mk3Y3crvU7wbC-hsPqADGfF8rKubhkl1Mw6JxBkKjO0WSYc-sETBHtDtINmPSvC2Y_HylF2IHeyeDwuQxuhfg55VkevgZYq4blFfwpzdnAD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrOkmlCgZYoKyBt-G7_UP0ZmL8ALJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTkAU_QzvP4NIz3BxeivR_1-3Wf25yxk-kU45D6T86jtHoLo3LmtvAfJ--L3TzUwiSKOBNcIos7mM24HkGQrSZ7p4Dqwl82UJqSst3zLQEQSMmStYcrBBKD0xnziFf9eJDtqGYxzBGiX9pMgBr0KSLgj8BOz8Txvt2ly2Xsfimqt4FHi75zy3UVOBQrUvrffLEp6WzRDtLafk_rFWU_AKdYbTjMbVpiLkASnYY5GJsxT6_l6xvRY1KInSEZSmAh1VlAbDQorlgGjJQxzCNKG46Nbpt8MwLZRGybgxxXLStIPVzBwSCh64AGw9-iw_Xd9Yb_AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ox_JaKg4_Nl2AoF-8AtkWlXmD1g%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Feb 2023 19:05:56 GMT
csync
sync.spotim.market/ Frame 56BA 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FCED 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=76302
expires
Sat, 26 Feb 2022 16:17:38 GMT
date
Fri, 25 Feb 2022 19:05:56 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 1B45
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"40014-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 25 Feb 2022 19:05:57 GMT
vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=17184-d
date
Fri, 25 Feb 2022 19:05:56 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
csync
sync.spotim.market/ Frame C7ED
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D323548%2526extuid%253D%2524UID
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=1177295049587875137
0
0
csync
sync.spotim.market/ Frame B7F7
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D&ox_sc=1
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=
0
0
csync
sync.spotim.market/ Frame B7F7
Redirect Chain
  • https://b1h-apac1.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D509691%26extuid%3D__ZUID__%20
  • https://sync.spotim.market/csync?t=a&ep=509691&extuid=&gdpr=0
0
0
csync
sync.adtelligent.com/ Frame B7F7
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348&partner_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348&partner_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep...
  • https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:06:00 GMT
Server
VertaMedia 1.0
Etag
5e3ca9e6700c1a97
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348
date
Fri, 25 Feb 2022 19:05:57 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
csync
sync.adtelligent.com/ Frame B7F7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YhkolIiGO.verl.gglINwQAA%26668
0
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YhkolIiGO.verl.gglINwQAA%26668
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:59 GMT
Server
VertaMedia 1.0
Etag
5e3ca9e6700c1a97
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YhkolIiGO.verl.gglINwQAA%26668
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
278
Expires
Fri, 25 Feb 2022 19:05:56 GMT
csync
sync.adtelligent.com/ Frame B7F7 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:59 GMT
Server
VertaMedia 1.0
Etag
5e3ca9e6700c1a97
Content-Length
43
Content-Type
image/gif
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame E3C5 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABkS8Iu8pcAAVzrQ5a-oSaJ1_JgO8ZYg&u=%7C9DNl%2FNZD8EwjI%2FPvYlUzI9T2KYJvsER74BBhRFSCPjQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxmKns7mQVDO43o3WyRS9RBeklJ1OOpQ44wZOWNyASwR77FacyA5dO-6hAJeff7TTFuH77gxU6ZcIHX_RSRnc2Vnvr7_4_7jf2oC6ojf-YuFne3mUFiQm8mhN0Yz7ociZyCg-dFoJ6w9zQOnQIUw8VF_5mS2bjgaQS6oFO6e66Pkl068K005ljAnAi2JKEoNw0sIp_7hIXb105l9NkrUloaOOVbaOiIUOGnP69Uy3ywPfY4Zs04qGBSgpOin617pFwB0rJ-pARt_b3fH0PP_ksNh9T7XbbeUoE1fkJuNmqC0DtELOTWalhiKIAzG8ue5OGUTDDMMBvvSH0rVLVbViEk5x58HQHo3y2dkC5t903AsD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXvjslCgZYq-iBtyU7_UPreeVgAPJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTgAU_QHUPWBuFEnxw0wKviLJAwPumTYp-VLRFnp4_OF_Njgdl98K2D_RmWNB6OUQSxIsxDD-wZpDBHlHLvsE1JJLXB5SJCBN-cd9x0HmZj5YtHJn1AYXTF5od2fk5JMuSOrbsulw4g2nwW3Mq7sSr73Icpc0PE06LJNcAPdrPViUpnXzbBFpJqaaIU3dvWSbXaUr239_PEMQrCWufEtpEiV7-yo7J3k1y0B3xmLjGL-v81w44rfBMjPMjaka_c4t4ycdLDeFHhl3e8fh3R993QOQ4YoHTis9YYew4nToirj-3CgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_08xzuAhvtDMHtRyrU0O4mBIFu4yw%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
78031
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhwVVB0%2Fa0iG5zzuw92SFgKHvOoh53l1RcG1IvrGNhaX9JwdnDd8v6Ou8L7YJRQHrYfll0gDr2ugbVfDIwDHGehtcd%2FiKL8QVMP4PXyT4msAxb1S6z07UuDW0xoP101R44iTOa4IItKmPx%2BqwblxXsTS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e3335424a288883-LHR
expires
Wed, 15 Feb 2023 19:05:56 GMT
truncated
/ Frame 229F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c4179f81887adb77b4ed0c03ab4594316179c6fc7e2b78e6958047c2444ade3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8F67 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da8acdf8975a6bcb47b4640db38b3f91bc3a48e7cbf548b830575d491cb6a0cd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type
image/png
animejs.js
static.criteo.net/animejs/ Frame E3C5 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABkS8Iu8pcAAVzrQ5a-oSaJ1_JgO8ZYg&u=%7C9DNl%2FNZD8EwjI%2FPvYlUzI9T2KYJvsER74BBhRFSCPjQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxmKns7mQVDO43o3WyRS9RBeklJ1OOpQ44wZOWNyASwR77FacyA5dO-6hAJeff7TTFuH77gxU6ZcIHX_RSRnc2Vnvr7_4_7jf2oC6ojf-YuFne3mUFiQm8mhN0Yz7ociZyCg-dFoJ6w9zQOnQIUw8VF_5mS2bjgaQS6oFO6e66Pkl068K005ljAnAi2JKEoNw0sIp_7hIXb105l9NkrUloaOOVbaOiIUOGnP69Uy3ywPfY4Zs04qGBSgpOin617pFwB0rJ-pARt_b3fH0PP_ksNh9T7XbbeUoE1fkJuNmqC0DtELOTWalhiKIAzG8ue5OGUTDDMMBvvSH0rVLVbViEk5x58HQHo3y2dkC5t903AsD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXvjslCgZYq-iBtyU7_UPreeVgAPJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTgAU_QHUPWBuFEnxw0wKviLJAwPumTYp-VLRFnp4_OF_Njgdl98K2D_RmWNB6OUQSxIsxDD-wZpDBHlHLvsE1JJLXB5SJCBN-cd9x0HmZj5YtHJn1AYXTF5od2fk5JMuSOrbsulw4g2nwW3Mq7sSr73Icpc0PE06LJNcAPdrPViUpnXzbBFpJqaaIU3dvWSbXaUr239_PEMQrCWufEtpEiV7-yo7J3k1y0B3xmLjGL-v81w44rfBMjPMjaka_c4t4ycdLDeFHhl3e8fh3R993QOQ4YoHTis9YYew4nToirj-3CgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_08xzuAhvtDMHtRyrU0O4mBIFu4yw%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Feb 2023 19:05:56 GMT
truncated
/ Frame 169C 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01385d72237221efb40ab2c23514e20a92ab9c0cd0264e8064f03f0cb941de6d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvbQoi-E.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 169C 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvbQoi-E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f389e83ac014e726db63d9ce25e782501ef88fb2699edead3cc9a0cb6373fce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Tue, 22 Feb 2022 18:09:56 GMT
x-content-type-options
nosniff
age
262560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28260
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 17:55:46 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Feb 2023 18:09:56 GMT
img
pix.eu.criteo.net/img/ Frame E3C5 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=90357&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F90357%2F211115%2F33300702bd0247d48074e3362ef06108_screenshot_2021-11-08_at_12.17.08.png&v=3&w=196&s=cJzrnephzXW9iVv6c44m7p2v
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABkS8Iu8pcAAVzrQ5a-oSaJ1_JgO8ZYg&u=%7C9DNl%2FNZD8EwjI%2FPvYlUzI9T2KYJvsER74BBhRFSCPjQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxmKns7mQVDO43o3WyRS9RBeklJ1OOpQ44wZOWNyASwR77FacyA5dO-6hAJeff7TTFuH77gxU6ZcIHX_RSRnc2Vnvr7_4_7jf2oC6ojf-YuFne3mUFiQm8mhN0Yz7ociZyCg-dFoJ6w9zQOnQIUw8VF_5mS2bjgaQS6oFO6e66Pkl068K005ljAnAi2JKEoNw0sIp_7hIXb105l9NkrUloaOOVbaOiIUOGnP69Uy3ywPfY4Zs04qGBSgpOin617pFwB0rJ-pARt_b3fH0PP_ksNh9T7XbbeUoE1fkJuNmqC0DtELOTWalhiKIAzG8ue5OGUTDDMMBvvSH0rVLVbViEk5x58HQHo3y2dkC5t903AsD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXvjslCgZYq-iBtyU7_UPreeVgAPJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTgAU_QHUPWBuFEnxw0wKviLJAwPumTYp-VLRFnp4_OF_Njgdl98K2D_RmWNB6OUQSxIsxDD-wZpDBHlHLvsE1JJLXB5SJCBN-cd9x0HmZj5YtHJn1AYXTF5od2fk5JMuSOrbsulw4g2nwW3Mq7sSr73Icpc0PE06LJNcAPdrPViUpnXzbBFpJqaaIU3dvWSbXaUr239_PEMQrCWufEtpEiV7-yo7J3k1y0B3xmLjGL-v81w44rfBMjPMjaka_c4t4ycdLDeFHhl3e8fh3R993QOQ4YoHTis9YYew4nToirj-3CgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_08xzuAhvtDMHtRyrU0O4mBIFu4yw%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
fcbc61a1473aea0abbd62eef06b8b7bf34ff9452ea74f6efcfef28a4ac587ff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31078557
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11345
expires
Mon, 20 Feb 2023 12:01:54 GMT
img
pix.eu.criteo.net/img/ Frame E3C5 		156 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1171331-_x600-nocrop.jpg&v=3&w=800&s=-vrMnQbYm_raINbeub3OiLSF&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABkS8Iu8pcAAVzrQ5a-oSaJ1_JgO8ZYg&u=%7C9DNl%2FNZD8EwjI%2FPvYlUzI9T2KYJvsER74BBhRFSCPjQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxmKns7mQVDO43o3WyRS9RBeklJ1OOpQ44wZOWNyASwR77FacyA5dO-6hAJeff7TTFuH77gxU6ZcIHX_RSRnc2Vnvr7_4_7jf2oC6ojf-YuFne3mUFiQm8mhN0Yz7ociZyCg-dFoJ6w9zQOnQIUw8VF_5mS2bjgaQS6oFO6e66Pkl068K005ljAnAi2JKEoNw0sIp_7hIXb105l9NkrUloaOOVbaOiIUOGnP69Uy3ywPfY4Zs04qGBSgpOin617pFwB0rJ-pARt_b3fH0PP_ksNh9T7XbbeUoE1fkJuNmqC0DtELOTWalhiKIAzG8ue5OGUTDDMMBvvSH0rVLVbViEk5x58HQHo3y2dkC5t903AsD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXvjslCgZYq-iBtyU7_UPreeVgAPJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTgAU_QHUPWBuFEnxw0wKviLJAwPumTYp-VLRFnp4_OF_Njgdl98K2D_RmWNB6OUQSxIsxDD-wZpDBHlHLvsE1JJLXB5SJCBN-cd9x0HmZj5YtHJn1AYXTF5od2fk5JMuSOrbsulw4g2nwW3Mq7sSr73Icpc0PE06LJNcAPdrPViUpnXzbBFpJqaaIU3dvWSbXaUr239_PEMQrCWufEtpEiV7-yo7J3k1y0B3xmLjGL-v81w44rfBMjPMjaka_c4t4ycdLDeFHhl3e8fh3R993QOQ4YoHTis9YYew4nToirj-3CgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_08xzuAhvtDMHtRyrU0O4mBIFu4yw%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
51ea27ad151cf652c9c715f857d79788571e9b507aee2d39c650c8c524bd2e72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:54 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31265293
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
159988
expires
Wed, 22 Feb 2023 15:54:08 GMT
img
pix.eu.criteo.net/img/ Frame E3C5 		198 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1183391-_x600-nocrop.jpg&v=3&w=800&s=D60J3BYWg9RG0KoL0-ene5yw&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABkS8Iu8pcAAVzrQ5a-oSaJ1_JgO8ZYg&u=%7C9DNl%2FNZD8EwjI%2FPvYlUzI9T2KYJvsER74BBhRFSCPjQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxmKns7mQVDO43o3WyRS9RBeklJ1OOpQ44wZOWNyASwR77FacyA5dO-6hAJeff7TTFuH77gxU6ZcIHX_RSRnc2Vnvr7_4_7jf2oC6ojf-YuFne3mUFiQm8mhN0Yz7ociZyCg-dFoJ6w9zQOnQIUw8VF_5mS2bjgaQS6oFO6e66Pkl068K005ljAnAi2JKEoNw0sIp_7hIXb105l9NkrUloaOOVbaOiIUOGnP69Uy3ywPfY4Zs04qGBSgpOin617pFwB0rJ-pARt_b3fH0PP_ksNh9T7XbbeUoE1fkJuNmqC0DtELOTWalhiKIAzG8ue5OGUTDDMMBvvSH0rVLVbViEk5x58HQHo3y2dkC5t903AsD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXvjslCgZYq-iBtyU7_UPreeVgAPJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTgAU_QHUPWBuFEnxw0wKviLJAwPumTYp-VLRFnp4_OF_Njgdl98K2D_RmWNB6OUQSxIsxDD-wZpDBHlHLvsE1JJLXB5SJCBN-cd9x0HmZj5YtHJn1AYXTF5od2fk5JMuSOrbsulw4g2nwW3Mq7sSr73Icpc0PE06LJNcAPdrPViUpnXzbBFpJqaaIU3dvWSbXaUr239_PEMQrCWufEtpEiV7-yo7J3k1y0B3xmLjGL-v81w44rfBMjPMjaka_c4t4ycdLDeFHhl3e8fh3R993QOQ4YoHTis9YYew4nToirj-3CgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_08xzuAhvtDMHtRyrU0O4mBIFu4yw%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
07b43331e6b2ecf07b979f066b7246ba0ca5e7d6c6bd3046628045ff72f41ec5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31216291
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
202502
expires
Wed, 22 Feb 2023 02:17:28 GMT
img
pix.eu.criteo.net/img/ Frame E3C5 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1181012-_x600-nocrop.jpg&v=3&w=800&s=RfNDuUlADVi4_mqkT2Ep2ty3&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABkS8Iu8pcAAVzrQ5a-oSaJ1_JgO8ZYg&u=%7C9DNl%2FNZD8EwjI%2FPvYlUzI9T2KYJvsER74BBhRFSCPjQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxmKns7mQVDO43o3WyRS9RBeklJ1OOpQ44wZOWNyASwR77FacyA5dO-6hAJeff7TTFuH77gxU6ZcIHX_RSRnc2Vnvr7_4_7jf2oC6ojf-YuFne3mUFiQm8mhN0Yz7ociZyCg-dFoJ6w9zQOnQIUw8VF_5mS2bjgaQS6oFO6e66Pkl068K005ljAnAi2JKEoNw0sIp_7hIXb105l9NkrUloaOOVbaOiIUOGnP69Uy3ywPfY4Zs04qGBSgpOin617pFwB0rJ-pARt_b3fH0PP_ksNh9T7XbbeUoE1fkJuNmqC0DtELOTWalhiKIAzG8ue5OGUTDDMMBvvSH0rVLVbViEk5x58HQHo3y2dkC5t903AsD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXvjslCgZYq-iBtyU7_UPreeVgAPJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTgAU_QHUPWBuFEnxw0wKviLJAwPumTYp-VLRFnp4_OF_Njgdl98K2D_RmWNB6OUQSxIsxDD-wZpDBHlHLvsE1JJLXB5SJCBN-cd9x0HmZj5YtHJn1AYXTF5od2fk5JMuSOrbsulw4g2nwW3Mq7sSr73Icpc0PE06LJNcAPdrPViUpnXzbBFpJqaaIU3dvWSbXaUr239_PEMQrCWufEtpEiV7-yo7J3k1y0B3xmLjGL-v81w44rfBMjPMjaka_c4t4ycdLDeFHhl3e8fh3R993QOQ4YoHTis9YYew4nToirj-3CgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_08xzuAhvtDMHtRyrU0O4mBIFu4yw%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9dcf84784d9d584b2f4a3a244fd4124d6939bf424150c01b5e038f055b54b833
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31241582
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
115898
expires
Wed, 22 Feb 2023 09:18:59 GMT
all
csm.eu.criteo.net/ Frame E3C5 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=YUyyncNjIKp-27jdJ90YJwsuWIJ7TE8SFKDOOYggrTv_DDc4ex3lqBLcCbZf8J4LWaZx65Z49gBvOdcMU_ekF2i8UXwBAB8h5H_xKdwHCx934VCmFr-mP3o5r-L6lRz__O7f3ciyvWCu5ulW4eilmWg8o8Ny43ec_mymEa7EpEXGMaFjjT7C9UisesplXXyMaYLNeotvEnl7h3iXSuXskpxSLwkmA3tBvZbQOEGvfjlT_kteTjeTnNMo5dt-EdnLiihxYg&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABkS8Iu8pcAAVzrQ5a-oSaJ1_JgO8ZYg&u=%7C9DNl%2FNZD8EwjI%2FPvYlUzI9T2KYJvsER74BBhRFSCPjQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxmKns7mQVDO43o3WyRS9RBeklJ1OOpQ44wZOWNyASwR77FacyA5dO-6hAJeff7TTFuH77gxU6ZcIHX_RSRnc2Vnvr7_4_7jf2oC6ojf-YuFne3mUFiQm8mhN0Yz7ociZyCg-dFoJ6w9zQOnQIUw8VF_5mS2bjgaQS6oFO6e66Pkl068K005ljAnAi2JKEoNw0sIp_7hIXb105l9NkrUloaOOVbaOiIUOGnP69Uy3ywPfY4Zs04qGBSgpOin617pFwB0rJ-pARt_b3fH0PP_ksNh9T7XbbeUoE1fkJuNmqC0DtELOTWalhiKIAzG8ue5OGUTDDMMBvvSH0rVLVbViEk5x58HQHo3y2dkC5t903AsD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXvjslCgZYq-iBtyU7_UPreeVgAPJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTgAU_QHUPWBuFEnxw0wKviLJAwPumTYp-VLRFnp4_OF_Njgdl98K2D_RmWNB6OUQSxIsxDD-wZpDBHlHLvsE1JJLXB5SJCBN-cd9x0HmZj5YtHJn1AYXTF5od2fk5JMuSOrbsulw4g2nwW3Mq7sSr73Icpc0PE06LJNcAPdrPViUpnXzbBFpJqaaIU3dvWSbXaUr239_PEMQrCWufEtpEiV7-yo7J3k1y0B3xmLjGL-v81w44rfBMjPMjaka_c4t4ycdLDeFHhl3e8fh3R993QOQ4YoHTis9YYew4nToirj-3CgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_08xzuAhvtDMHtRyrU0O4mBIFu4yw%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 25 Feb 2022 19:05:56 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E3C5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABkS8Iu8pcAAVzrQ5a-oSaJ1_JgO8ZYg&u=%7C9DNl%2FNZD8EwjI%2FPvYlUzI9T2KYJvsER74BBhRFSCPjQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxmKns7mQVDO43o3WyRS9RBeklJ1OOpQ44wZOWNyASwR77FacyA5dO-6hAJeff7TTFuH77gxU6ZcIHX_RSRnc2Vnvr7_4_7jf2oC6ojf-YuFne3mUFiQm8mhN0Yz7ociZyCg-dFoJ6w9zQOnQIUw8VF_5mS2bjgaQS6oFO6e66Pkl068K005ljAnAi2JKEoNw0sIp_7hIXb105l9NkrUloaOOVbaOiIUOGnP69Uy3ywPfY4Zs04qGBSgpOin617pFwB0rJ-pARt_b3fH0PP_ksNh9T7XbbeUoE1fkJuNmqC0DtELOTWalhiKIAzG8ue5OGUTDDMMBvvSH0rVLVbViEk5x58HQHo3y2dkC5t903AsD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXvjslCgZYq-iBtyU7_UPreeVgAPJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTgAU_QHUPWBuFEnxw0wKviLJAwPumTYp-VLRFnp4_OF_Njgdl98K2D_RmWNB6OUQSxIsxDD-wZpDBHlHLvsE1JJLXB5SJCBN-cd9x0HmZj5YtHJn1AYXTF5od2fk5JMuSOrbsulw4g2nwW3Mq7sSr73Icpc0PE06LJNcAPdrPViUpnXzbBFpJqaaIU3dvWSbXaUr239_PEMQrCWufEtpEiV7-yo7J3k1y0B3xmLjGL-v81w44rfBMjPMjaka_c4t4ycdLDeFHhl3e8fh3R993QOQ4YoHTis9YYew4nToirj-3CgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_08xzuAhvtDMHtRyrU0O4mBIFu4yw%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Feb 2023 19:05:56 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame E3C5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABkS8Iu8pcAAVzrQ5a-oSaJ1_JgO8ZYg&u=%7C9DNl%2FNZD8EwjI%2FPvYlUzI9T2KYJvsER74BBhRFSCPjQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxmKns7mQVDO43o3WyRS9RBeklJ1OOpQ44wZOWNyASwR77FacyA5dO-6hAJeff7TTFuH77gxU6ZcIHX_RSRnc2Vnvr7_4_7jf2oC6ojf-YuFne3mUFiQm8mhN0Yz7ociZyCg-dFoJ6w9zQOnQIUw8VF_5mS2bjgaQS6oFO6e66Pkl068K005ljAnAi2JKEoNw0sIp_7hIXb105l9NkrUloaOOVbaOiIUOGnP69Uy3ywPfY4Zs04qGBSgpOin617pFwB0rJ-pARt_b3fH0PP_ksNh9T7XbbeUoE1fkJuNmqC0DtELOTWalhiKIAzG8ue5OGUTDDMMBvvSH0rVLVbViEk5x58HQHo3y2dkC5t903AsD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXvjslCgZYq-iBtyU7_UPreeVgAPJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTgAU_QHUPWBuFEnxw0wKviLJAwPumTYp-VLRFnp4_OF_Njgdl98K2D_RmWNB6OUQSxIsxDD-wZpDBHlHLvsE1JJLXB5SJCBN-cd9x0HmZj5YtHJn1AYXTF5od2fk5JMuSOrbsulw4g2nwW3Mq7sSr73Icpc0PE06LJNcAPdrPViUpnXzbBFpJqaaIU3dvWSbXaUr239_PEMQrCWufEtpEiV7-yo7J3k1y0B3xmLjGL-v81w44rfBMjPMjaka_c4t4ycdLDeFHhl3e8fh3R993QOQ4YoHTis9YYew4nToirj-3CgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_08xzuAhvtDMHtRyrU0O4mBIFu4yw%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Feb 2023 19:05:56 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame F4AE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABcIgIu8o8AALsuEHmYqS0zLKoIjqMJQ&u=%7C9DNl%2FNZD8EzgKpNt%2FEkMa86sTrmg%2BHDwP0UScpM4RpI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxunIYlLJFtWD51zkiyHbjJwfwBN2-jKKLd2_evI08hUbtBu-iNWzNDS2u775Y-F2nod4iC_KLF2CJkP7DqteMOYTDsehzT1oaAln7ohlpSP9evfNHMN9-7LNYCLT2obJUzl0fbtnkWqMVmq_e4WzwaSk0z8HSDf3-nsSHWI3_5aDfru17a91Q-OwmIOf1uvbP9Nidd8C2RSc0dk-wmKzhloX6RaZTYCQ1G8xNNH7zU9Insyo8OJdWp2vcRmYC_Ts-8QGY1NRNVdSvQDIRHxO5LRfco0vYOKJ7MF3sBB_9Z5YOJ5KzVYCkyJtc4pmvT1NcIp-1j93Cqdft0JMvmO9V4PBHYICT8m5ctfWJ4FYP89KWhR3T3g7yUI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgj4vlCgZYojhBbyU7_UPuNmLsAvJntKxXMWMi-CaAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLU2S1G4N2yPqgDAaoE5QFP0GP0rn_Lr55TzpYk1X5WHCiqBumWAYnecN0siCsK3dUlO9BxY9S5FOToeQQqkPW4CA6YbXwZLT57GW0I3dLdIxQ6C8snrwzgnhoaZSMlG3QSUeLlFNNRONc6Z9GWh8yf4wAx43fwvRbexxqJkTqDl_ftJa3_SAl6ooLuHkcTyUlFmLitZv4k5U-5f4FGp0bJGf9B4089uLR5Wy85dzGOLL0iMACk-c3rIrOjrKRolVU1EBI297s-hyafXmoQQKeJ9reio6RhZiZEPzstuKptY6PjVwW36omb7bd1YkKq_5Tqat-tgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0oTWDxHC_ItCcs0ZDNjxFApZMGng%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Feb 2023 19:05:56 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame F4AE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABcIgIu8o8AALsuEHmYqS0zLKoIjqMJQ&u=%7C9DNl%2FNZD8EzgKpNt%2FEkMa86sTrmg%2BHDwP0UScpM4RpI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxunIYlLJFtWD51zkiyHbjJwfwBN2-jKKLd2_evI08hUbtBu-iNWzNDS2u775Y-F2nod4iC_KLF2CJkP7DqteMOYTDsehzT1oaAln7ohlpSP9evfNHMN9-7LNYCLT2obJUzl0fbtnkWqMVmq_e4WzwaSk0z8HSDf3-nsSHWI3_5aDfru17a91Q-OwmIOf1uvbP9Nidd8C2RSc0dk-wmKzhloX6RaZTYCQ1G8xNNH7zU9Insyo8OJdWp2vcRmYC_Ts-8QGY1NRNVdSvQDIRHxO5LRfco0vYOKJ7MF3sBB_9Z5YOJ5KzVYCkyJtc4pmvT1NcIp-1j93Cqdft0JMvmO9V4PBHYICT8m5ctfWJ4FYP89KWhR3T3g7yUI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgj4vlCgZYojhBbyU7_UPuNmLsAvJntKxXMWMi-CaAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLU2S1G4N2yPqgDAaoE5QFP0GP0rn_Lr55TzpYk1X5WHCiqBumWAYnecN0siCsK3dUlO9BxY9S5FOToeQQqkPW4CA6YbXwZLT57GW0I3dLdIxQ6C8snrwzgnhoaZSMlG3QSUeLlFNNRONc6Z9GWh8yf4wAx43fwvRbexxqJkTqDl_ftJa3_SAl6ooLuHkcTyUlFmLitZv4k5U-5f4FGp0bJGf9B4089uLR5Wy85dzGOLL0iMACk-c3rIrOjrKRolVU1EBI297s-hyafXmoQQKeJ9reio6RhZiZEPzstuKptY6PjVwW36omb7bd1YkKq_5Tqat-tgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0oTWDxHC_ItCcs0ZDNjxFApZMGng%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Feb 2023 19:05:56 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame F4AE 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABcIgIu8o8AALsuEHmYqS0zLKoIjqMJQ&u=%7C9DNl%2FNZD8EzgKpNt%2FEkMa86sTrmg%2BHDwP0UScpM4RpI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxunIYlLJFtWD51zkiyHbjJwfwBN2-jKKLd2_evI08hUbtBu-iNWzNDS2u775Y-F2nod4iC_KLF2CJkP7DqteMOYTDsehzT1oaAln7ohlpSP9evfNHMN9-7LNYCLT2obJUzl0fbtnkWqMVmq_e4WzwaSk0z8HSDf3-nsSHWI3_5aDfru17a91Q-OwmIOf1uvbP9Nidd8C2RSc0dk-wmKzhloX6RaZTYCQ1G8xNNH7zU9Insyo8OJdWp2vcRmYC_Ts-8QGY1NRNVdSvQDIRHxO5LRfco0vYOKJ7MF3sBB_9Z5YOJ5KzVYCkyJtc4pmvT1NcIp-1j93Cqdft0JMvmO9V4PBHYICT8m5ctfWJ4FYP89KWhR3T3g7yUI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgj4vlCgZYojhBbyU7_UPuNmLsAvJntKxXMWMi-CaAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLU2S1G4N2yPqgDAaoE5QFP0GP0rn_Lr55TzpYk1X5WHCiqBumWAYnecN0siCsK3dUlO9BxY9S5FOToeQQqkPW4CA6YbXwZLT57GW0I3dLdIxQ6C8snrwzgnhoaZSMlG3QSUeLlFNNRONc6Z9GWh8yf4wAx43fwvRbexxqJkTqDl_ftJa3_SAl6ooLuHkcTyUlFmLitZv4k5U-5f4FGp0bJGf9B4089uLR5Wy85dzGOLL0iMACk-c3rIrOjrKRolVU1EBI297s-hyafXmoQQKeJ9reio6RhZiZEPzstuKptY6PjVwW36omb7bd1YkKq_5Tqat-tgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0oTWDxHC_ItCcs0ZDNjxFApZMGng%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 20 Feb 2023 19:05:56 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame F4AE 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABcIgIu8o8AALsuEHmYqS0zLKoIjqMJQ&u=%7C9DNl%2FNZD8EzgKpNt%2FEkMa86sTrmg%2BHDwP0UScpM4RpI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxunIYlLJFtWD51zkiyHbjJwfwBN2-jKKLd2_evI08hUbtBu-iNWzNDS2u775Y-F2nod4iC_KLF2CJkP7DqteMOYTDsehzT1oaAln7ohlpSP9evfNHMN9-7LNYCLT2obJUzl0fbtnkWqMVmq_e4WzwaSk0z8HSDf3-nsSHWI3_5aDfru17a91Q-OwmIOf1uvbP9Nidd8C2RSc0dk-wmKzhloX6RaZTYCQ1G8xNNH7zU9Insyo8OJdWp2vcRmYC_Ts-8QGY1NRNVdSvQDIRHxO5LRfco0vYOKJ7MF3sBB_9Z5YOJ5KzVYCkyJtc4pmvT1NcIp-1j93Cqdft0JMvmO9V4PBHYICT8m5ctfWJ4FYP89KWhR3T3g7yUI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgj4vlCgZYojhBbyU7_UPuNmLsAvJntKxXMWMi-CaAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLU2S1G4N2yPqgDAaoE5QFP0GP0rn_Lr55TzpYk1X5WHCiqBumWAYnecN0siCsK3dUlO9BxY9S5FOToeQQqkPW4CA6YbXwZLT57GW0I3dLdIxQ6C8snrwzgnhoaZSMlG3QSUeLlFNNRONc6Z9GWh8yf4wAx43fwvRbexxqJkTqDl_ftJa3_SAl6ooLuHkcTyUlFmLitZv4k5U-5f4FGp0bJGf9B4089uLR5Wy85dzGOLL0iMACk-c3rIrOjrKRolVU1EBI297s-hyafXmoQQKeJ9reio6RhZiZEPzstuKptY6PjVwW36omb7bd1YkKq_5Tqat-tgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0oTWDxHC_ItCcs0ZDNjxFApZMGng%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Mon, 20 Feb 2023 19:05:56 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame F4AE 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=jfWl9QHbIRnoGeKlU3uCLY8ITtPSk7mv0O2lN9fxg3XgYPFVbIJLBSQ1gG5mYW0AxvJ4UdZE1Uk0yAOvxK3WxQYPj7g3ypa_xiSfLFfVXDzyVoqMeMHlQysX-nuOZ5KRlvx0LAzSida4Cg3JnZuYyCRCt0QpDF6rtk5_BArrJfhxuuD6uI8nEe2huC_QJvoAk5TQ7lWS1kgnQ2FW0dO2HDvT0RVZz69n9SRlGj4HXMs3dggGs1tyFI6SHDAN0XpsZ9g886YENNZfFr5FEJ2amYNYFhN2Nue-O8gvBiVgTbv1o98D5-ltyEijxAuRdy16OyENA2Xof7G-kjhZyVf86X51Cp5owhmh8C563a8seQjIbpqvEFgzTrfgQIN09kSb1v42OTh0worHZrMrQJAgbn38qNb18kOw7kWnL8f8QSTsuX5jHPgdHCp1JYXUP6nIFodq8dM-P_wm98CkS0R0y9zNmJw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABcIgIu8o8AALsuEHmYqS0zLKoIjqMJQ&u=%7C9DNl%2FNZD8EzgKpNt%2FEkMa86sTrmg%2BHDwP0UScpM4RpI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxunIYlLJFtWD51zkiyHbjJwfwBN2-jKKLd2_evI08hUbtBu-iNWzNDS2u775Y-F2nod4iC_KLF2CJkP7DqteMOYTDsehzT1oaAln7ohlpSP9evfNHMN9-7LNYCLT2obJUzl0fbtnkWqMVmq_e4WzwaSk0z8HSDf3-nsSHWI3_5aDfru17a91Q-OwmIOf1uvbP9Nidd8C2RSc0dk-wmKzhloX6RaZTYCQ1G8xNNH7zU9Insyo8OJdWp2vcRmYC_Ts-8QGY1NRNVdSvQDIRHxO5LRfco0vYOKJ7MF3sBB_9Z5YOJ5KzVYCkyJtc4pmvT1NcIp-1j93Cqdft0JMvmO9V4PBHYICT8m5ctfWJ4FYP89KWhR3T3g7yUI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgj4vlCgZYojhBbyU7_UPuNmLsAvJntKxXMWMi-CaAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLU2S1G4N2yPqgDAaoE5QFP0GP0rn_Lr55TzpYk1X5WHCiqBumWAYnecN0siCsK3dUlO9BxY9S5FOToeQQqkPW4CA6YbXwZLT57GW0I3dLdIxQ6C8snrwzgnhoaZSMlG3QSUeLlFNNRONc6Z9GWh8yf4wAx43fwvRbexxqJkTqDl_ftJa3_SAl6ooLuHkcTyUlFmLitZv4k5U-5f4FGp0bJGf9B4089uLR5Wy85dzGOLL0iMACk-c3rIrOjrKRolVU1EBI297s-hyafXmoQQKeJ9reio6RhZiZEPzstuKptY6PjVwW36omb7bd1YkKq_5Tqat-tgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0oTWDxHC_ItCcs0ZDNjxFApZMGng%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:56 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2895424
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
e1eee23f36481a69453f.b.js
cdn.admixer.net/scripts3/43512/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/43512/e1eee23f36481a69453f.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 10:29:24 GMT
server
nginx
etag
W/"62039784-702f"
vary
Accept-Encoding
x-cached-since
2022-02-17T15:14:06+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 18 Feb 2023 15:14:06 GMT
fdabe098f34289659a17.b.js
cdn.admixer.net/scripts3/43512/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/43512/fdabe098f34289659a17.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 10:29:25 GMT
server
nginx
etag
W/"62039785-a793"
vary
Accept-Encoding
x-cached-since
2022-02-25T12:10:56+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sun, 26 Feb 2023 12:10:56 GMT
84011c43c3075e543c6d.b.js
cdn.admixer.net/scripts3/43512/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/43512/84011c43c3075e543c6d.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 10:29:17 GMT
server
nginx
etag
W/"6203977d-326c"
vary
Accept-Encoding
x-cached-since
2022-02-25T12:10:58+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sun, 26 Feb 2023 12:10:58 GMT
182f2d74c34963cea11e.b.js
cdn.admixer.net/scripts3/43512/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/43512/182f2d74c34963cea11e.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
51963d3074e03b274597ec8a657697e989d104197d060d7f71e4df8971c25edb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 10:29:09 GMT
server
nginx
etag
W/"62039775-2a79"
vary
Accept-Encoding
x-cached-since
2022-02-17T15:14:06+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 18 Feb 2023 15:14:06 GMT
631117330f3e56489daa.b.js
cdn.admixer.net/scripts3/43512/ 		214 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/43512/631117330f3e56489daa.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
2cb6aa168491f0d76255839ccbed19fba4f560bcf0b95aea1dc84aa257ac685c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 10:29:14 GMT
server
nginx
etag
W/"6203977a-3594f"
vary
Accept-Encoding
x-cached-since
2022-02-17T15:14:06+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 18 Feb 2023 15:14:06 GMT
ev_prebid.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=DE&am-uid=c9946af36a2a46eb98a9c9f5e1815abe&zone=DAB6BE62-B1E7-4D05-A12C-0A70B3291504&device=6&rule=A115463E-E95D-4D45-91E3-2BE636EF4375&requestId=43fccb8f-f568-46f7-b635-c8df21bb3f0e&hp=-967666016&page=www.buhoblik.org.ua%2F&segments=2%2C6%2C496&ts=637814127562176286&ap=MA%3D%3D&asign=-903884433&sync=80%2C3%2C98%2C96&bt=3&carr=Core-Backbone&connt=1&devt=4&isapp=0&os=Android&osv=11&adtype=0&extpubid=1A4D80BD-B81F-427C-A6F6-12DD363AA495&inst=ADS-EU-7&pxl=0&pvid=3f9b07a3-d8cb-4f9b-b2ab-54d9ab665f38&ip=82.199.130.41&item=7820189B-C54F-4826-BC54-07F445CA7CB2&crid=7820189B-C54F-4826-BC54-07F445CA7CB2&size=350x240&profile=4D635110-335E-4D1A-8435-0328A1BBDC04&isopt=0&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=24&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 25 Feb 2022 19:05:56 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
um
u-ams02.e-planning.net/ Frame 2BEA
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Daca622f3d168ad40
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348&partner_url=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3Dc5c5ac99-c4...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348&partner_url=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3Dc5c5a...
  • https://u-ams02.e-planning.net/um?uid=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348&dc=0abbcb4eba840e59&fi=aca622f3d168ad40
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348&dc=0abbcb4eba840e59&fi=aca622f3d168ad40
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://u-ams02.e-planning.net/um?uid=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348&dc=0abbcb4eba840e59&fi=aca622f3d168ad40
date
Fri, 25 Feb 2022 19:05:57 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
prebid
rtb.openx.net/sync/ Frame 2BEA 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Daca622f3d168ad40%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:56 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
62np8nu3uuo6geva6vl56nq15g1njp59
ptag
a.audrte.com/ Frame 2BEA 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.116.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-116-73.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
1c7ccd354d975ee1e5018cf91d57b416a928d1e9590cc2ee92cf312449145b1f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:57 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1681
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 2BEA 		266 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amersfoort, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 24 Feb 2027 19:05:56 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 2BEA
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Daca622f3d168ad40
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.223.79.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Fri, 25 Feb 2022 19:05:57 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 2BEA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Daca622f3d168ad40%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=aca622f3d168ad40&uid=1177295049587875137
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=aca622f3d168ad40&uid=1177295049587875137
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:57 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
20fa371e-df5f-4aea-995d-8c365f62cc26
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=aca622f3d168ad40&uid=1177295049587875137
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame F4AE 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABcIgIu8o8AALsuEHmYqS0zLKoIjqMJQ&u=%7C9DNl%2FNZD8EzgKpNt%2FEkMa86sTrmg%2BHDwP0UScpM4RpI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxunIYlLJFtWD51zkiyHbjJwfwBN2-jKKLd2_evI08hUbtBu-iNWzNDS2u775Y-F2nod4iC_KLF2CJkP7DqteMOYTDsehzT1oaAln7ohlpSP9evfNHMN9-7LNYCLT2obJUzl0fbtnkWqMVmq_e4WzwaSk0z8HSDf3-nsSHWI3_5aDfru17a91Q-OwmIOf1uvbP9Nidd8C2RSc0dk-wmKzhloX6RaZTYCQ1G8xNNH7zU9Insyo8OJdWp2vcRmYC_Ts-8QGY1NRNVdSvQDIRHxO5LRfco0vYOKJ7MF3sBB_9Z5YOJ5KzVYCkyJtc4pmvT1NcIp-1j93Cqdft0JMvmO9V4PBHYICT8m5ctfWJ4FYP89KWhR3T3g7yUI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgj4vlCgZYojhBbyU7_UPuNmLsAvJntKxXMWMi-CaAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLU2S1G4N2yPqgDAaoE5QFP0GP0rn_Lr55TzpYk1X5WHCiqBumWAYnecN0siCsK3dUlO9BxY9S5FOToeQQqkPW4CA6YbXwZLT57GW0I3dLdIxQ6C8snrwzgnhoaZSMlG3QSUeLlFNNRONc6Z9GWh8yf4wAx43fwvRbexxqJkTqDl_ftJa3_SAl6ooLuHkcTyUlFmLitZv4k5U-5f4FGp0bJGf9B4089uLR5Wy85dzGOLL0iMACk-c3rIrOjrKRolVU1EBI297s-hyafXmoQQKeJ9reio6RhZiZEPzstuKptY6PjVwW36omb7bd1YkKq_5Tqat-tgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0oTWDxHC_ItCcs0ZDNjxFApZMGng%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1988012
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0F99NTiEkPFOprxrQRZ1QM%2BphgVwCO%2FDCbowPOHjvCFUBWsFhvQ0T74dxC1LTlTFOQAfm%2Fa6sIXAQC5YokAv2q2EM1NAo142%2F%2BG8jdJoWaZF3VOHXEIt9uz2T2tLafdIU2W3zZ%2BmP2X42XetLzpj2O4O"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e3335438d87e618-LHR
expires
Wed, 15 Feb 2023 19:05:57 GMT
animejs.js
static.criteo.net/animejs/ Frame F4AE 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABcIgIu8o8AALsuEHmYqS0zLKoIjqMJQ&u=%7C9DNl%2FNZD8EzgKpNt%2FEkMa86sTrmg%2BHDwP0UScpM4RpI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxunIYlLJFtWD51zkiyHbjJwfwBN2-jKKLd2_evI08hUbtBu-iNWzNDS2u775Y-F2nod4iC_KLF2CJkP7DqteMOYTDsehzT1oaAln7ohlpSP9evfNHMN9-7LNYCLT2obJUzl0fbtnkWqMVmq_e4WzwaSk0z8HSDf3-nsSHWI3_5aDfru17a91Q-OwmIOf1uvbP9Nidd8C2RSc0dk-wmKzhloX6RaZTYCQ1G8xNNH7zU9Insyo8OJdWp2vcRmYC_Ts-8QGY1NRNVdSvQDIRHxO5LRfco0vYOKJ7MF3sBB_9Z5YOJ5KzVYCkyJtc4pmvT1NcIp-1j93Cqdft0JMvmO9V4PBHYICT8m5ctfWJ4FYP89KWhR3T3g7yUI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgj4vlCgZYojhBbyU7_UPuNmLsAvJntKxXMWMi-CaAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLU2S1G4N2yPqgDAaoE5QFP0GP0rn_Lr55TzpYk1X5WHCiqBumWAYnecN0siCsK3dUlO9BxY9S5FOToeQQqkPW4CA6YbXwZLT57GW0I3dLdIxQ6C8snrwzgnhoaZSMlG3QSUeLlFNNRONc6Z9GWh8yf4wAx43fwvRbexxqJkTqDl_ftJa3_SAl6ooLuHkcTyUlFmLitZv4k5U-5f4FGp0bJGf9B4089uLR5Wy85dzGOLL0iMACk-c3rIrOjrKRolVU1EBI297s-hyafXmoQQKeJ9reio6RhZiZEPzstuKptY6PjVwW36omb7bd1YkKq_5Tqat-tgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0oTWDxHC_ItCcs0ZDNjxFApZMGng%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Feb 2023 19:05:56 GMT
share-counter.html
w.uptolike.com/widgets/v1/ Frame 3BE8 		17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=5e5f39385e9edc9f82706afd51e24398
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
97ce3fd5f5eee27ebe4513c4731c528cd845b819e865c2c487e23e6926df3ba8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

Server
nginx
Date
Fri, 25 Feb 2022 19:05:57 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
max-age=1800
Expires
Fri, 25 Feb 2022 19:35:57 GMT
Content-Encoding
gzip
impression.html
w.uptolike.com/widgets/v1/ Frame CE44 		1023 B
914 B 		Document
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/widgets/v1/impression.html?5e5f39385e9edc9f82706afd51e24398
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=5e5f39385e9edc9f82706afd51e24398
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

Server
nginx
Date
Fri, 25 Feb 2022 19:05:57 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
max-age=1800
Expires
Fri, 25 Feb 2022 19:35:57 GMT
Content-Encoding
gzip
css
fonts.googleapis.com/ Frame 7111 		5 KB
677 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700
Requested by
Host: tttttt.me
URL: https://tttttt.me/buhoblik_org_ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
def453926bf1e0d62bf8a4cf5c409dd333a049f547e470a509cc738bede438c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tttttt.me/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Feb 2022 18:22:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 25 Feb 2022 19:05:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Feb 2022 19:05:57 GMT
bootstrap.min.css
tlgr.org/css/ Frame 7111 		42 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tlgr.org/css/bootstrap.min.css?3
Requested by
Host: tttttt.me
URL: https://tttttt.me/buhoblik_org_ua
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tttttt.me/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:57 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
text/css
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Tue, 01 Mar 2022 19:05:57 GMT
telegram.css
tlgr.org/css/ Frame 7111 		108 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tlgr.org/css/telegram.css?215
Requested by
Host: tttttt.me
URL: https://tttttt.me/buhoblik_org_ua
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
36a8cc71b8c024b285afdf588deb67f2f3ae0b44bb438c65bb9b62a1247c3e3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tttttt.me/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:59 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
text/css
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Tue, 01 Mar 2022 19:05:58 GMT
csync
sync.console.adtarget.com.tr/ Frame CB07
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=dal1VIFarWhMb20JIVmp&pi=admatic
0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7C6C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=76301
expires
Sat, 26 Feb 2022 16:17:38 GMT
date
Fri, 25 Feb 2022 19:05:57 GMT
vary
Accept-Encoding
pbsync.html
js.adscale.de/ Frame 1D2D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7800:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Wed, 23 Feb 2022 09:32:21 GMT
x-amz-version-id
ipecrF9lx7iS7_rfinW1Z6xUgkZqa9cH
server
AmazonS3
content-encoding
br
date
Fri, 25 Feb 2022 17:32:24 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
KDnMRjLOoafA7hfyoJvfA2HsbqzFaeJO0ifhhNw4twIGLOmswcJXOg==
age
5614
csync
sync.console.adtarget.com.tr/ Frame 2E8E 		0
0
csync
sync.console.adtarget.com.tr/ Frame E54E 		0
0
cookie
cm.adform.net/ Frame 1DEC 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=712122
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Fri, 25 Feb 2022 19:05:57 GMT
content-type
image/gif
content-length
43
csync
sync.console.adtarget.com.tr/ Frame 53F7 		0
0
csync
sync.console.adtarget.com.tr/ Frame 4013 		0
0
csync
sync.console.adtarget.com.tr/ Frame 63CD 		0
0
csync
sync.console.adtarget.com.tr/ Frame 63CD 		0
0
css
fonts.googleapis.com/ Frame E3C5 		2 KB
514 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5fe833c23075cb21c9eef60d0e819155ad9521ffd91998d3ce116b669e946bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Feb 2022 18:15:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 25 Feb 2022 19:05:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Feb 2022 19:05:57 GMT
usync.html
eus.rubiconproject.com/ Frame 4EC5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"40014-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 25 Feb 2022 19:05:57 GMT
vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
date
Fri, 25 Feb 2022 19:05:57 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FD78 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Daca622f3d168ad40%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=76301
expires
Sat, 26 Feb 2022 16:17:38 GMT
date
Fri, 25 Feb 2022 19:05:57 GMT
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame E129 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Daca622f3d168ad40%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2aae5c7ebe833368b30ffc888cc34827b1b6629be3d882c695ab0608b1802745

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|45|39|241|51|4|152|31
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Fri, 25 Feb 2022 19:05:57 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:57 GMT
Content-Length
1596
Connection
keep-alive
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 669D 		1 KB
963 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
content-type
text/html
content-length
624
x-cff
B
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:27 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
x-cf3
M
cf4age
0
x-cf-tsc
1641922228
cf4ttl
157680000.000
content-encoding
gzip
x-cf2
H
server
CFS 0215
x-cf1
29080:fA.cdg1:co:1585621119:cacheB.cdg1-01:H
accept-ranges
bytes
/
onetag-sys.com/usync/ Frame 4BEF 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 472B 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72a43e51299d6c00a7f3008fad41c177df63f2ac771b147b0a6b2100161a4586

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e33354429b288bc-LHR
content-encoding
br
icomoon.woff
w.uptolike.com/static/buttons/fonts/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/static/buttons/fonts/icomoon.woff?qq11232333=1232131231321
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29

Request headers

Referer
https://www.buhoblik.org.ua/
Origin
https://www.buhoblik.org.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:57 GMT
Last-Modified
Wed, 16 Aug 2017 14:30:13 GMT
Server
nginx
ETag
"599456f5-23b8"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9144
Expires
Sat, 21 May 2022 07:57:01 GMT
img
pix.eu.criteo.net/img/ Frame F4AE 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=90357&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F90357%2F211115%2F33300702bd0247d48074e3362ef06108_screenshot_2021-11-08_at_12.17.08.png&v=3&w=196&s=cJzrnephzXW9iVv6c44m7p2v
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABcIgIu8o8AALsuEHmYqS0zLKoIjqMJQ&u=%7C9DNl%2FNZD8EzgKpNt%2FEkMa86sTrmg%2BHDwP0UScpM4RpI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxunIYlLJFtWD51zkiyHbjJwfwBN2-jKKLd2_evI08hUbtBu-iNWzNDS2u775Y-F2nod4iC_KLF2CJkP7DqteMOYTDsehzT1oaAln7ohlpSP9evfNHMN9-7LNYCLT2obJUzl0fbtnkWqMVmq_e4WzwaSk0z8HSDf3-nsSHWI3_5aDfru17a91Q-OwmIOf1uvbP9Nidd8C2RSc0dk-wmKzhloX6RaZTYCQ1G8xNNH7zU9Insyo8OJdWp2vcRmYC_Ts-8QGY1NRNVdSvQDIRHxO5LRfco0vYOKJ7MF3sBB_9Z5YOJ5KzVYCkyJtc4pmvT1NcIp-1j93Cqdft0JMvmO9V4PBHYICT8m5ctfWJ4FYP89KWhR3T3g7yUI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgj4vlCgZYojhBbyU7_UPuNmLsAvJntKxXMWMi-CaAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLU2S1G4N2yPqgDAaoE5QFP0GP0rn_Lr55TzpYk1X5WHCiqBumWAYnecN0siCsK3dUlO9BxY9S5FOToeQQqkPW4CA6YbXwZLT57GW0I3dLdIxQ6C8snrwzgnhoaZSMlG3QSUeLlFNNRONc6Z9GWh8yf4wAx43fwvRbexxqJkTqDl_ftJa3_SAl6ooLuHkcTyUlFmLitZv4k5U-5f4FGp0bJGf9B4089uLR5Wy85dzGOLL0iMACk-c3rIrOjrKRolVU1EBI297s-hyafXmoQQKeJ9reio6RhZiZEPzstuKptY6PjVwW36omb7bd1YkKq_5Tqat-tgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0oTWDxHC_ItCcs0ZDNjxFApZMGng%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
fcbc61a1473aea0abbd62eef06b8b7bf34ff9452ea74f6efcfef28a4ac587ff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31078557
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11345
expires
Mon, 20 Feb 2023 12:01:54 GMT
img
pix.eu.criteo.net/img/ Frame F4AE 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1541277-_x600-nocrop.jpg&v=3&w=800&s=Tipv65uaMbL7n9Blvz449O2g&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABcIgIu8o8AALsuEHmYqS0zLKoIjqMJQ&u=%7C9DNl%2FNZD8EzgKpNt%2FEkMa86sTrmg%2BHDwP0UScpM4RpI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxunIYlLJFtWD51zkiyHbjJwfwBN2-jKKLd2_evI08hUbtBu-iNWzNDS2u775Y-F2nod4iC_KLF2CJkP7DqteMOYTDsehzT1oaAln7ohlpSP9evfNHMN9-7LNYCLT2obJUzl0fbtnkWqMVmq_e4WzwaSk0z8HSDf3-nsSHWI3_5aDfru17a91Q-OwmIOf1uvbP9Nidd8C2RSc0dk-wmKzhloX6RaZTYCQ1G8xNNH7zU9Insyo8OJdWp2vcRmYC_Ts-8QGY1NRNVdSvQDIRHxO5LRfco0vYOKJ7MF3sBB_9Z5YOJ5KzVYCkyJtc4pmvT1NcIp-1j93Cqdft0JMvmO9V4PBHYICT8m5ctfWJ4FYP89KWhR3T3g7yUI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgj4vlCgZYojhBbyU7_UPuNmLsAvJntKxXMWMi-CaAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLU2S1G4N2yPqgDAaoE5QFP0GP0rn_Lr55TzpYk1X5WHCiqBumWAYnecN0siCsK3dUlO9BxY9S5FOToeQQqkPW4CA6YbXwZLT57GW0I3dLdIxQ6C8snrwzgnhoaZSMlG3QSUeLlFNNRONc6Z9GWh8yf4wAx43fwvRbexxqJkTqDl_ftJa3_SAl6ooLuHkcTyUlFmLitZv4k5U-5f4FGp0bJGf9B4089uLR5Wy85dzGOLL0iMACk-c3rIrOjrKRolVU1EBI297s-hyafXmoQQKeJ9reio6RhZiZEPzstuKptY6PjVwW36omb7bd1YkKq_5Tqat-tgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0oTWDxHC_ItCcs0ZDNjxFApZMGng%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
7a1934a4f985460636c5c11f3594f3d1eaeec946c181629463bd7c6fe8b83c94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31347730
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
97842
expires
Thu, 23 Feb 2023 14:48:07 GMT
img
pix.eu.criteo.net/img/ Frame F4AE 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F2075403-_x600-nocrop.jpg&v=3&w=800&s=iZwUwAAnFHcFdYeZvNExjMDr&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABcIgIu8o8AALsuEHmYqS0zLKoIjqMJQ&u=%7C9DNl%2FNZD8EzgKpNt%2FEkMa86sTrmg%2BHDwP0UScpM4RpI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxunIYlLJFtWD51zkiyHbjJwfwBN2-jKKLd2_evI08hUbtBu-iNWzNDS2u775Y-F2nod4iC_KLF2CJkP7DqteMOYTDsehzT1oaAln7ohlpSP9evfNHMN9-7LNYCLT2obJUzl0fbtnkWqMVmq_e4WzwaSk0z8HSDf3-nsSHWI3_5aDfru17a91Q-OwmIOf1uvbP9Nidd8C2RSc0dk-wmKzhloX6RaZTYCQ1G8xNNH7zU9Insyo8OJdWp2vcRmYC_Ts-8QGY1NRNVdSvQDIRHxO5LRfco0vYOKJ7MF3sBB_9Z5YOJ5KzVYCkyJtc4pmvT1NcIp-1j93Cqdft0JMvmO9V4PBHYICT8m5ctfWJ4FYP89KWhR3T3g7yUI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgj4vlCgZYojhBbyU7_UPuNmLsAvJntKxXMWMi-CaAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLU2S1G4N2yPqgDAaoE5QFP0GP0rn_Lr55TzpYk1X5WHCiqBumWAYnecN0siCsK3dUlO9BxY9S5FOToeQQqkPW4CA6YbXwZLT57GW0I3dLdIxQ6C8snrwzgnhoaZSMlG3QSUeLlFNNRONc6Z9GWh8yf4wAx43fwvRbexxqJkTqDl_ftJa3_SAl6ooLuHkcTyUlFmLitZv4k5U-5f4FGp0bJGf9B4089uLR5Wy85dzGOLL0iMACk-c3rIrOjrKRolVU1EBI297s-hyafXmoQQKeJ9reio6RhZiZEPzstuKptY6PjVwW36omb7bd1YkKq_5Tqat-tgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0oTWDxHC_ItCcs0ZDNjxFApZMGng%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
db3f8c106db649397b8741340fd881b1a555442d3084fab0eee2f6077c854b83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31268699
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
43448
expires
Wed, 22 Feb 2023 16:50:56 GMT
img
pix.eu.criteo.net/img/ Frame F4AE 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1184687-_x600-nocrop.jpg&v=3&w=800&s=_cqC50lpvICDOJudsxK8WlyY&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABcIgIu8o8AALsuEHmYqS0zLKoIjqMJQ&u=%7C9DNl%2FNZD8EzgKpNt%2FEkMa86sTrmg%2BHDwP0UScpM4RpI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxunIYlLJFtWD51zkiyHbjJwfwBN2-jKKLd2_evI08hUbtBu-iNWzNDS2u775Y-F2nod4iC_KLF2CJkP7DqteMOYTDsehzT1oaAln7ohlpSP9evfNHMN9-7LNYCLT2obJUzl0fbtnkWqMVmq_e4WzwaSk0z8HSDf3-nsSHWI3_5aDfru17a91Q-OwmIOf1uvbP9Nidd8C2RSc0dk-wmKzhloX6RaZTYCQ1G8xNNH7zU9Insyo8OJdWp2vcRmYC_Ts-8QGY1NRNVdSvQDIRHxO5LRfco0vYOKJ7MF3sBB_9Z5YOJ5KzVYCkyJtc4pmvT1NcIp-1j93Cqdft0JMvmO9V4PBHYICT8m5ctfWJ4FYP89KWhR3T3g7yUI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgj4vlCgZYojhBbyU7_UPuNmLsAvJntKxXMWMi-CaAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLU2S1G4N2yPqgDAaoE5QFP0GP0rn_Lr55TzpYk1X5WHCiqBumWAYnecN0siCsK3dUlO9BxY9S5FOToeQQqkPW4CA6YbXwZLT57GW0I3dLdIxQ6C8snrwzgnhoaZSMlG3QSUeLlFNNRONc6Z9GWh8yf4wAx43fwvRbexxqJkTqDl_ftJa3_SAl6ooLuHkcTyUlFmLitZv4k5U-5f4FGp0bJGf9B4089uLR5Wy85dzGOLL0iMACk-c3rIrOjrKRolVU1EBI297s-hyafXmoQQKeJ9reio6RhZiZEPzstuKptY6PjVwW36omb7bd1YkKq_5Tqat-tgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0oTWDxHC_ItCcs0ZDNjxFApZMGng%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
4a917cbd424303e1b6d60dc0184972732a71937e7897c62989ed366984dbc6ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31238843
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
67276
expires
Wed, 22 Feb 2023 08:33:20 GMT
all
csm.eu.criteo.net/ Frame F4AE 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=DMPUecNjIKp-27jdVJHZXF-Xngkr7f5mTBpqjTf-083RKmQw5g49H3FNPRWGlp_lQqAONI8kIU3jAixUwDElLKzXUGWhHqGdjGzyWQqaY2h3rb19VFH-WNSvfy084gHMr0jflWpYDzBN3whqlG-HyD2xmdDZ8EJpSHkg54tCiDeqkgQCbLK895NiZQAFBGTqahMed7CEhmpVafWc73FstIiIs_PBmc7BisaJNo-rrOUzgaG-msaFTzJw1STJQTOOkBf57g&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABcIgIu8o8AALsuEHmYqS0zLKoIjqMJQ&u=%7C9DNl%2FNZD8EzgKpNt%2FEkMa86sTrmg%2BHDwP0UScpM4RpI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxunIYlLJFtWD51zkiyHbjJwfwBN2-jKKLd2_evI08hUbtBu-iNWzNDS2u775Y-F2nod4iC_KLF2CJkP7DqteMOYTDsehzT1oaAln7ohlpSP9evfNHMN9-7LNYCLT2obJUzl0fbtnkWqMVmq_e4WzwaSk0z8HSDf3-nsSHWI3_5aDfru17a91Q-OwmIOf1uvbP9Nidd8C2RSc0dk-wmKzhloX6RaZTYCQ1G8xNNH7zU9Insyo8OJdWp2vcRmYC_Ts-8QGY1NRNVdSvQDIRHxO5LRfco0vYOKJ7MF3sBB_9Z5YOJ5KzVYCkyJtc4pmvT1NcIp-1j93Cqdft0JMvmO9V4PBHYICT8m5ctfWJ4FYP89KWhR3T3g7yUI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgj4vlCgZYojhBbyU7_UPuNmLsAvJntKxXMWMi-CaAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLU2S1G4N2yPqgDAaoE5QFP0GP0rn_Lr55TzpYk1X5WHCiqBumWAYnecN0siCsK3dUlO9BxY9S5FOToeQQqkPW4CA6YbXwZLT57GW0I3dLdIxQ6C8snrwzgnhoaZSMlG3QSUeLlFNNRONc6Z9GWh8yf4wAx43fwvRbexxqJkTqDl_ftJa3_SAl6ooLuHkcTyUlFmLitZv4k5U-5f4FGp0bJGf9B4089uLR5Wy85dzGOLL0iMACk-c3rIrOjrKRolVU1EBI297s-hyafXmoQQKeJ9reio6RhZiZEPzstuKptY6PjVwW36omb7bd1YkKq_5Tqat-tgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0oTWDxHC_ItCcs0ZDNjxFApZMGng%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 25 Feb 2022 19:05:57 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F4AE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABcIgIu8o8AALsuEHmYqS0zLKoIjqMJQ&u=%7C9DNl%2FNZD8EzgKpNt%2FEkMa86sTrmg%2BHDwP0UScpM4RpI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxunIYlLJFtWD51zkiyHbjJwfwBN2-jKKLd2_evI08hUbtBu-iNWzNDS2u775Y-F2nod4iC_KLF2CJkP7DqteMOYTDsehzT1oaAln7ohlpSP9evfNHMN9-7LNYCLT2obJUzl0fbtnkWqMVmq_e4WzwaSk0z8HSDf3-nsSHWI3_5aDfru17a91Q-OwmIOf1uvbP9Nidd8C2RSc0dk-wmKzhloX6RaZTYCQ1G8xNNH7zU9Insyo8OJdWp2vcRmYC_Ts-8QGY1NRNVdSvQDIRHxO5LRfco0vYOKJ7MF3sBB_9Z5YOJ5KzVYCkyJtc4pmvT1NcIp-1j93Cqdft0JMvmO9V4PBHYICT8m5ctfWJ4FYP89KWhR3T3g7yUI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgj4vlCgZYojhBbyU7_UPuNmLsAvJntKxXMWMi-CaAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLU2S1G4N2yPqgDAaoE5QFP0GP0rn_Lr55TzpYk1X5WHCiqBumWAYnecN0siCsK3dUlO9BxY9S5FOToeQQqkPW4CA6YbXwZLT57GW0I3dLdIxQ6C8snrwzgnhoaZSMlG3QSUeLlFNNRONc6Z9GWh8yf4wAx43fwvRbexxqJkTqDl_ftJa3_SAl6ooLuHkcTyUlFmLitZv4k5U-5f4FGp0bJGf9B4089uLR5Wy85dzGOLL0iMACk-c3rIrOjrKRolVU1EBI297s-hyafXmoQQKeJ9reio6RhZiZEPzstuKptY6PjVwW36omb7bd1YkKq_5Tqat-tgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0oTWDxHC_ItCcs0ZDNjxFApZMGng%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Feb 2023 19:05:57 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame F4AE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABcIgIu8o8AALsuEHmYqS0zLKoIjqMJQ&u=%7C9DNl%2FNZD8EzgKpNt%2FEkMa86sTrmg%2BHDwP0UScpM4RpI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxunIYlLJFtWD51zkiyHbjJwfwBN2-jKKLd2_evI08hUbtBu-iNWzNDS2u775Y-F2nod4iC_KLF2CJkP7DqteMOYTDsehzT1oaAln7ohlpSP9evfNHMN9-7LNYCLT2obJUzl0fbtnkWqMVmq_e4WzwaSk0z8HSDf3-nsSHWI3_5aDfru17a91Q-OwmIOf1uvbP9Nidd8C2RSc0dk-wmKzhloX6RaZTYCQ1G8xNNH7zU9Insyo8OJdWp2vcRmYC_Ts-8QGY1NRNVdSvQDIRHxO5LRfco0vYOKJ7MF3sBB_9Z5YOJ5KzVYCkyJtc4pmvT1NcIp-1j93Cqdft0JMvmO9V4PBHYICT8m5ctfWJ4FYP89KWhR3T3g7yUI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgj4vlCgZYojhBbyU7_UPuNmLsAvJntKxXMWMi-CaAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLU2S1G4N2yPqgDAaoE5QFP0GP0rn_Lr55TzpYk1X5WHCiqBumWAYnecN0siCsK3dUlO9BxY9S5FOToeQQqkPW4CA6YbXwZLT57GW0I3dLdIxQ6C8snrwzgnhoaZSMlG3QSUeLlFNNRONc6Z9GWh8yf4wAx43fwvRbexxqJkTqDl_ftJa3_SAl6ooLuHkcTyUlFmLitZv4k5U-5f4FGp0bJGf9B4089uLR5Wy85dzGOLL0iMACk-c3rIrOjrKRolVU1EBI297s-hyafXmoQQKeJ9reio6RhZiZEPzstuKptY6PjVwW36omb7bd1YkKq_5Tqat-tgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0oTWDxHC_ItCcs0ZDNjxFApZMGng%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Feb 2023 19:05:57 GMT
SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
pagead2.googlesyndication.com/bg/ Frame 326E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5630956766216465&output=html&h=280&slotname=9722638899&adk=717558426&adf=3992750170&pi=t.ma~as.9722638899&w=336&lmt=1645815954&psa=0&format=336x280&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645815957821&bpp=2&bdt=744&idt=234&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=7601375539490&frm=20&pv=1&ga_vid=104275366.1645815958&ga_sid=1645815958&ga_hid=287414095&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065252%2C31062931&oid=2&pvsid=3479310038249509&pem=828&tmod=878799765&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vsTZsVWvho&p=https%3A//www.buhoblik.org.ua&dtd=238
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484c9dc906528d1a062bb6bafbadaf374c145503a4c3de6826c967c642ddcff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 16:50:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
8107
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13759
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Feb 2023 16:50:50 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame FCED 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=15950526&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6424d4f142db78c4c986f276dbb6eb8be9886282c0239a8e8d9cda3f00a9ffeb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v16/ Frame E3C5 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0KExcOPIDU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ce74486e1edf5e3a7f3d0235aff5fd17b7fa0c7832648ab170a516bb1b804a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 23 Feb 2022 19:32:04 GMT
x-content-type-options
nosniff
age
171233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11340
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:49 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Feb 2023 19:32:04 GMT
img
pix.eu.criteo.net/img/ Frame E3C5 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=90357&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F90357%2F211115%2F33300702bd0247d48074e3362ef06108_screenshot_2021-11-08_at_12.17.08.png&v=3&w=196&s=cJzrnephzXW9iVv6c44m7p2v
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABkS8Iu8pcAAVzrQ5a-oSaJ1_JgO8ZYg&u=%7C9DNl%2FNZD8EwjI%2FPvYlUzI9T2KYJvsER74BBhRFSCPjQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxmKns7mQVDO43o3WyRS9RBeklJ1OOpQ44wZOWNyASwR77FacyA5dO-6hAJeff7TTFuH77gxU6ZcIHX_RSRnc2Vnvr7_4_7jf2oC6ojf-YuFne3mUFiQm8mhN0Yz7ociZyCg-dFoJ6w9zQOnQIUw8VF_5mS2bjgaQS6oFO6e66Pkl068K005ljAnAi2JKEoNw0sIp_7hIXb105l9NkrUloaOOVbaOiIUOGnP69Uy3ywPfY4Zs04qGBSgpOin617pFwB0rJ-pARt_b3fH0PP_ksNh9T7XbbeUoE1fkJuNmqC0DtELOTWalhiKIAzG8ue5OGUTDDMMBvvSH0rVLVbViEk5x58HQHo3y2dkC5t903AsD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXvjslCgZYq-iBtyU7_UPreeVgAPJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTgAU_QHUPWBuFEnxw0wKviLJAwPumTYp-VLRFnp4_OF_Njgdl98K2D_RmWNB6OUQSxIsxDD-wZpDBHlHLvsE1JJLXB5SJCBN-cd9x0HmZj5YtHJn1AYXTF5od2fk5JMuSOrbsulw4g2nwW3Mq7sSr73Icpc0PE06LJNcAPdrPViUpnXzbBFpJqaaIU3dvWSbXaUr239_PEMQrCWufEtpEiV7-yo7J3k1y0B3xmLjGL-v81w44rfBMjPMjaka_c4t4ycdLDeFHhl3e8fh3R993QOQ4YoHTis9YYew4nToirj-3CgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_08xzuAhvtDMHtRyrU0O4mBIFu4yw%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
fcbc61a1473aea0abbd62eef06b8b7bf34ff9452ea74f6efcfef28a4ac587ff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31078557
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11345
expires
Mon, 20 Feb 2023 12:01:54 GMT
usync.js
eus.rubiconproject.com/ Frame 1B45 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
208aedb9771b0e9279ae44de1b2c16711e0fb18425b88790313b19cc3d8e1dfc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
content-encoding
gzip
last-modified
Thu, 17 Feb 2022 19:52:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=31615
content-type
text/html; charset=UTF-8
content-length
9759
expires
Sat, 26 Feb 2022 03:52:52 GMT
css
fonts.googleapis.com/ Frame F4AE 		2 KB
514 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5fe833c23075cb21c9eef60d0e819155ad9521ffd91998d3ce116b669e946bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Feb 2022 18:21:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 25 Feb 2022 19:05:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Feb 2022 19:05:57 GMT
jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
fonts.gstatic.com/s/ptsans/v16/ Frame E3C5 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6e8aec7ccc3eb5c11b1b26ddb6d10bffafd6c57f9841e8c8d2a7a869ff696d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 23 Feb 2022 19:32:12 GMT
x-content-type-options
nosniff
age
171225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11540
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:54 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Feb 2023 19:32:12 GMT
usync.js
eus.rubiconproject.com/ Frame 4EC5 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
208aedb9771b0e9279ae44de1b2c16711e0fb18425b88790313b19cc3d8e1dfc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
content-encoding
gzip
last-modified
Thu, 17 Feb 2022 19:52:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=31615
content-type
text/html; charset=UTF-8
content-length
9759
expires
Sat, 26 Feb 2022 03:52:52 GMT
getuid
ib.adnxs.com/ Frame 472B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 472B 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 472B
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=cbece377-c25c-4789-a956-26f96151f013&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=cbece377-c25c-4789-a956-26f96151f013&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e333547783388bc-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=cbece377-c25c-4789-a956-26f96151f013&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
date
Fri, 25 Feb 2022 19:05:57 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 472B 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 472B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D820cc4a1-03b6-492e-480d-5ebb6517d89b%26reqId%3D0...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D820cc4a1-03b6-492e-480d-5ebb6517d89b%26reqId%3D0...
  • https://mwzeom.zeotap.com/mw?cid=bbb5af77-8ea4-4fc9-90b8-7526b9721ab5&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=bbb5af77-8ea4-4fc9-90b8-7526b9721ab5&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e333547580288bc-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=bbb5af77-8ea4-4fc9-90b8-7526b9721ab5&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 472B 		0
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-vcl-time-ms
38
date
Fri, 25 Feb 2022 19:05:58 GMT
via
1.1 varnish
server
nginx
x-timer
S1645815958.107744,VS0,VE38
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-icn1450064-ICN
u
dmp.v.fwmrm.net/ad/ Frame 472B 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f606:2bad:1cf:7b7b:1af Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:58 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 472B 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D820cc4a1-03b6-492e-480d-5ebb6517d89b%26reqId%3D01a69fb6-c7bf-446c-5838-202b90b7ba20%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 472B
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=b64d5f46-ffe7-4f40-9c98-7a485e032534&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=b64d5f46-ffe7-4f40-9c98-7a485e032534&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e333547783b88bc-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=b64d5f46-ffe7-4f40-9c98-7a485e032534&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 472B
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=820cc4a1-03b6-492e-480d-5ebb6517d89b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=820cc4a1-03b6-492e-480d-5ebb6517d89b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=63985929241775489452071687403370720383&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=63985929241775489452071687403370720383&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e333547b8a388bc-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v028-09d666913.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
BxKVRedgTnA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=63985929241775489452071687403370720383&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 472B 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 472B
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=820cc4a1-03b6-492e-480d-5ebb6517d89b&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022022520-20670-0.686161001645815958-99825aba5a952277a87ad57c0713f4b2&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022022520-20670-0.686161001645815958-99825aba5a952277a87ad57c0713f4b2&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e333547a88b88bc-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022022520-20670-0.686161001645815958-99825aba5a952277a87ad57c0713f4b2&zdid=533&env=mWeb
Date
Fri, 25 Feb 2022 19:05:58 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 472B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7068725710564620433&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7068725710564620433&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e333547580088bc-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7068725710564620433&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Date
Fri, 25 Feb 2022 19:05:57 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 472B
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=820cc4a1-03b6-492e-480d-5ebb6517d89b
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=820cc4a1-03b6-492e-480d-5ebb6517d89b
95 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=820cc4a1-03b6-492e-480d-5ebb6517d89b
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=820cc4a1-03b6-492e-480d-5ebb6517d89b
date
Fri, 25 Feb 2022 19:05:57 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 472B
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=820cc4a1-03b6-492e-480d-5ebb6517d89b&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=820cc4a1-03b6-492e-480d-5ebb6517d89b&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=akOr4e8nVpretqmN7op3ue&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-44...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=akOr4e8nVpretqmN7op3ue&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e3335486a1788bc-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
via
1.1 google
last-modified
Fri, 25 Feb 2022 19:05:57 GMT
server
nginx/1.18.0
location
https://mwzeom.zeotap.com/mw?webouuid=akOr4e8nVpretqmN7op3ue&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 472B 		36 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=820cc4a1-03b6-492e-480d-5ebb6517d89b&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.104 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame 472B
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=820cc4a1-03b6-492e-480d-5ebb6517d89b?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=820cc4a1-03b6-492e-480d-5ebb6517d89b?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=7531a24999b680d598936a31e2a3ff15&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=7531a24999b680d598936a31e2a3ff15&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:58 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e3335498c2188bc-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=7531a24999b680d598936a31e2a3ff15&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
cache-control
no-cache
x-server
10.45.7.208
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 472B
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-f4bV9dpE2opsRrG.TuC7IvNy3bI.0yRV3w--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-f4bV9dpE2opsRrG.TuC7IvNy3bI.0yRV3w--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e3335492b5c88bc-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

date
Fri, 25 Feb 2022 19:05:57 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-f4bV9dpE2opsRrG.TuC7IvNy3bI.0yRV3w--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 472B
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=YtLEkm4VeI60u%2F0BkJmFD5sNlV6cFP%2Fp%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=YtLEkm4VeI60u%2F0BkJmFD5sNlV6cFP%2Fp%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e3335492b6888bc-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=YtLEkm4VeI60u%2F0BkJmFD5sNlV6cFP%2Fp%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
usermatch.gif
beacon.krxd.net/ Frame 472B 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.30.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-30-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
cache-control
private, no-cache, no-store
x-request-time
D=45 t=1645815957
x-served-by
beacon-n022-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 472B 		95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=820cc4a1-03b6-492e-480d-5ebb6517d89b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.223.79.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
cQZGoH6Q
sync-tm.everesttech.net/upi/pid/ Frame 472B 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D820cc4a1-03b6-492e-480d-5ebb6517d89b%26reqId%3D01a69fb6-c7bf-446c-5838-202b90b7ba20%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
via
1.1 varnish
server
Varnish
x-timer
S1645815958.748791,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4043-HHN
mw
mwzeom.zeotap.com/ Frame 472B
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=0a326219-2895-4400-a64b-e3198aebe87a&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb...
95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=0a326219-2895-4400-a64b-e3198aebe87a&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:58 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e3335497c0188bc-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Fri, 25 Feb 2022 19:05:57 GMT
Server
MT3 4172 645ee8c master zrh-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=0a326219-2895-4400-a64b-e3198aebe87a&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Fri, 25 Feb 2022 19:05:56 GMT
usermatch.gif
beacon.krxd.net/ Frame 472B
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
52.214.30.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-30-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:58 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1645815958
x-served-by
beacon-n020-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
date
Fri, 25 Feb 2022 19:05:58 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a001-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 472B
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=820cc4a1-03b6-492e-480d-5ebb6517d89b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=820cc4a1-03b6-492e-480d-5ebb6517d89b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=820cc4a1-03b6-492e-480d-5ebb6517d89b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:58 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
46W8VGV9Y14TR72HCR84
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:58 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
8A1ZWAR21QKCKB0MMHMX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=820cc4a1-03b6-492e-480d-5ebb6517d89b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 472B 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=820cc4a1-03b6-492e-480d-5ebb6517d89b&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:58 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 472B
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D820...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:58 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6e33354a5d9288bc-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
date
Fri, 25 Feb 2022 19:05:58 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 472B 		557 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f8341b02568f0c21ecb4d8bfaea05b0308bc5ec1867d3d7f265107ae3002c11

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

cf-ray
6e333545bcc288bc-LHR
date
Fri, 25 Feb 2022 19:05:57 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Fri, 25 Feb 2022 19:05:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
widgets-batch.js
w.uptolike.com/widgets/v1/ Frame 3BE8 		453 B
681 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/widgets/v1/widgets-batch.js?params=JTVCJTdCJTIycGlkJTIyJTNBJTIyMTQzNTQ5MyUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3LmJ1aG9ibGlrLm9yZy51YSUyRiUyMiU3RCU1RA==&mode=0&callback=callback__utl_cb_share_1645815959431244
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
40529330c6cdcd0c00f51554bbe60f0efb95e6d861f9e82f5a8e1accaecc7460

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:57 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 28 Jan 2022 08:03:17 GMT
uu
ih.adscale.de/ Frame 1D2D
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1645815959
  • https://ih.adscale.de/uu?cbfn=receive&t=1645815959&nut&uu=b8c55fcbcbf94b47950c293cf7ca6cc2
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1645815959&nut&uu=b8c55fcbcbf94b47950c293cf7ca6cc2
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
3.122.33.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-33-49.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d1cfb6f2358c0dbfe90adc4d94ed03725ce84de91cef3778ce0696c19de9c8a6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1645815959&nut&uu=b8c55fcbcbf94b47950c293cf7ca6cc2
date
Fri, 25 Feb 2022 19:05:57 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame E129 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YhkolIiGO-verl-gglINwQAAApwAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Daca622f3d168ad40%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E129
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YhkolIiGO.verl.gglINwQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGigl7PIg2LFHk9cqdMfYO8&google_cver=1&gdpr=1&google_hm=2
43 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGigl7PIg2LFHk9cqdMfYO8&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Daca622f3d168ad40%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 19:05:57 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGigl7PIg2LFHk9cqdMfYO8&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame E129 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Daca622f3d168ad40%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame E129
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhkolIiGO-verl-gglINwQAAApwAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhkolIiGO-verl-gglINwQAAApwAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhkolIiGO-verl-gglINwQAAApwAAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Daca622f3d168ad40%26uid%3D
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:57 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
2R3BJG9FQEKKVJ5RBX7D
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:57 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MBYJ6WSPSDKSS23WTJTC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YhkolIiGO-verl-gglINwQAAApwAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame E129 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Daca622f3d168ad40%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.234.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-234-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
rum
dsum-sec.casalemedia.com/ Frame E129
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3244929989922712878
43 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3244929989922712878
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Daca622f3d168ad40%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 19:05:57 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3244929989922712878
pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame E129
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=1ff8a76c-f2ab-4621-868b-4fa3c871ad1b
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=1ff8a76c-f2ab-4621-868b-4fa3c871ad1b
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Daca622f3d168ad40%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 19:05:58 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:58 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=1ff8a76c-f2ab-4621-868b-4fa3c871ad1b
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
noop
px.owneriq.net/ Frame E129
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6991023571048765491&uid=Q6991023571048765491&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Daca622f3d168ad40%26uid%3D
Protocol
HTTP/1.1
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:57 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Fri, 25 Feb 2022 19:05:57 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
um
u-ams02.e-planning.net/ Frame E129 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=aca622f3d168ad40&uid=YhkolIiGO.verl.gglINwQAA%26668
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Daca622f3d168ad40%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
server
openresty
content-type
image/gif
imp
w.uptolike.com/widgets/v1/ Frame CE44 		0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.uptolike.com/widgets/v1/imp?pid=1435493&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&vp=18406a76-ab35-4366-95f5-c4154d04862d&ttl=JUQwJTkxJUQxJTgzJUQxJTg1JUQxJTgzJUQxJTg3JUQwJUI1JUQxJTgyJTIwJUQwJUIyJTIwJUQwJUEzJUQwJUJBJUQxJTgwJUQwJUIwJUQwJUI4JUQwJUJEJUQwJUI1JTIwJTNBJTIwJUQwJTkxJUQxJTgzJUQxJTg1JUQwJUIzJUQwJUIwJUQwJUJCJUQxJTgyJUQwJUI1JUQxJTgwJUQxJTgxJUQwJUJBJUQwJUI4JUQwJUI5JTIwJUQwJUI4JTIwJUQwJUJEJUQwJUIwJUQwJUJCJUQwJUJFJUQwJUIzJUQwJUJFJUQwJUIyJUQxJThCJUQwJUI5JTIwJUQxJTgzJUQxJTg3JUQwJUI1JUQxJTgy&rnd=0.7432468426142507
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://w.uptolike.com/widgets/v1/impression.html?5e5f39385e9edc9f82706afd51e24398
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 25 Feb 2022 19:05:57 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
img
pix.eu.criteo.net/img/ Frame F4AE 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=90357&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F90357%2F211115%2F33300702bd0247d48074e3362ef06108_screenshot_2021-11-08_at_12.17.08.png&v=3&w=196&s=cJzrnephzXW9iVv6c44m7p2v
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABcIgIu8o8AALsuEHmYqS0zLKoIjqMJQ&u=%7C9DNl%2FNZD8EzgKpNt%2FEkMa86sTrmg%2BHDwP0UScpM4RpI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxunIYlLJFtWD51zkiyHbjJwfwBN2-jKKLd2_evI08hUbtBu-iNWzNDS2u775Y-F2nod4iC_KLF2CJkP7DqteMOYTDsehzT1oaAln7ohlpSP9evfNHMN9-7LNYCLT2obJUzl0fbtnkWqMVmq_e4WzwaSk0z8HSDf3-nsSHWI3_5aDfru17a91Q-OwmIOf1uvbP9Nidd8C2RSc0dk-wmKzhloX6RaZTYCQ1G8xNNH7zU9Insyo8OJdWp2vcRmYC_Ts-8QGY1NRNVdSvQDIRHxO5LRfco0vYOKJ7MF3sBB_9Z5YOJ5KzVYCkyJtc4pmvT1NcIp-1j93Cqdft0JMvmO9V4PBHYICT8m5ctfWJ4FYP89KWhR3T3g7yUI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgj4vlCgZYojhBbyU7_UPuNmLsAvJntKxXMWMi-CaAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLU2S1G4N2yPqgDAaoE5QFP0GP0rn_Lr55TzpYk1X5WHCiqBumWAYnecN0siCsK3dUlO9BxY9S5FOToeQQqkPW4CA6YbXwZLT57GW0I3dLdIxQ6C8snrwzgnhoaZSMlG3QSUeLlFNNRONc6Z9GWh8yf4wAx43fwvRbexxqJkTqDl_ftJa3_SAl6ooLuHkcTyUlFmLitZv4k5U-5f4FGp0bJGf9B4089uLR5Wy85dzGOLL0iMACk-c3rIrOjrKRolVU1EBI297s-hyafXmoQQKeJ9reio6RhZiZEPzstuKptY6PjVwW36omb7bd1YkKq_5Tqat-tgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0oTWDxHC_ItCcs0ZDNjxFApZMGng%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
fcbc61a1473aea0abbd62eef06b8b7bf34ff9452ea74f6efcfef28a4ac587ff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31078556
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11345
expires
Mon, 20 Feb 2023 12:01:54 GMT
jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v16/ Frame F4AE 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0KExcOPIDU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ce74486e1edf5e3a7f3d0235aff5fd17b7fa0c7832648ab170a516bb1b804a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 23 Feb 2022 19:32:04 GMT
x-content-type-options
nosniff
age
171233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11340
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:49 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Feb 2023 19:32:04 GMT
jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
fonts.gstatic.com/s/ptsans/v16/ Frame F4AE 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6e8aec7ccc3eb5c11b1b26ddb6d10bffafd6c57f9841e8c8d2a7a869ff696d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Wed, 23 Feb 2022 19:32:12 GMT
x-content-type-options
nosniff
age
171225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11540
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:54 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Feb 2023 19:32:12 GMT
match
c1.adform.net/serving/cookie/ Frame 6756
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=195ECDD6-E5E1-467D-A566-3B8FDE51B157
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=195ECDD6-E5E1-467D-A566-3B8FDE51B157
35 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=195ECDD6-E5E1-467D-A566-3B8FDE51B157
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Feb 2022 19:05:57 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Fri, 25 Feb 2022 19:05:57 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=195ECDD6-E5E1-467D-A566-3B8FDE51B157
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
usersync.aspx
dis.criteo.com/dis/ Frame 3E54 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Fri, 25 Feb 2022 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
531418
strict-transport-security
max-age=31536000; preload;
Pug
image2.pubmatic.com/AdServer/ Frame 2F17
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=331010996556342211
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=331010996556342211
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Feb 2022 19:05:56 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug003:0:451
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=331010996556342211
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 8CEA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0a326219-2895-4400-a64b-e3198aebe87a&gdpr=0&gdpr_consent=
42 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0a326219-2895-4400-a64b-e3198aebe87a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Feb 2022 19:05:57 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug025:0:667
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Fri, 25 Feb 2022 19:05:57 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4172 645ee8c master zrh-pixel-x28 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0a326219-2895-4400-a64b-e3198aebe87a&gdpr=0&gdpr_consent=
Expires
Fri, 25 Feb 2022 19:05:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2172
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7068725710564620427
42 B
522 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7068725710564620427
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Feb 2022 19:05:57 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug029:0:404
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Fri, 25 Feb 2022 19:05:57 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7068725710564620427
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 3473 		0
178 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
Varnish
retry-after
0
accept-ranges
bytes
date
Fri, 25 Feb 2022 19:05:57 GMT
via
1.1 varnish
x-served-by
cache-hhn4043-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1645815958.575334,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5C9F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jQowcZxqR0xtety9fhJTbFLHgik
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jQowcZxqR0xtety9fhJTbFLHgik
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Feb 2022 19:05:58 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug005:0:533
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Fri, 25 Feb 2022 19:05:58 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jQowcZxqR0xtety9fhJTbFLHgik
Content-Length
159
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame C451
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
108 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Feb 2022 19:05:57 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug024:2:358
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Fri, 25 Feb 2022 19:05:57 GMT
server
_
adx
match.prod.bidr.io/cookie-sync/ Frame A29F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGYUNrN0VNbEVBQUFJWm9wYzl0UQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.253.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-253-251.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Fri, 25 Feb 2022 19:05:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Fri, 25 Feb 2022 19:05:57 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pub
matching.truffle.bid/sync/ Frame A8FC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.120.47.161.5.clients.your-server.de
Software
nginx/1.21.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx/1.21.4
Date
Fri, 25 Feb 2022 19:05:57 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=15768000
bridge
cm.adgrx.com/ Frame 1D35 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Fri, 25 Feb 2022 19:05:57 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-9
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame 9931
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e3335482e4171a5-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Fri, 25 Feb 2022 19:05:57 GMT
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
9
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e333546dc0e71a5-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cookiesync
core.iprom.net/ Frame 4E21 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Vary
Accept-Encoding
X-adserver-worker
erebus-e4c7b390144b@version_1.375
Connection
close
X-server-arch
v2
Content-Type
image/gif
Content-Length
43
X-core-time
1ms
Date
Fri, 25 Feb 2022 19:05:57 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1957
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1645815957600
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3512712254
  • https://sync.1rx.io/usersync/tradedesk/b4601307-57d2-4990-b1d9-9b5e4e0f1f26
  • https://sync.targeting.unrulymedia.com/csync/RX-ac6aae25-0e72-45b3-a444-c79b10316345-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ac6aae25-0e72-45b3-a444-c79b10316345-003
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ac6aae25-0e72-45b3-a444-c79b10316345-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Feb 2022 19:05:58 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug009:0:480
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Fri, 25 Feb 2022 19:05:58 GMT
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ac6aae25-0e72-45b3-a444-c79b10316345-003
etag
RXac6aae250e7245b3a444c79b10316345003
dpe
ad4m.at/ad/ Frame 103E 		15 B
891 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
content-type
text/plain; charset=utf-8
content-length
15
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
max-age=43200, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
age
278871
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6e3335475b9d892a-LHR
Pug
image2.pubmatic.com/AdServer/ Frame 286A
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=VkPvWFM6cK6IXAEDZNLvYYg5
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=VkPvWFM6cK6IXAEDZNLvYYg5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Feb 2022 19:05:57 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug002:0:314
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Fri, 25 Feb 2022 19:05:57 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=VkPvWFM6cK6IXAEDZNLvYYg5
strict-transport-security
max-age=0; includeSubDomains;
csync
sync.adtelligent.com/ Frame B144 		0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=195ECDD6-E5E1-467D-A566-3B8FDE51B157
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
VertaMedia 1.0
Date
Fri, 25 Feb 2022 19:05:58 GMT
Content-Length
0
Etag
dcbd082880b8dba4
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FCED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GV7N1uXhRn2lZjuP3lGxVw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=76301
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Sat, 26 Feb 2022 16:17:38 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame FCED
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a8c76219-2895-4400-8537-827dfd3887db
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a8c76219-2895-4400-8537-827dfd3887db
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 25 Feb 2022 19:05:57 GMT
Server
MT3 4172 645ee8c master zrh-pixel-x30 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a8c76219-2895-4400-8537-827dfd3887db
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 25 Feb 2022 19:05:56 GMT
/
spl.zeotap.com/ Frame FCED
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=195ECDD6-E5E1-467D-A566-3B8FDE51B157
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=7531a24999b680d598936a31e2a3ff15
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=b4601307-57d2-4990-b1d9-9b5e4e0f1f26&icm
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=8337d36e4c24a2b6c1c295a5c8c6319f
  • https://spl.zeotap.com/?zdid=1332&zcluid=cb4342c2ddfde958
95 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=cb4342c2ddfde958
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:58 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6e33354d9c7b88bc-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=cb4342c2ddfde958
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame FCED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTk1RUNERDYtRTVFMS00NjdELUE1NjYtM0I4RkRFNTFCMTU3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
cache-control
no-store, no-cache, private
x-lat
amspug017:0:355
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FCED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEzhFAxfGR-1eoiUpIeokEM&google_cver=1
42 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEzhFAxfGR-1eoiUpIeokEM&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:55 GMT
cache-control
no-store, no-cache, private
x-lat
amspug020:0:333
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEzhFAxfGR-1eoiUpIeokEM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame FCED 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 24 Feb 2022 19:05:57 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FCED
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7765723041879162743
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7765723041879162743
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug028:0:742
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7765723041879162743
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame FCED
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b4601307-57d2-4990-b1d9-9b5e4e0f1f26
42 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b4601307-57d2-4990-b1d9-9b5e4e0f1f26
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:457
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b4601307-57d2-4990-b1d9-9b5e4e0f1f26
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame FCED
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1177295049587875137&gdpr=0&gdpr_consent=
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1177295049587875137&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:376
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:57 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
16a7638f-5ad3-4458-9cbf-5461eb0e3acc
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1177295049587875137&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FCED
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HOUsihjvJIYH7inSSLIwhE7hfoQH7i2FGLUQBQ-n
42 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HOUsihjvJIYH7inSSLIwhE7hfoQH7i2FGLUQBQ-n
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 14:41:57 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0023:0:308
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HOUsihjvJIYH7inSSLIwhE7hfoQH7i2FGLUQBQ-n
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
195ECDD6-E5E1-467D-A566-3B8FDE51B157
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame FCED 		43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/195ECDD6-E5E1-467D-A566-3B8FDE51B157?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:550:4075:c055:f9b4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame FCED
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=195ECDD6-E5E1-467D-A566-3B8FDE51B157&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=195ECDD6-E5E1-467D-A566-3B8FDE51B157&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AT.iw6lE2uXeT4HiAiFKWpFAqyfM3OQ-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AT.iw6lE2uXeT4HiAiFKWpFAqyfM3OQ-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AT.iw6lE2uXeT4HiAiFKWpFAqyfM3OQ-~A&gdpr=0&gdpr_consent=
date
Fri, 25 Feb 2022 19:05:57 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame FCED
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c64d842a-61a4-4f60-94d2-59680be6a474
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk875ab135-ed62-46ca-823a-f6263e5401d6&expires=7&user_group=5&ssp=pubmatic&bsw_param=c64d842a-61a4-4f60-94d2-59680be6a474
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c64d842a-61a4-4f60-94d2-59680be6a474&gdpr=&gdpr_consent=&gdpr_pd=
1 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c64d842a-61a4-4f60-94d2-59680be6a474&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:58 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug029:0:452
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c64d842a-61a4-4f60-94d2-59680be6a474&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 25 Feb 2022 19:05:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame FCED
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2884923494709783854&gdpr=0&gdpr_consent=&us_privacy=
1 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2884923494709783854&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:868
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2884923494709783854&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame FCED
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:ade80291-506b-48f2-b3f9-431276e0e4ee&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:ade80291-506b-48f2-b3f9-431276e0e4ee&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug030:0:482
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:ade80291-506b-48f2-b3f9-431276e0e4ee&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 25 Feb 2022 19:05:57 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
current
pubmatic-match.dotomi.com/match/bounce/ Frame FCED 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=195ECDD6-E5E1-467D-A566-3B8FDE51B157&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame FCED
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348&gdpr=0&gdpr_consent=
42 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:56 GMT
cache-control
no-store, no-cache, private
x-lat
amspug011:0:408
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FCED
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1177295049587875137
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1177295049587875137
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:58 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug029:0:486
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:58 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
389f8177-5831-4869-96ff-cc87d2457853
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1177295049587875137
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame 1B45 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame 4EC5 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
cmp
spl.zeotap.com/ Frame 472B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e3335464de988bc-LHR
extra.js
w.uptolike.com/widgets/v1/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/widgets/v1/extra.js?rnd=0.23313659975903644
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=5e5f39385e9edc9f82706afd51e24398
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e6972fe2e229ab6115456a139aa95cd8ba67c16ff866efcc1bd6e0cce6407c91

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:57 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
*
Cache-Control
no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Expires
Fri, 28 Jan 2022 08:03:17 GMT
watch.js
mc.yandex.ru/metrika/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=5e5f39385e9edc9f82706afd51e24398
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
c1922061e01300c6b8d0e9a9dbc638c2eb7b2f5cf9e7690791bf7be4dd8733d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
content-encoding
br
last-modified
Fri, 18 Feb 2022 11:36:57 GMT
etag
"620f5aa9-c3d1"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
50129
expires
Fri, 25 Feb 2022 20:05:57 GMT
cc.js
tags.crwdcntrl.net/c/15238/ Frame 2BEA 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-111.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 01:25:09 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
63650
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
dHqK-e32--jf-107bhDPSH1CoAmJi_Jauk9Y8s62PEwE1WxojKE9Wg==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 26A3 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amersfoort, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Fri, 25 Feb 2022 19:05:57 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Wed, 24 Feb 2027 19:05:57 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
csync
sync.adtelligent.com/ Frame 4173 		0
387 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AF57iPnwDoRVzUsH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
VertaMedia 1.0
Date
Fri, 25 Feb 2022 19:05:58 GMT
Content-Length
0
Etag
b54df8518b8b7123
GS.d
js.cookieless-data.com/ Frame 26A3 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1645815959699
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.83.160.162 , France, ASN12876 (Online SAS, FR),
Reverse DNS
212-83-160-162.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:57 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
userconnect.js
js.adscale.de/ Frame 1D2D 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7800:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-amz-version-id
E3f4fnDzYQuR6tv4jJsHHlW.gMOxmlV_
content-encoding
br
last-modified
Wed, 23 Feb 2022 09:32:21 GMT
server
AmazonS3
age
5614
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b4.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Fri, 25 Feb 2022 17:32:24 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
TKI6fHF-Pm_GLYhfXgNyXfEDSasQT41C-NImmK2GZ569CLWraWHnUg==
csync
sync.console.adtarget.com.tr/ Frame 1D2D 		0
0
/
jaclick.ru/plus1/ 		0
319 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jaclick.ru/plus1/
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.23313659975903644
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.109.14.161 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
belesta1007.ru
Software
nginx/1.13.12 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:57 GMT
Last-Modified
Friday, 25-Feb-2022 19:05:57 GMT
Server
nginx/1.13.12
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
/
grsync.ru/cdn/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grsync.ru/cdn/
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.23313659975903644
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.63.105.49 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
belesta1010.ru
Software
nginx/1.13.12 /
Resource Hash
37024e91b4aeb0afb865f6fc5fd3fb99d0738ac8afc05c5b3fb15503b72bb642
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:57 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Friday, 25-Feb-2022 19:05:57 GMT
Server
nginx/1.13.12
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
smart.js
static.tnsis.ru/c82up/ 		172 B
499 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tnsis.ru/c82up/smart.js
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.23313659975903644
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.66.109.217.95.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
33f9b37b3d213f4a58930a3fa37c70bf2aa96478c2a82862d7bbe25e1452f11f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
mode
no-cors
server
nginx/1.20.1
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
collect_stat.js
af.click.ru/ 		621 B
865 B 		Script
General
Check archive.org
Download Go to
Full URL
https://af.click.ru/collect_stat.js
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.23313659975903644
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.197.112.80 Moscow, Russian Federation, ASN20655 (E-STYLEISP-AS, RU),
Reverse DNS
seopult.ru
Software
nginx /
Resource Hash
35c77074524fa5705ce81fb0cea86d0ec3af63e64d8219d9722e8b947d09323f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:57 GMT
Last-Modified
Mon, 17 Jan 2022 12:43:51 GMT
Server
nginx
ETag
"61e56487-26d"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
621
sync.php
pixel.rubiconproject.com/exchange/ Frame 1B45 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 4EC5 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif
userconnect
ih.adscale.de/ Frame 1D2D 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1645815959815&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.33.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-33-49.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
content-length
149
content-type
application/javascript
activeview
pagead2.googlesyndication.com/pcs/ Frame 8F67 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfGKOLM3lDjFihZp9StiwUWUDyBRQiLwto2bYDohaYklijIlFY_74X1K6LQq5VbZFpMAFGe8oIp5WRM8ffmBPW&sig=Cg0ArKJSzPqTESieptxJEAE&id=lidar2&mcvt=1000&p=0,0,280,730&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220223&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3078983205&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645815958034&rpt=780&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
map
ih.adscale.de/ Frame 0B60 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.33.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-33-49.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b248eb55fe8b7dcbc9b631a7eb4fbd1bb7ccfcdf0892f5ac230ce5ffd53ed92e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://js.adscale.de/

Response headers

date
Fri, 25 Feb 2022 19:05:57 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2604
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9560.XKb3nfBXlru0q-Nrsukpc2KnsJVR-6K2mvagUCLkkIh_k9yjgu4CcCAFCZlqQq90.C5AnohmGQWz-QUPCQoxny4g_Vqw%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9560.NKnCRd8eIwWSLaaIJ3FOc2PxtTrOEcKM373tmgHdf0Zh6XuNRAW3fLOWA4yo_qC6bp7kMTx3thTvxBBSnYozjw%2C%2C.Q5-BIAhbHRoH8bMT6GV-E5Akh8E%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9560.NKnCRd8eIwWSLaaIJ3FOc2PxtTrOEcKM373tmgHdf0Zh6XuNRAW3fLOWA4yo_qC6bp7kMTx3thTvxBBSnYozjw%2C%2C.Q5-BIAhbHRoH8bMT6GV-E5Akh8E%2C
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:58 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9560.NKnCRd8eIwWSLaaIJ3FOc2PxtTrOEcKM373tmgHdf0Zh6XuNRAW3fLOWA4yo_qC6bp7kMTx3thTvxBBSnYozjw%2C%2C.Q5-BIAhbHRoH8bMT6GV-E5Akh8E%2C
date
Fri, 25 Feb 2022 19:05:58 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
match.js
js.adscale.de/ Frame 0B60 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7800:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2457f1105373752b385b0c0263ce46b21d60c9aa05ecbf30c150543d6c23ebb5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-amz-version-id
wFCIaxqzFhzmkgPh8kSpcYtCILV.SPPV
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 09:32:21 GMT
server
AmazonS3
age
5614
etag
W/"c5b02d77a0a14517ae6436b36ad52878"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b4.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Fri, 25 Feb 2022 17:32:30 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
tgHxSCU5Qf9bMV2zGM_sOpaLXOXA3b2MYTAFjs2OwPpVxsWPfgYixg==
advert.gif
mc.yandex.com/metrika/ 		43 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:58 GMT
last-modified
Fri, 18 Feb 2022 11:36:57 GMT
etag
"620f5aa9-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 25 Feb 2022 20:05:58 GMT
all
csm.eu.criteo.net/ Frame E3C5 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=YUyyncNjIKp-27jdJ90YJwsuWIJ7TE8SFKDOOYggrTv_DDc4ex3lqBLcCbZf8J4LWaZx65Z49gBvOdcMU_ekF2i8UXwBAB8h5H_xKdwHCx934VCmFr-mP3o5r-L6lRz__O7f3ciyvWCu5ulW4eilmWg8o8Ny43ec_mymEa7EpEXGMaFjjT7C9UisesplXXyMaYLNeotvEnl7h3iXSuXskpxSLwkmA3tBvZbQOEGvfjlT_kteTjeTnNMo5dt-EdnLiihxYg&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABkS8Iu8pcAAVzrQ5a-oSaJ1_JgO8ZYg&u=%7C9DNl%2FNZD8EwjI%2FPvYlUzI9T2KYJvsER74BBhRFSCPjQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxmKns7mQVDO43o3WyRS9RBeklJ1OOpQ44wZOWNyASwR77FacyA5dO-6hAJeff7TTFuH77gxU6ZcIHX_RSRnc2Vnvr7_4_7jf2oC6ojf-YuFne3mUFiQm8mhN0Yz7ociZyCg-dFoJ6w9zQOnQIUw8VF_5mS2bjgaQS6oFO6e66Pkl068K005ljAnAi2JKEoNw0sIp_7hIXb105l9NkrUloaOOVbaOiIUOGnP69Uy3ywPfY4Zs04qGBSgpOin617pFwB0rJ-pARt_b3fH0PP_ksNh9T7XbbeUoE1fkJuNmqC0DtELOTWalhiKIAzG8ue5OGUTDDMMBvvSH0rVLVbViEk5x58HQHo3y2dkC5t903AsD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXvjslCgZYq-iBtyU7_UPreeVgAPJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTYzMDk1Njc2NjIxNjQ2NaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTgAU_QHUPWBuFEnxw0wKviLJAwPumTYp-VLRFnp4_OF_Njgdl98K2D_RmWNB6OUQSxIsxDD-wZpDBHlHLvsE1JJLXB5SJCBN-cd9x0HmZj5YtHJn1AYXTF5od2fk5JMuSOrbsulw4g2nwW3Mq7sSr73Icpc0PE06LJNcAPdrPViUpnXzbBFpJqaaIU3dvWSbXaUr239_PEMQrCWufEtpEiV7-yo7J3k1y0B3xmLjGL-v81w44rfBMjPMjaka_c4t4ycdLDeFHhl3e8fh3R993QOQ4YoHTis9YYew4nToirj-3CgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_08xzuAhvtDMHtRyrU0O4mBIFu4yw%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 25 Feb 2022 19:05:57 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
HLR3.js
umagnet.ru/cli/cdn/ 		113 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://umagnet.ru/cli/cdn/HLR3.js
Requested by
Host: static.tnsis.ru
URL: https://static.tnsis.ru/c82up/smart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.66.109.217.95.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
d55d7104a0d0ff35d25e1a137a9aab4df566ceb08866807e019434ac45bcc704

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:58 GMT
mode
no-cors
last-modified
Tue, 04 Jan 2022 20:05:26 GMT
server
nginx/1.20.1
etag
"61d4a886-1c309"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
115465
img
ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/ Frame 0B60
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=b8c55fcbcbf94b47950c293cf7ca6cc2&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F54a7e0f069f643a59085bd43af163c59%2F1645815957868%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/img?tpid=101&tpuid=BBID-01-03205299582133562-16535160
49 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/img?tpid=101&tpuid=BBID-01-03205299582133562-16535160
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.122.33.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-33-49.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:58 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Fri, 25 Feb 2022 19:05:58 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/img?tpid=101&tpuid=BBID-01-03205299582133562-16535160
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
/
m.aliexpress.com/ Frame 7BC9
Redirect Chain
  • https://s.click.aliexpress.com/e/_9i9ptp
  • https://sale.aliexpress.com/September_fashion_new_lianmeng.htm?aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=...
  • https://www.aliexpress.com/?aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974...
  • https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9p...
22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db
Requested by
Host: grsync.ru
URL: https://grsync.ru/cdn/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Tengine/Aserver /
Resource Hash
e2cd8a1e5b85cfa69fc04b46ffbf11536afad6e6080e9bf008a0f557cda23c88
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

content-type
text/html;charset=UTF-8
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
x-application-context
ae-msite:prod,us:7001
analyticdomain
ae.mmstat.com
pageid
48b89ad4-7e8d-417a-a149-808a51f8fd44
privacystatus
2
resin-trace
ali_resin_trace=cv=1|aeu_cid=1993170147e24dad9ae3f0bf97b0a66a-1645814856096-08306-_9i9ptp|tp1=|ws_ab_test=|af=|cpt=|aep_usuc_f=site=glo&c_tp=BGN&x_alimid=3277483466&ups_d=1|1|1|1&re_sns=google&isb=y&ups_u_t=1655237276526&region=BG&b_locale=en_US&ae_u_p_s=2
ali_apache_track
mt=1|ms=|mid=bg1690792886intae
content-security-policy
upgrade-insecure-requests
content-language
en-US
content-encoding
gzip
server
Tengine/Aserver
eagleeye-traceid
0b0a556616458148569574350e2563
strict-transport-security
max-age=31536000
timing-allow-origin
*
content-length
6772
date
Fri, 25 Feb 2022 19:05:59 GMT

Redirect headers

content-type
text/html
content-length
258
location
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db
access-control-allow-origin
https://hz.aliexpress.com
server
Tengine/Aserver
eagleeye-traceid
2100bde116458159590571168e77a7
strict-transport-security
max-age=31536000
timing-allow-origin
*
date
Fri, 25 Feb 2022 19:05:59 GMT
link
<https://assets.alicdn.com>;rel="preconnect",<https://ae01.alicdn.com>;rel="preconnect"
server-timing
edge; dur=3 origin; dur=11 cdn-cache; desc=MISS
x-akamai-fwd-auth-sha
91BE3263F78AB766C3CC737B255493B37BD3F4782A3268BE186FE0CE07AEAF6F
x-akamai-fwd-auth-data
1781394201, 2.16.187.13, 1645815959, 82.199.130.41
x-akamai-fwd-auth-sign
SfyB+KZPKNS4SKV5j4/aMda0npvLowflgZLAlEiboRbtB50q/N0szfz3q/Tf1uryU2li0VDlhq2R8t8IXa9QNwxV/0nQVB5L1B1iW1YNphQ=
1
mc.yandex.com/watch/23414332/
Redirect Chain
  • https://mc.yandex.com/watch/23414332?wmode=7&page-url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afp%3A1969%3Afu%3A0%3Aen%3Autf-8%...
  • https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afp%3A1969%3Afu%3A0%3Aen%3Autf-...
338 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afp%3A1969%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1616343038617%3Ahid%3A437930172%3Az%3A0%3Ai%3A20220225190559%3Aet%3A1645815960%3Ac%3A1%3Arn%3A844682669%3Arqn%3A1%3Au%3A1645815960640694045%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1645815955359%3Ads%3A0%2C0%2C485%2C1%2C1104%2C0%2C%2C1020%2C3%2C%2C%2C%2C2630%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1645815960%3At%3A%D0%91%D1%83%D1%85%D1%83%D1%87%D0%B5%D1%82%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%3A%20%D0%91%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D1%83%D1%87%D0%B5%D1%82&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
efccc83a6ec67c6407f4b2d9664b3033562cc7294b371cd89b5b6541080e4236
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:58 GMT
x-content-type-options
nosniff
last-modified
Fri, 25-Feb-2022 19:05:58 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.buhoblik.org.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
338
x-xss-protection
1; mode=block
expires
Fri, 25-Feb-2022 19:05:58 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:58 GMT
last-modified
Fri, 25-Feb-2022 19:05:58 GMT
location
/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afp%3A1969%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1616343038617%3Ahid%3A437930172%3Az%3A0%3Ai%3A20220225190559%3Aet%3A1645815960%3Ac%3A1%3Arn%3A844682669%3Arqn%3A1%3Au%3A1645815960640694045%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1645815955359%3Ads%3A0%2C0%2C485%2C1%2C1104%2C0%2C%2C1020%2C3%2C%2C%2C%2C2630%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1645815960%3At%3A%D0%91%D1%83%D1%85%D1%83%D1%87%D0%B5%D1%82%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%3A%20%D0%91%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D1%83%D1%87%D0%B5%D1%82&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.buhoblik.org.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 25-Feb-2022 19:05:58 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 0B60
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=4768bb1e1879df0e855a46f5d...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YhkolIiGO.verl.gglINwQAA%26668
49 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YhkolIiGO.verl.gglINwQAA%26668
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.122.33.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-33-49.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:58 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YhkolIiGO.verl.gglINwQAA%26668
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
309
Expires
Fri, 25 Feb 2022 19:05:58 GMT
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=dab6be62-b1e7-4d05-a12c-0a70b3291504
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 25 Feb 2022 19:05:58 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
img
ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/ Frame 0B60
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=11f0bff24ae5c1f1d63cc47b8e15139d3ef582d6c25c6531076c07b2fe9a07df&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F54a7e0f069f643a59085bd...
  • https://ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/img?tpid=42&gdpr=0&tpuid=7765723041879162743
49 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/img?tpid=42&gdpr=0&tpuid=7765723041879162743
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.122.33.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-33-49.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:58 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:58 GMT
server
nginx
location
https://ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/img?tpid=42&gdpr=0&tpuid=7765723041879162743
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
support.html
w.uptolike.com/widgets/v1/zp/ Frame D201 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/widgets/v1/zp/support.html
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=5e5f39385e9edc9f82706afd51e24398
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

Server
nginx
Date
Fri, 25 Feb 2022 19:05:58 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
max-age=1800
Expires
Fri, 25 Feb 2022 19:35:58 GMT
Content-Encoding
gzip
share.php
vk.com/ Frame 3BE8 		21 B
479 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/share.php?act=count&format=json&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&callback=callback__utl_cb_share_164581596061357
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-190-240-87.vk.com
Software
kittenx / KPHP/7.4.110253
Resource Hash
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://w.uptolike.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:58 GMT
content-encoding
gzip
x-frontend
front226205
server
kittenx
x-powered-by
KPHP/7.4.110253
strict-transport-security
max-age=15768000
content-type
text/html; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
no-store
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
41
share.php
vk.com/ Frame 3BE8 		21 B
478 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/share.php?act=count&format=json&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F%3F_utl_t%3Dvk&callback=callback__utl_cb_share_1645815960614572
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-190-240-87.vk.com
Software
kittenx / KPHP/7.4.110253
Resource Hash
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://w.uptolike.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:58 GMT
content-encoding
gzip
x-frontend
front226205
server
kittenx
x-powered-by
KPHP/7.4.110253
strict-transport-security
max-age=15768000
content-type
text/html; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
no-store
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
41
count.json
api.pinterest.com/v1/urls/ Frame 3BE8 		89 B
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pinterest.com/v1/urls/count.json?&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F&callback=callback__utl_cb_share_1645815960614125
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
54d45bafead32e120467c516a40cad41128ad63b258bac104bebdad2eeade16c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://w.uptolike.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:58 GMT
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.ce247e68.1645815958.1959e3c6
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-pinterest-rid
1379324103061780
content-length
89
expires
Fri, 25 Feb 2022 19:20:58 GMT
count.json
api.pinterest.com/v1/urls/ Frame 3BE8 		99 B
393 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pinterest.com/v1/urls/count.json?&url=https%3A%2F%2Fwww.buhoblik.org.ua%2F%3F_utl_t%3Dps&callback=callback__utl_cb_share_1645815960614230
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e48afda541635daaa863c2409860c358bfe2b7e5c54423d42dd32ebbbc851007
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://w.uptolike.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:58 GMT
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.ce247e68.1645815958.1959e3d4
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
x-pinterest-rid
1408938413105376
content-length
99
expires
Fri, 25 Feb 2022 19:20:58 GMT
share_count
connect.mail.ru/ Frame 3BE8 		86 B
673 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.mail.ru/share_count?func=mrc__shareInit926&url_list=https%3A%2F%2Fwww.buhoblik.org.ua%2F&callback=callback__utl_cb_share_1645815960615844
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.100.180.54 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
connect.mail.ru
Software
nginx /
Resource Hash
066e76a48db7e999de6582661a437987bd8371bbed98db566966ea7008b0b2a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://w.uptolike.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:58 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-WebKit-CSP-Report-Only
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-Frame-Options
DENY
P3P
policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control
no-cache, no-store, must-revalidate, private
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Content-Length
86
X-XSS-Protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
share_count
connect.mail.ru/ Frame 3BE8 		96 B
683 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.mail.ru/share_count?func=mrc__shareInit222&url_list=https%3A%2F%2Fwww.buhoblik.org.ua%2F%3F_utl_t%3Dmr&callback=callback__utl_cb_share_1645815960615535
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.100.180.54 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
connect.mail.ru
Software
nginx /
Resource Hash
202e913beddc16fe6e985984da2d8f17ecd17b3da0fef608d2f0299734466cc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://w.uptolike.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:58 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-WebKit-CSP-Report-Only
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-Frame-Options
DENY
P3P
policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control
no-cache, no-store, must-revalidate, private
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Content-Length
96
X-XSS-Protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 0B60
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=61dc3367-e9ed-4c7a-8a9b-3493bdffd6da&gdpr=0
49 B
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=61dc3367-e9ed-4c7a-8a9b-3493bdffd6da&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.122.33.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-33-49.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:58 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:58 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=61dc3367-e9ed-4c7a-8a9b-3493bdffd6da&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1500098
content-length
0
expires
Fri, 25 Feb 2022 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 0B60
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=d4c26fd599b3ec6eb799bed7...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=0a326219-2895-4400-a64b-e3198aebe87a&gdpr=0&gdpr_consent=
49 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=0a326219-2895-4400-a64b-e3198aebe87a&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.122.33.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-33-49.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:58 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Fri, 25 Feb 2022 19:05:58 GMT
Server
MT3 4172 645ee8c master zrh-pixel-x9 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=0a326219-2895-4400-a64b-e3198aebe87a&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 25 Feb 2022 19:05:57 GMT
img
ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/ Frame 0B60
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=dde1196e49706afe57c7c19be8a9db16fd904d685f8e387c64873f8aa6333b17&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F54a...
  • https://ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/img?uid=dde1196e49706afe57c7c19be8a9db16fd904d685f8e387c64873f8aa6333b17&tpid=38&gdpr=0&tpuid=CAESEOi0VdWb1B9_Hmb3sURBHsk...
49 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/img?uid=dde1196e49706afe57c7c19be8a9db16fd904d685f8e387c64873f8aa6333b17&tpid=38&gdpr=0&tpuid=CAESEOi0VdWb1B9_Hmb3sURBHsk&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.122.33.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-33-49.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:59 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/img?uid=dde1196e49706afe57c7c19be8a9db16fd904d685f8e387c64873f8aa6333b17&tpid=38&gdpr=0&tpuid=CAESEOi0VdWb1B9_Hmb3sURBHsk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/ Frame 0B60
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F54a7e0f069f643a59085bd43af163c59%2F1645815957868%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/img?tpid=75&tpuid=1177295049587875137&gdpr=0
49 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/img?tpid=75&tpuid=1177295049587875137&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.122.33.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-33-49.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:59 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 19:05:59 GMT
X-Proxy-Origin
82.199.130.41; 82.199.130.41; 878.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
18226e30-4d0a-4a78-89d2-282ad6b3bb3e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/img?tpid=75&tpuid=1177295049587875137&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
all
csm.eu.criteo.net/ Frame F4AE 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=DMPUecNjIKp-27jdVJHZXF-Xngkr7f5mTBpqjTf-083RKmQw5g49H3FNPRWGlp_lQqAONI8kIU3jAixUwDElLKzXUGWhHqGdjGzyWQqaY2h3rb19VFH-WNSvfy084gHMr0jflWpYDzBN3whqlG-HyD2xmdDZ8EJpSHkg54tCiDeqkgQCbLK895NiZQAFBGTqahMed7CEhmpVafWc73FstIiIs_PBmc7BisaJNo-rrOUzgaG-msaFTzJw1STJQTOOkBf57g&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkolAABcIgIu8o8AALsuEHmYqS0zLKoIjqMJQ&u=%7C9DNl%2FNZD8EzgKpNt%2FEkMa86sTrmg%2BHDwP0UScpM4RpI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUv0otyj6EC6jJZaDwW6Tu9SFS3WWEvTKxunIYlLJFtWD51zkiyHbjJwfwBN2-jKKLd2_evI08hUbtBu-iNWzNDS2u775Y-F2nod4iC_KLF2CJkP7DqteMOYTDsehzT1oaAln7ohlpSP9evfNHMN9-7LNYCLT2obJUzl0fbtnkWqMVmq_e4WzwaSk0z8HSDf3-nsSHWI3_5aDfru17a91Q-OwmIOf1uvbP9Nidd8C2RSc0dk-wmKzhloX6RaZTYCQ1G8xNNH7zU9Insyo8OJdWp2vcRmYC_Ts-8QGY1NRNVdSvQDIRHxO5LRfco0vYOKJ7MF3sBB_9Z5YOJ5KzVYCkyJtc4pmvT1NcIp-1j93Cqdft0JMvmO9V4PBHYICT8m5ctfWJ4FYP89KWhR3T3g7yUI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgj4vlCgZYojhBbyU7_UPuNmLsAvJntKxXMWMi-CaAcCNtwEQASAAYJUCggEXY2EtcHViLTU2MzA5NTY3NjYyMTY0NjWgAdW20uoDyAEJqQLU2S1G4N2yPqgDAaoE5QFP0GP0rn_Lr55TzpYk1X5WHCiqBumWAYnecN0siCsK3dUlO9BxY9S5FOToeQQqkPW4CA6YbXwZLT57GW0I3dLdIxQ6C8snrwzgnhoaZSMlG3QSUeLlFNNRONc6Z9GWh8yf4wAx43fwvRbexxqJkTqDl_ftJa3_SAl6ooLuHkcTyUlFmLitZv4k5U-5f4FGp0bJGf9B4089uLR5Wy85dzGOLL0iMACk-c3rIrOjrKRolVU1EBI297s-hyafXmoQQKeJ9reio6RhZiZEPzstuKptY6PjVwW36omb7bd1YkKq_5Tqat-tgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0oTWDxHC_ItCcs0ZDNjxFApZMGng%26client%3Dca-pub-5630956766216465%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 25 Feb 2022 19:05:58 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
js
ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/ Frame 0B60
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=9abbb865bd2d58a1c4ef167d2f1e471207d8e0b172dd4bae98991f969d2a9ba3&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F54a7e0f069f643...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=9abbb865bd2d58a1c4ef167d2f1e471207d8e0b172dd4bae98991f969d2a9ba3&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F54a7e0f069f643...
  • https://ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/js?tpid=48&tpuid=eeca0c4d67a4d454e0f30b434e540a60
44 B
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/js?tpid=48&tpuid=eeca0c4d67a4d454e0f30b434e540a60
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
3.122.33.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-33-49.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8cd650efeae1f95b7655b227ec7cdf9379cc46c40189aaa08163d2ced84dc5cc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:59 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Fri, 25 Feb 2022 19:05:59 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/54a7e0f069f643a59085bd43af163c59/1645815957868/0/js?tpid=48&tpuid=eeca0c4d67a4d454e0f30b434e540a60
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
index.js
assets.alicdn.com/g/ae-fe/global/0.0.3/ Frame 7BC9 		154 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/global/0.0.3/index.js
Requested by
Host: m.aliexpress.com
URL: https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
1e589330bfeb3738300c3c79d0bd373cd6f17cd8904927c7b99a06de2d1e647e

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:59 GMT
content-encoding
br
x-oss-request-id
62019D9EA021C5353183C036
content-md5
prkhmRt0YCJQUoclmKII8Q==
x-swift-cachetime
44
x-oss-hash-crc64ecma
16903611061583817401
x-swift-savetime
Mon, 07 Feb 2022 23:30:10 GMT
content-length
43798
x-oss-object-type
Normal
last-modified
Fri, 25 Feb 2022 10:44:55 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1644273054
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1049115, s-maxage=3600
served-from
96.17.149.77
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_SEATTLE_35994, GB_LONDON_201011
eagleid
0830559c16442766104368577e
x-oss-server-time
8
expires
Wed, 09 Mar 2022 22:31:14 GMT
index.css
assets.alicdn.com/g/ae-fe/home-msite/0.0.75/ Frame 7BC9 		48 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/home-msite/0.0.75/index.css
Requested by
Host: m.aliexpress.com
URL: https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
dfb51a77a70ed38db9330f3c37cbb927f065a9a19b2ccd0edccc98dc6fd734ae

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:59 GMT
content-encoding
br
x-oss-request-id
6214F5F4DE9FFC32370AFB4E
content-md5
jE8dtvb5QedsOcOhiHdsHA==
x-swift-cachetime
86400
x-oss-hash-crc64ecma
4023521864408267460
x-swift-savetime
Tue, 22 Feb 2022 14:40:52 GMT
content-length
8419
x-oss-object-type
Normal
last-modified
Tue, 22 Feb 2022 14:40:53 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645540852
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2316936, s-maxage=86400
served-from
23.76.156.108
x-oss-storage-class
Standard
timing-allow-origin
*
network_info
US_SANJOSE_35994, GB_LONDON_201011
eagleid
a3b5109e16455408522298472e
x-oss-server-time
34
expires
Thu, 24 Mar 2022 14:41:35 GMT
index.js
assets.alicdn.com/g/ae-fe/home-msite/0.0.75/ Frame 7BC9 		213 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/home-msite/0.0.75/index.js
Requested by
Host: m.aliexpress.com
URL: https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
7bb3346371cffae91e494ffea471d08ebeaeac780114953e17419eb9bf93ff95

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:59 GMT
content-encoding
br
x-oss-request-id
6213681361234138394D2955
content-md5
Ldauj0XbqnMWuHASADR+Dg==
x-swift-cachetime
15258
x-oss-hash-crc64ecma
6052376766372896209
x-swift-savetime
Tue, 22 Feb 2022 06:08:57 GMT
content-length
53220
x-oss-object-type
Normal
last-modified
Tue, 22 Feb 2022 06:09:19 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645438995
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2214933, s-maxage=86400
served-from
104.98.3.60
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_CHICAGO_35994, GB_LONDON_201011
eagleid
2ff62a9616455101369732843e
x-oss-server-time
25
expires
Wed, 23 Mar 2022 10:21:32 GMT
index.css
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame 7BC9 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.css
Requested by
Host: m.aliexpress.com
URL: https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
0f84bd73c88c389d112f8ed3e53a66e76486943f3642de33d6df1c853f735a60

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:59 GMT
content-encoding
br
x-oss-request-id
6216FB838B66A33638CA9366
content-md5
/vUwpIqh/7EwELYOWRtfNQ==
x-swift-cachetime
86371
x-oss-hash-crc64ecma
10559745788541521590
x-swift-savetime
Thu, 24 Feb 2022 03:29:36 GMT
content-length
1573
x-oss-object-type
Normal
last-modified
Thu, 24 Feb 2022 03:29:36 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645673347
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2449476, s-maxage=86400
served-from
23.58.92.165
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_ASHBURN_20940, GB_LONDON_201011
eagleid
2ff6179d16456733761532299e
x-oss-server-time
78
expires
Sat, 26 Mar 2022 03:30:35 GMT
index.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame 7BC9 		68 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.js
Requested by
Host: m.aliexpress.com
URL: https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
51016ca52f4b5ea24337df4e3555e8982a386b8cbf81d3064a5022d856688a62

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:59 GMT
content-encoding
br
x-oss-request-id
6216F31791A6D33538675A38
content-md5
n9xDFwTpru3KjxbDG5ETsw==
x-swift-cachetime
86351
x-oss-hash-crc64ecma
16072047797213094646
x-swift-savetime
Thu, 24 Feb 2022 02:54:00 GMT
content-length
18313
x-oss-object-type
Normal
last-modified
Thu, 24 Feb 2022 02:54:01 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645671191
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2447173, s-maxage=86400
served-from
23.216.148.151
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_SEATTLE_35994, GB_LONDON_201011
eagleid
2ff6179916456712405426055e
x-oss-server-time
7
expires
Sat, 26 Mar 2022 02:52:12 GMT
fetch
m.aliexpress.com/api/home/ Frame 7BC9 		18 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.aliexpress.com/api/home/fetch?moduleId=glo_msite_home&sceneId=MSiteHome&new_locale=true&tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db
Requested by
Host: m.aliexpress.com
URL: https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Tengine/Aserver /
Resource Hash
2f5b2833db1493d3cf56c173ea1bbebb6e07b2871466493c41e9c683f0485188
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-type
application/json;charset=UTF-8
x-akamai-fwd-auth-sha
62B6E3C626BD4FF991E5A45234B1F1CC97B0606EDA5B58C140028AA4DFE0D35A
server
Tengine/Aserver
date
Fri, 25 Feb 2022 19:05:59 GMT
p3p
CP="CAO PSA OUR"
x-akamai-fwd-auth-data
2136347926, 2.16.187.13, 1645815959, 82.199.130.41
x-robots-tag
noindex
x-akamai-fwd-auth-sign
Uz1+FymiJ2uMZ0TPXlPyg2KizZt8x321BuWttlhU0oImFahfE6br5RlNQsMCIu1Qrh4TMHRNB1lru6i/5q8PKocDHQT0pBtQEDI/S7xY1Rc=
timing-allow-origin
*
content-length
18
eagleeye-traceid
2100bb4a16458159593793503eb103
x-application-context
ae-msite:prod,de:7001
SPug
simage4.pubmatic.com/AdServer/ Frame FCED 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
assets.alicdn.com/g/ae-fe/static-ui/open-sans/ Frame 7BC9 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/static-ui/open-sans/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Request headers

Referer
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.css
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:59 GMT
x-oss-request-id
61FD682C82DB30363372046E
content-md5
jj+XinfRkann+U/55wkAhQ==
x-swift-cachetime
3600
x-source-scheme
https
x-swift-savetime
Fri, 04 Feb 2022 17:53:48 GMT
content-length
8892
x-oss-object-type
Normal
x-oss-hash-crc64ecma
838915909867765876
server
Tengine
ali-swift-global-savetime
1643997228
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=773264, s-maxage=3600
served-from
2.16.187.13
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
network_info
GB_LONDON_201011
eagleid
2ff62b1a16439987284425248e
x-oss-server-time
6
ptrack
a.audrte.com/ Frame 2BEA 		368 B
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=82.199.130.41&p=M1353665098&artime=2022-02-25T19:06:01.716Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5hZHRlbGxpZ2VudC5jb20lMkZjc3luYyUzRnQlM0RhJTI2ZXAlM0QzMDc5NzElMjZleHR1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.116.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-116-73.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
3275b47087afcb3c7628878e40c61e9ee9c1b90f8a265bf2a9aa9d5f0d233762

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:05:59 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
sium
ih.adscale.de/ Frame 0B60 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.33.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-33-49.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Fri, 25 Feb 2022 19:05:59 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
match
ps.eyeota.net/ Frame 2BEA
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7765723041879162743
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEJuNRgEU76Tx39Nn1IAbhzo&google_cver=1
  • https://ps.eyeota.net/match?bid=kh51m51&uid=fc834q4OKQkRWquMN0t9WrmXQ&gdpr=0&gdpr_consent=
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=fc834q4OKQkRWquMN0t9WrmXQ&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:06:00 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Fri, 25 Feb 2022 19:06:00 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=fc834q4OKQkRWquMN0t9WrmXQ&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
ps.eyeota.net/pixel/bounce/ Frame 2BEA
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=fc834q4OKQkRWquMN0t9WrmXQ&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=fc834q4OKQkRWquMN0t9WrmXQ&gdpr=0&gdpr_consent=
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=fc834q4OKQkRWquMN0t9WrmXQ&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:06:00 GMT
Content-Type
application/javascript
Content-Length
1218
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/pixel/bounce/?pid=kh51m51&t=ajs&uid=fc834q4OKQkRWquMN0t9WrmXQ&gdpr=0&gdpr_consent=
Date
Fri, 25 Feb 2022 19:06:00 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 2BEA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=fc834q4OKQkRWquMN0t9WrmXQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=fc834q4OKQkRWquMN0t9WrmXQ&gdpr=0&gdpr_consent=&google_gid=CAESEJuNRgEU76Tx39Nn1IAbhzo&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
3.228.116.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-116-73.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:06:00 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 25 Feb 2022 19:06:00 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
H2111329c7f0e475aac3930a727edf058z.png
ae01.alicdn.com/kf/ Frame 7BC9 		0
0
7.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame 7BC9 		495 B
828 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/7.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
9dfa629f6e589820f635505baf15af345cb6b3d6fb89126f5bf75cba3046630e

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:06:00 GMT
content-encoding
br
x-oss-request-id
6216F36B82509230344597D7
content-md5
05nLxTjQjulP5lv0ieNBhQ==
x-swift-cachetime
86400
x-source-scheme
https
x-oss-hash-crc64ecma
7776564705461933740
x-swift-savetime
Thu, 24 Feb 2022 02:54:35 GMT
content-length
262
x-oss-object-type
Normal
last-modified
Thu, 24 Feb 2022 03:20:01 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645671275
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2447285, s-maxage=86400
served-from
189.247.166.85
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
network_info
US_CHICAGO_35994, GB_LONDON_201011
eagleid
2ff6149816456712753511320e
x-oss-server-time
35
expires
Sat, 26 Mar 2022 02:54:05 GMT
mtop.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame 7BC9 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/mtop.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
971fdcab3ba510789903db0ad9ef8e1cfa1c549774ae463b6098c9c5ef8b0132

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:06:00 GMT
content-encoding
br
x-oss-request-id
6216F31842284534328BEC8B
content-md5
d+CMDhQsyg7na1P1QAmn/w==
x-swift-cachetime
86400
x-oss-hash-crc64ecma
1445891712086061596
x-swift-savetime
Thu, 24 Feb 2022 02:53:12 GMT
content-length
7700
x-oss-object-type
Normal
last-modified
Thu, 24 Feb 2022 02:53:55 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645671192
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2447219, s-maxage=86400
served-from
23.216.148.143
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_SANJOSE_35994, GB_LONDON_201011
eagleid
4f85b09516456712347853826e
x-oss-server-time
6
expires
Sat, 26 Mar 2022 02:52:59 GMT
truncated
/ Frame 7BC9 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type
image/webp
promote.htm
mbest.aliexpress.com/m/ Frame 7BC9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mbest.aliexpress.com/m/promote.htm?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/home-msite/0.0.75/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Tengine/Aserver /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db

Response headers

content-type
text/html;charset=UTF-8
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
x-application-context
ae-traffic-affiliateweb-f:prod,ru:7001
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
0
x-frame-options
DENY
strict-transport-security
max-age=31536000 ; includeSubDomains max-age=31536000
content-language
en-US
content-encoding
gzip
server
Tengine/Aserver
eagleeye-traceid
0b8b036316458155254753419e612a
timing-allow-origin
*
content-length
5634
date
Fri, 25 Feb 2022 19:06:00 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
assets.alicdn.com/g/ae-fe/static-ui/open-sans/ Frame 7BC9 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/static-ui/open-sans/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/home-msite/0.0.75/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Request headers

Referer
https://assets.alicdn.com/g/ae-fe/home-msite/0.0.75/index.css
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:06:00 GMT
x-oss-request-id
61FD682C82DB30363372046E
content-md5
jj+XinfRkann+U/55wkAhQ==
x-swift-cachetime
3600
x-source-scheme
https
x-swift-savetime
Fri, 04 Feb 2022 17:53:48 GMT
content-length
8892
x-oss-object-type
Normal
x-oss-hash-crc64ecma
838915909867765876
server
Tengine
ali-swift-global-savetime
1643997228
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=773263, s-maxage=3600
served-from
2.16.187.13
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
network_info
GB_LONDON_201011
eagleid
2ff62b1a16439987284425248e
x-oss-server-time
6
loader.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame 7BC9 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/loader.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
3f13c18a72dbb2df0bec3bab6ed0bf00ae54cd5ab23f21a412cda735ee4e1fda

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:06:00 GMT
content-encoding
br
x-oss-request-id
6216F318794E7E3835963A56
content-md5
d4WepMlnnFin2BMOxralJQ==
x-swift-cachetime
86332
x-oss-hash-crc64ecma
16413354651580683994
x-swift-savetime
Thu, 24 Feb 2022 02:54:20 GMT
content-length
3031
x-oss-object-type
Normal
last-modified
Thu, 24 Feb 2022 02:54:20 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645671192
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2447423, s-maxage=86400
served-from
23.216.148.143
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_ASHBURN_20940, GB_LONDON_201011
eagleid
2ff6179e16456712603922413e
x-oss-server-time
5
expires
Sat, 26 Mar 2022 02:56:23 GMT
/
acs.aliexpress.com/h5/mtop.relationrecommend.aliexpressrecommend.recommend/1.0/ Frame 7BC9 		0
0
/
assets.alicdn.com/g/alilog/ Frame 7BC9 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/alilog/??aplus_plugin_aefront/index.js,mlog/aplus_int.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
f1a47e61dfbe2a0ba893af1d972ab9dafc04d96f5e816f7516f4c5414bd8b849

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:06:00 GMT
content-encoding
gzip
x-oss-request-id
62191D151A2C2831326ED75A
content-md5
gygBRN2M4MlVRBr7rF/+vA==
x-swift-cachetime
1800
x-swift-savetime
Fri, 25 Feb 2022 18:16:53 GMT
content-length
9985
x-oss-object-type
Normal
x-oss-hash-crc64ecma
15290110112012039273
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1645813013
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=686, s-maxage=1800
served-from
2.16.187.13
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
GB_LONDON_201011
eagleid
2ff62b1a16458143280555075e
x-oss-server-time
6
gep-sdk~pop-layer.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame 7BC9 		45 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/gep-sdk~pop-layer.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
e2d9112492a92b8c963f9ded23ac179a118b82c32fe8d6d28c218abc5a076173

Request headers

Referer
https://m.aliexpress.com/?tracelog=wwwhome2mobilesitehome&aff_fcid=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&tt=CPS_NORMAL&aff_fsk=_9i9ptp&aff_platform=portals-promotion&sk=_9i9ptp&aff_trace_key=6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp&terminal_id=b0679dcfebc54cf6ac1ea43322afa8db
Origin
https://m.aliexpress.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:06:00 GMT
content-encoding
br
x-oss-request-id
6216F31922BE81353918BDEB
content-md5
uPAgX7Crj6Pxq5JuU1BAeQ==
x-swift-cachetime
86351
x-oss-hash-crc64ecma
10055567954015575217
x-swift-savetime
Thu, 24 Feb 2022 02:54:02 GMT
content-length
5856
x-oss-object-type
Normal
last-modified
Thu, 24 Feb 2022 02:54:03 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1645671193
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2447348, s-maxage=86400
served-from
23.216.148.151
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_SEATTLE_35994, GB_LONDON_201011
eagleid
800e749d16456712427333713e
x-oss-server-time
9
expires
Sat, 26 Mar 2022 02:55:08 GMT
gep-sdk.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame 7BC9 		0
0
gallery-9g91h~list-88mY4~pop-layer~scene-login~slider-kTGCl~waterfall-VLHdM.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame 7BC9 		0
0
4.css
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame 7BC9 		0
0
4.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame 7BC9 		0
0
scene-login.css
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame 7BC9 		0
0
scene-login.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame 7BC9 		0
0
gdpr.css
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame 7BC9 		0
0
gdpr.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame 7BC9 		0
0
analytics.js
www.google-analytics.com/ Frame 7BC9 		0
0
gtm.js
www.googletagmanager.com/ Frame 7BC9 		0
0
tags
us.creativecdn.com/ Frame 1A90 		0
0
pop-layer.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame 7BC9 		0
0
gallery-9g91h~list-88mY4~slider-kTGCl~smart-banner~waterfall-VLHdM.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame 7BC9 		0
0
smart-banner.css
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame 7BC9 		0
0
smart-banner.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/ Frame 7BC9 		0
0
/
assets.alicdn.com/g/alilog/ Frame 7BC9 		0
0
/
assets.alicdn.com/g/alilog/ Frame 7BC9 		0
0
/
sonar.semantiqo.com/i/ Frame 72FC 		166 B
519 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sonar.semantiqo.com/i/
Requested by
Host: umagnet.ru
URL: https://umagnet.ru/cli/cdn/HLR3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.217.86.150 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.86.217.95.clients.your-server.de
Software
nginx/1.20.2 /
Resource Hash
eb67f0a083db90b7da9b98a8a8a78ac8ab2c5c7f813126927f7282a16a8abc0f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/

Response headers

server
nginx/1.20.2
date
Fri, 25 Feb 2022 19:06:00 GMT
content-type
text/html
last-modified
Tue, 04 Jan 2022 20:05:26 GMT
etag
W/"61d4a886-a6"
content-encoding
gzip
mode
no-cors
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
cache-control
no-cache
PugMaster
image6.pubmatic.com/AdServer/ Frame 7C6C 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=96835857&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:06:00 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame FD78 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31907065&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Daca622f3d168ad40%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
02caf705996ed3af1e8c494d61d835c04dc590588b0bc1bd7982604201e8dcbc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:05:59 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
analytics.js
www.google-analytics.com/ Frame 7111 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tttttt.me
URL: https://tttttt.me/buhoblik_org_ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tttttt.me/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5467
date
Fri, 25 Feb 2022 17:34:53 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 25 Feb 2022 19:34:53 GMT
truncated
/ Frame 7111 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
773b8e2167621cf7d67f1c7673da9be972cfa1ffa9aebcc6ce83deabeb8e7d53

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type
image/svg+xml
Arrow_1x.png
tlgr.org/img/tgme/ Frame 7111 		988 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlgr.org/img/tgme/Arrow_1x.png
Requested by
Host: tlgr.org
URL: https://tlgr.org/css/telegram.css?215
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
3b2212ef1c4d336fbd7983a732d88fa83423a25453209f02f18ab878218d505d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tlgr.org/css/telegram.css?215
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:06:00 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
image/png
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Expires
Tue, 01 Mar 2022 19:06:00 GMT
Mobile1x.png
tlgr.org/img/tgme/ Frame 7111 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlgr.org/img/tgme/Mobile1x.png?1
Requested by
Host: tlgr.org
URL: https://tlgr.org/css/telegram.css?215
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
8980be134f83d21785afcf8f206c753e7dbdb6359cc236e336609eb28f0115e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tlgr.org/css/telegram.css?215
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:06:00 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
image/png
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Expires
Tue, 01 Mar 2022 19:06:00 GMT
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 2CD7
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f71d827d-d02d-4b6c-b555-a3c20d0ec89c-tuct912ae18&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f71d827d-d02d-4b6c-b555-a3c20d0ec89c-tuct912ae18&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Daca622f3d168ad40%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Fri, 25 Feb 2022 19:06:01 GMT
via
1.1 varnish
x-served-by
cache-hhn4050-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1645815962.649497,VS0,VE8
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f71d827d-d02d-4b6c-b555-a3c20d0ec89c-tuct912ae18&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Fri, 25 Feb 2022 19:06:00 GMT
via
1.1 varnish
x-served-by
cache-icn1450064-ICN
x-cache
MISS
x-cache-hits
0
x-timer
S1645815960.471779,VS0,VE38
x-vcl-time-ms
38
content-length
0
141
match.deepintent.com/usersync/ Frame 6455 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Daca622f3d168ad40%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Fri, 25 Feb 2022 19:06:00 GMT
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame 9C40
Redirect Chain
  • https://docker.creative-serving.com/cm?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=${UUID}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=a62e0b1d-bc55-44c1-9b8e-c61d9ed7700a
42 B
111 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=a62e0b1d-bc55-44c1-9b8e-c61d9ed7700a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Daca622f3d168ad40%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Feb 2022 19:06:00 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug003:0:479
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Date
Fri, 25 Feb 2022 19:06:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=a62e0b1d-bc55-44c1-9b8e-c61d9ed7700a
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 0AC6
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:9SFmwGc41NnFUI5&gdpr=0&gdpr_consent=
42 B
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:9SFmwGc41NnFUI5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Daca622f3d168ad40%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Feb 2022 19:06:00 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug017:0:639
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Fri, 25 Feb 2022 19:05:59 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:9SFmwGc41NnFUI5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-04fd973f611872bb0@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
usersync
match.bnmla.com/ Frame B955 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Daca622f3d168ad40%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.158 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 25 Feb 2022 19:06:00 GMT
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 2324
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AE82394518B545469440C07B7DC93915
1 B
146 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AE82394518B545469440C07B7DC93915
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Daca622f3d168ad40%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Feb 2022 19:06:00 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
lhrpug015:0:457
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Fri, 25 Feb 2022 19:06:00 GMT
content-type
text/html
content-length
138
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AE82394518B545469440C07B7DC93915
expires
Thu, 24 Feb 2022 19:06:00 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
um
u-ams02.e-planning.net/ Frame CB85 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=aca622f3d168ad40&uid=195ECDD6-E5E1-467D-A566-3B8FDE51B157
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Daca622f3d168ad40%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
openresty
date
Fri, 25 Feb 2022 19:06:00 GMT
content-type
image/gif
Artemis
aud.pubmatic.com/AdServer/ Frame FD78
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=195ECDD6-E5E1-467D-A566-3B8FDE51B157&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=195ECDD6-E5E1-467D-A566-3B8FDE51B157&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=195ECDD6-E5E1-467D-A566-3B8FDE51B157&addseg=11,34,40
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=195ECDD6-E5E1-467D-A566-3B8FDE51B157&addseg=11,34,40
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Redirect headers

date
Fri, 25 Feb 2022 19:06:00 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=195ECDD6-E5E1-467D-A566-3B8FDE51B157&addseg=11,34,40
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame FD78
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=195ECDD6-E5E1-467D-A566-3B8FDE51B157&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=195ECDD6-E5E1-467D-A566-3B8FDE51B157&sInitiator=external&gdpr=0&gdpr_consent=
42 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=195ECDD6-E5E1-467D-A566-3B8FDE51B157&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
77.243.60.138 Viby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:58 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:05:57 GMT
frontend-id
11
location
/pubmatic/1/info2?sType=sync&sExtCookieId=195ECDD6-E5E1-467D-A566-3B8FDE51B157&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame FD78 		95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=195ECDD6-E5E1-467D-A566-3B8FDE51B157
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:06:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6e33355859a788bc-LHR
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame FD78
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=195ECDD6-E5E1-467D-A566-3B8FDE51B157
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
3.228.116.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-116-73.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:06:00 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 25 Feb 2022 19:06:00 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
d1ba4609
rtb.gumgum.com/getuid/ Frame FD78 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.153.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-153-210.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:06:00 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame FD78
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=f8b2517f-966d-11ec-a977-0544ef27bb02&gdpr=0&gdpr_consent=
1 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=f8b2517f-966d-11ec-a977-0544ef27bb02&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:06:01 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:1273
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=f8b2517f-966d-11ec-a977-0544ef27bb02&gdpr=0&gdpr_consent=
Date
Fri, 25 Feb 2022 19:06:00 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
f8b25180-966d-11ec-a977-0544ef27bb02
resolve
/ Frame 7111 		0
0
b.js
sonar.semantiqo.com/i/ Frame 72FC 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sonar.semantiqo.com/i/b.js
Requested by
Host: sonar.semantiqo.com
URL: https://sonar.semantiqo.com/i/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.217.86.150 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.86.217.95.clients.your-server.de
Software
nginx/1.20.2 /
Resource Hash
a5999cec348d9c44155de3607778eab37958803f0e379211a327cb5b5f69b2db

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://sonar.semantiqo.com/i/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:06:00 GMT
mode
no-cors
last-modified
Tue, 04 Jan 2022 20:05:26 GMT
server
nginx/1.20.2
etag
"61d4a886-1bba"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
7098
rt=ifr
bcp.crwdcntrl.net/5/c=15238/rand=840865962/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/ Frame 93FD 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=15238/rand=840865962/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
45d97acdd00d9a3d34aa565be8341f8e38a3cdd0d89d37df9fa4d64f1a9e21fe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 25 Feb 2022 19:06:00 GMT
content-type
text/html;charset=utf-8
content-length
1388
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.30.11
access-control-allow-origin
*
server
Jetty(9.4.38.v20210224)
sls_new.php
cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/ 		486 B
835 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/sls_new.php
Requested by
Host: umagnet.ru
URL: https://umagnet.ru/cli/cdn/HLR3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.66.109.217.95.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
5a7e535789afbf2902aa1d65d2c670dd9b33440a09a1f842cd96d34af1db3bd9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 25 Feb 2022 19:06:01 GMT
mode
no-cors
server
nginx/1.20.1
content-type
application/javascript
ces.php
cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/ 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/ces.php?spid=829dd9eeabb44081afc89ede6a6968ab
Requested by
Host: umagnet.ru
URL: https://umagnet.ru/cli/cdn/HLR3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.66.109.217.95.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 25 Feb 2022 19:06:00 GMT
mode
no-cors
referrer-policy
no-referrer
server
nginx/1.20.1
content-type
application/javascript
analize.js
umagnet.ru/c82up/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://umagnet.ru/c82up/analize.js
Requested by
Host: umagnet.ru
URL: https://umagnet.ru/cli/cdn/HLR3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.66.109.217.95.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash

Request headers

Referer
https://www.buhoblik.org.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 25 Feb 2022 19:06:00 GMT
content-encoding
gzip
server
nginx/1.20.1
mode
no-cors
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
data_sess_sync.php
sonar.semantiqo.com/fbfli/
Redirect Chain
  • https://counter.yadro.ru/id127/reff-id.gif?sid=829dd9eeabb44081afc89ede6a6968ab
  • https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=829dd9eeabb44081afc89ede6a6968ab
0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=829dd9eeabb44081afc89ede6a6968ab
Requested by
Host: www.buhoblik.org.ua
URL: https://www.buhoblik.org.ua/
Protocol
H2
Server
95.217.86.150 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.86.217.95.clients.your-server.de
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:06:01 GMT
content-encoding
gzip
server
nginx/1.20.2
mode
no-cors
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=829dd9eeabb44081afc89ede6a6968ab
Date
Fri, 25 Feb 2022 19:06:15 GMT
Server
nginx/1.17.9
Connection
keep-alive
Content-Length
364
Strict-Transport-Security
max-age=86400
Content-Type
text/html; charset=iso-8859-1
usersync
pixel-sync.sitescout.com/connectors/lotame/ Frame 93FD 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=840865962/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:06:00 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
5907
tags.bluekai.com/site/ Frame 93FD 		62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=d0b2c2b5f9753643d684097a2586637e
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=840865962/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/rt=ifr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 19:06:00 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
ibs:dpid=121998&dpuuid=7531a24999b680d598936a31e2a3ff15&gdpr=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=1
dpm.demdex.net/ Frame 93FD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=7531a24999b680d598936a31e2a3ff15&gdpr=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=840865962/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/rt=ifr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.200.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-200-156.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers
tpid=cbece377-c25c-4789-a956-26f96151f013
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 93FD
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=7531a24999b680d598936a31e2a3ff15&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=cbece377-c25c-4789-a956-26f96151f013
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=cbece377-c25c-4789-a956-26f96151f013
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=840865962/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/rt=ifr
Protocol
H2
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:06:00 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.25.73
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=cbece377-c25c-4789-a956-26f96151f013
date
Fri, 25 Feb 2022 19:06:00 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
gdpr=1
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2884923494709783854/ Frame 93FD
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/7531a24999b680d598936a31e2a3ff15/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=1
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2884923494709783854/gdpr=1
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2884923494709783854/gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=840865962/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/rt=ifr
Protocol
H2
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:06:00 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.11.142
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2884923494709783854/gdpr=1
pragma
no-cache
date
Fri, 25 Feb 2022 19:06:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
gdpr=1&_test=YhkomgAI3XEQJAAy
sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YhkomgAI3XEQJAAy/ Frame 93FD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D1
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D1&_test=YhkomgAI3XEQJAAy
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YhkomgAI3XEQJAAy/gdpr=1&_test=YhkomgAI3XEQJAAy
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YhkomgAI3XEQJAAy/gdpr=1&_test=YhkomgAI3XEQJAAy
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=840865962/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.adtelligent.com/rt=ifr
Protocol
H2
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:06:02 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.11.142
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 19:06:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1645815963.599338,VS0,VE0
x-served-by
cache-hhn4043-HHN
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YhkomgAI3XEQJAAy/gdpr=1&_test=YhkomgAI3XEQJAAy
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
watch.js
intercollectcontact.ru/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intercollectcontact.ru/watch.js
Requested by
Host: cdn3.caltat.com
URL: https://cdn3.caltat.com/9b6874aa-d549-414d-a589-12a15f71b2b6/sls_new.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.95.131.196 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
4a8a58134ab0ffbb7251e7015612cdc8633a8c663ef5e2bb94328c3ba53dd390

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.buhoblik.org.ua/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:06:01 GMT
last-modified
Fri, 02 Jul 2021 08:09:09 GMT
server
nginx
etag
"60dec9a5-ab6"
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
2742
pixel
intercollectcontact.ru/pxa/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://intercollectcontact.ru/pxa/pixel
Requested by
Host: intercollectcontact.ru
URL: https://intercollectcontact.ru/watch.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.95.131.196 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.buhoblik.org.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 25 Feb 2022 19:06:01 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Origin,Content-Type,Accept
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
pixel
intercollectcontact.ru/pxa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://intercollectcontact.ru/pxa/pixel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.95.131.196 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.buhoblik.org.ua
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 25 Feb 2022 19:06:01 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept
content-length
0
content-type
text/plain
SPug
simage4.pubmatic.com/AdServer/ Frame FD78 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Daca622f3d168ad40%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Fri, 25 Feb 2022 19:06:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.spotim.market
URL
https://sync.spotim.market/csync?redir=https://fo-ssp.omnitagjs.com/fo-ssp/sync?gdpr=0&gdpr_consent_string={gdpr_consent)
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=1177295049587875137
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync?t=a&ep=482928&extuid=
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync?t=a&ep=509691&extuid=&gdpr=0
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=dal1VIFarWhMb20JIVmp&pi=admatic
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=550214&extuid=${USER_ID}
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=306708&extuid=${USER_ID}
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?redir=
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=b8c55fcbcbf94b47950c293cf7ca6cc2
Domain
ae01.alicdn.com
URL
https://ae01.alicdn.com/kf/H2111329c7f0e475aac3930a727edf058z.png
Domain
acs.aliexpress.com
URL
https://acs.aliexpress.com/h5/mtop.relationrecommend.aliexpressrecommend.recommend/1.0/?jsv=2.5.1&appKey=12574478&t=1645815962130&sign=cd12723d5d8167123ac07fa76924f1d6&api=mtop.relationrecommend.AliexpressRecommend.recommend&v=1.0&ecode=1&type=jsonp&dataType=jsonp&callback=mtopjsonp1&data=%7B%22appId%22%3A%2221144%22%2C%22params%22%3A%22%7B%5C%22locale%5C%22%3A%5C%22en_US%5C%22%2C%5C%22requiredModules%5C%22%3A%5C%22shading%5C%22%2C%5C%22osf%5C%22%3A%5C%22msite-header-home%5C%22%2C%5C%22language%5C%22%3A%5C%22en%5C%22%2C%5C%22site%5C%22%3A%5C%22glo%5C%22%2C%5C%22shipToCountry%5C%22%3A%5C%22UK%5C%22%2C%5C%22shipToCity%5C%22%3A%5C%22%5C%22%2C%5C%22clientType%5C%22%3A%5C%22msite%5C%22%2C%5C%22cookieId%5C%22%3A%5C%22empty%5C%22%2C%5C%22statusOfUsingPrivacy%5C%22%3A%5C%22%5C%22%7D%22%7D
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/gep-sdk.js
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/gallery-9g91h~list-88mY4~pop-layer~scene-login~slider-kTGCl~waterfall-VLHdM.js
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/4.css
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/4.js
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/scene-login.css
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/scene-login.js
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/gdpr.css
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/gdpr.js
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtm.js?id=GTM-5VJNN2G
Domain
us.creativecdn.com
URL
https://us.creativecdn.com/tags?type=iframe&id=pr_Ss52YF3IAd5cEVfrVcQ0_home&id=pr_Ss52YF3IAd5cEVfrVcQ0_uid_unknown&id=pr_Ss52YF3IAd5cEVfrVcQ0_lid_3z2q75VgpQrFRszozhDV&su=https%3A%2F%2Fm.aliexpress.com%2F%3Ftracelog%3Dwwwhome2mobilesitehome%26aff_fcid%3D6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp%26tt%3DCPS_NORMAL%26aff_fsk%3D_9i9ptp%26aff_platform%3Dportals-promotion%26sk%3D_9i9ptp%26aff_trace_key%3D6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp%26terminal_id%3Db0679dcfebc54cf6ac1ea43322afa8db&sr=https%3A%2F%2Fwww.buhoblik.org.ua%2F&ts=1645815962156
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/pop-layer.js
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/gallery-9g91h~list-88mY4~slider-kTGCl~smart-banner~waterfall-VLHdM.js
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/smart-banner.css
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/ae-fe/cosmos/0.0.56/msite/smart-banner.js
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/alilog/??s/8.15.20/plugin/aplus_client.js,aplus_cplugin/0.7.11/toolkit.js,aplus_cplugin/0.7.11/monitor.js,s/8.15.20/plugin/aplus_ae.js,s/8.15.20/plugin/aplus_ac.js,s/8.15.20/aplus_int.js,s/8.15.20/plugin/aplus_spmact.js,aplus_plugin_ae/0.0.9/index.js?v=20220215204924
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/alilog/??s/8.15.20/plugin/aplus_client.js,aplus_cplugin/0.7.11/toolkit.js,aplus_cplugin/0.7.11/monitor.js,s/8.15.20/plugin/aplus_ae.js,s/8.15.20/plugin/aplus_ac.js,s/8.15.20/aplus_int.js,s/8.15.20/plugin/aplus_spmact.js,aplus_plugin_ae/0.0.9/index.js?v=20220215204924
Domain
resolve
URL
tg:resolve?domain=buhoblik_org_ua

Verdicts & Comments Add Verdict or Comment

226 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 function| structuredClone function| JCaption undefined| $ function| jQuery object| jQuery112408294878182870467 object| _gaq object| adsbygoogle object| googletag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_persistent_state_async boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| _gat object| gaGlobal object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing object| google_ad_public_floor object| google_ad_private_floor object| google_max_ad_content_rating object| globalAmlAds object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad boolean| __utlWdgt function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| hb_dmx_res object| __utl object| punycode object| ___utl_cnf_version_cb_w.uptolike.com boolean| ___utl_cnf_version_req_w.uptolike.com string| ___utl_cnf_version_w.uptolike.com object| cb__utl_cb_share_1645815958284339 boolean| __utl_initialized_w.uptolike.com number| __utl_sequence_generator object| __uptolike_widgets_settings___utl-buttons-1 string| __utl_vp_id boolean| __utl_retransmitted boolean| __utl_global_click_registered boolean| __utl_global_key_registered object| __utl_shared object| __utl_imp_instance object| M object| __utl_listeners_window-click object| __utl_listeners_window-keyup boolean| __utl_selection_tracker_installed function| html2canvas function| _open boolean| __utl_imp_flag_1435493 boolean| utl_ext_req_w.uptolike.com boolean| __utl_zp_clk_inst boolean| __utl__ext__counters boolean| utl_wmdetect object| Ya object| yaCounter23414332 string| ref_url undefined| iframe object| bada function| _0x28d9 object| a0_0x2ae5 function| a0_0x5b7b function| __TPJSL_callback function| __TPJSL

185 Cookies

Domain/Path Name / Value
.admixer.net/bs Name: am-uid
Value: c9946af36a2a46eb98a9c9f5e1815abe
www.buhoblik.org.ua/ Name: 54328dacc8285ec61fa19f90fac03db6
Value: f32765381f3823581be50dcb1918af30
.buhoblik.org.ua/ Name: __utma
Value: 21695912.104275366.1645815958.1645815958.1645815958.1
.buhoblik.org.ua/ Name: __utmc
Value: 21695912
.buhoblik.org.ua/ Name: __utmz
Value: 21695912.1645815958.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.buhoblik.org.ua/ Name: __utmt
Value: 1
.buhoblik.org.ua/ Name: __utmb
Value: 21695912.1.10.1645815958
www.buhoblik.org.ua/ Name:
Value: store.test
.buhoblik.org.ua/ Name: __gads
Value: ID=07c8bd964c9f60d1-22b1b7034ccd00a8:T=1645815956:RT=1645815956:S=ALNI_MYky8leVp290azpJsNwN6ej0VdS5w
xn--r1a.website/ Name: stel_ssid
Value: 0c65ae491fae5d5e56_12304931785626380
.w.uptolike.com/ Name: utl_id2
Value: 26249185155
.w.uptolike.com/ Name: utl_dat
Value: "CMmFmpLzLxAAIMnW5JrzLyjJ1uSa8y8wABGrLJhEBmJ22t3ZLgKASws="
.admixer.net/ Name: am-uid
Value: c9946af36a2a46eb98a9c9f5e1815abe
www.buhoblik.org.ua/ Name: am-uid
Value: c9946af36a2a46eb98a9c9f5e1815abe
.creativecdn.com/ Name: u
Value: dal1VIFarWhMb20JIVmp
.creativecdn.com/ Name: ts
Value: 1645815956
.bidswitch.net/ Name: tuuid
Value: c64d842a-61a4-4f60-94d2-59680be6a474
.bidswitch.net/ Name: c
Value: 1645815956
.bidswitch.net/ Name: tuuid_lu
Value: 1645815956
.casalemedia.com/ Name: CMID
Value: YhkolIiGO.verl.gglINwQAA
.casalemedia.com/ Name: CMPS
Value: 1837
.doubleclick.net/ Name: IDE
Value: AHWqTUlhFBKiMcsNz_h8F4xr7L1n3HbY1voYyRFC_Mg3liUwFwkLCDu7i5TdnZryGCQ
pa.tns-ua.com/ Name: uid
Value: ZF553FC380D64FBB8918F150A9E17225
.casalemedia.com/ Name: CMPRO
Value: 668
.rutarget.ru/ Name: userId
Value: ULqVbueui9yk
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 3b95811b-4779-5338-957c-2c4ef76504da
.betweendigital.com/ Name: ss
Value: 1
ads.us.e-planning.net/ Name: CT
Value: 1
.openx.net/ Name: i
Value: 0f262b0a-e4a8-4319-a19c-7a6dc165bfb2|1645815956
.360yield.com/ Name: tuuid
Value: c8b42e30-b81e-480d-8bb8-10b5f3898523
.360yield.com/ Name: tuuid_lu
Value: 1645815956
.e-planning.net/ Name: E
Value: AF57iPnwDoRVzUsH
a4p.adpartner.pro/ Name: apuid
Value: 740f331b-5b49-41ea-b145-aa8450febe7e
tttttt.me/ Name: stel_ssid
Value: 2bc3b2acb10c053634_9637044423242057436
.sitescout.com/ Name: ssi
Value: c5c5ac99-c444-4746-8925-e21f7a8fa26f#1645815956845
.adnxs.com/ Name: uuid2
Value: 1177295049587875137
.betweendigital.com/ Name: ut
Value: YhkolAANI0gxNxtYfmRvlNS3BF9B7GRR8OQ5xg==
.exchange.buzzoola.com/ Name: uuid
Value: c7eec89c-8278-4df1-790f-a0013cbe893c
.adhigh.net/ Name: gi_u
Value: uL05vGpMFQR3.AikABlF_MkaF1A
.adriver.ru/ Name: cid
Value: AAs_4jpkTYiW_ZrnOblcMMw
.zeotap.com/ Name: zc
Value: 820cc4a1-03b6-492e-480d-5ebb6517d89b
.adhigh.net/ Name: bsw_sync
Value: j5l
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 195ECDD6-E5E1-467D-A566-3B8FDE51B157
.richaudience.com/ Name: avcid-zeo-uid
Value: 820cc4a1-03b6-492e-480d-5ebb6517d89b
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY0NTgxNTk1NzQ3NywiNCI6MTY0NTgxNTk1NzA4MCwiMzkiOjE2NDU4MTU5NTcwODB9
.adscale.de/ Name: uu
Value: b8c55fcbcbf94b47950c293cf7ca6cc2
.tidaltv.com/ Name: tidal_ttid
Value: b64d5f46-ffe7-4f40-9c98-7a485e032534
.adsrvr.org/ Name: TDID
Value: b4601307-57d2-4990-b1d9-9b5e4e0f1f26
.owneriq.net/ Name: si
Value: Q6991023571048765491
.owneriq.net/ Name: p2
Value: cc
.demdex.net/ Name: demdex
Value: 63985929241775489452071687403370720383
.adfarm1.adition.com/ Name: UserID1
Value: 7068725710564620433
.mathtag.com/ Name: uuid
Value: 0a326219-2895-4400-a64b-e3198aebe87a
.erne.co/ Name: u
Value: VkPvWFM6cK6IXAEDZNLvYYg5
.simpli.fi/ Name: suid
Value: AE82394518B545469440C07B7DC93915
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.tapad.com/ Name: TapAd_TS
Value: 1645815957522
.tapad.com/ Name: TapAd_DID
Value: cbece377-c25c-4789-a956-26f96151f013
.quantserve.com/ Name: d
Value: EKYBCwHDJfijAA
.quantserve.com/ Name: mc
Value: 62192895-94abe-7d6c7-9062b
.yahoo.com/ Name: A3
Value: d=AQABBJUoGWICEA0i4fnqu9w3mUJAvi3gqVIFEgEBAQF6GmIjYgAAAAAA_eMAAA&S=AQAAAuqXX_x3WlgG41nABClgwvA
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjC2tDK0MAIAHuTKNwkAAAA="
.turn.com/ Name: uid
Value: 2884923494709783854
.de17a.com/ Name: guid2
Value: 1.331010996556342211
.adform.net/ Name: C
Value: 1
.weborama.fr/ Name: AFFICHE_W
Value: qbTHGKSyRbyp95
.dpm.demdex.net/ Name: dpm
Value: 63985929241775489452071687403370720383
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7068725710564620427
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-b4601307-57d2-4990-b1d9-9b5e4e0f1f26&KRTB&22918-b4601307-57d2-4990-b1d9-9b5e4e0f1f26&KRTB&23031-b4601307-57d2-4990-b1d9-9b5e4e0f1f26
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:0a326219-2895-4400-a64b-e3198aebe87a&KRTB&16736-uid:0a326219-2895-4400-a64b-e3198aebe87a&KRTB&23019-uid:0a326219-2895-4400-a64b-e3198aebe87a&KRTB&23208-uid:0a326219-2895-4400-a64b-e3198aebe87a
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2884923494709783854
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEEzhFAxfGR-1eoiUpIeokEM&KRTB&16514-CAESEEzhFAxfGR-1eoiUpIeokEM&KRTB&23025-CAESEEzhFAxfGR-1eoiUpIeokEM
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-VkPvWFM6cK6IXAEDZNLvYYg5
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-HOUsihjvJIYH7inSSLIwhE7hfoQH7i2FGLUQBQ-n&KRTB&19420-HOUsihjvJIYH7inSSLIwhE7hfoQH7i2FGLUQBQ-n&KRTB&22979-HOUsihjvJIYH7inSSLIwhE7hfoQH7i2FGLUQBQ-n
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1177295049587875137&KRTB&23339-1177295049587875137
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~23fv
.bidr.io/ Name: bito
Value: AAFaCk7EMlEAAAIZopc9tQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.adform.net/ Name: uid
Value: 7765723041879162743
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-331010996556342211
.adsby.bidtheatre.com/ Name: __kuid
Value: ade80291-506b-48f2-b3f9-431276e0e4ee.415029957
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7765723041879162743&KRTB&23263-7765723041879162743
.theadex.com/ Name: axd
Value: 4286930398636631881
.theadex.com/ Name: tis_9AL
Value: 9ALeAqgw
ads.playground.xyz/ Name: connect.sid
Value: s%3AHBqG9Vk4tLNDVZByhmcGuV2unyaSYJLi.FOyz%2BP9AyF3V12G8otDCzJJ6wrfVI4QAs8pYhj8%2FOs0
.krxd.net/ Name: _kuid_
Value: OryTE278
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ac6aae25-0e72-45b3-a444-c79b10316345-003%22%2C%22nxtrdr%22%3Afalse%7D
.onaudience.com/ Name: cookie
Value: cb4342c2ddfde958
.onaudience.com/ Name: done_redirects104
Value: 1
.agkn.com/ Name: ab
Value: 0001%3AIjG9ySEMFY3KuK6lH7C4d6YMSiUOrcCI
.buhoblik.org.ua/ Name: _ym_uid
Value: 1645815960640694045
.buhoblik.org.ua/ Name: _ym_d
Value: 1645815960
.tribalfusion.com/ Name: ANON_ID
Value: alnseFtZdPufm7SpBnA8MBNJpJoM9ZceZa0mZbZabfd1HrE2ZcamsXhi2GMZavgiKL8crHk7jv6mwXlZcXV1rUKNWPqh
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 7531a24999b680d598936a31e2a3ff15
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-c64d842a-61a4-4f60-94d2-59680be6a474
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 351135349fake
.buhoblik.org.ua/ Name: _ym_isad
Value: 2
.fwmrm.net/ Name: _uid
Value: "e96ea_7068725714844955781"
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8d0a3071-9c6a-474c-6d7a-dcbd7e12536c.i%2BqCCbSEW1hV5g0JxidrOAWJZJ3%2F0n%2Fe24zj6S9zVzc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AjQowcZxqR0xtety9fhJTbFLHgik.4%2B1pFkaBjIdustoLFKt7sDMaIZoSKmofnGef%2BXa2in8
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1590882123fake
.onaudience.com/ Name: done_redirects147
Value: 1
.casalemedia.com/ Name: CMST
Value: YhkolGIZKJYA
.casalemedia.com/ Name: CMRUM3
Value: f16219289505a0&1f6219289505a00&27621928950b40&e6621928952760&2d621928952760CAESEGigl7PIg2LFHk9cqdMfYO8&046219289527603244929989922712878&986219289627601ff8a76c-f2ab-4621-868b-4fa3c871ad1b&336219289505a0
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-jQowcZxqR0xtety9fhJTbFLHgik
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiy-oOy_Ka8OhAFGAEgASgCMgsImrqw5ZKnvDoQBTgBWgd4a3N3OWxhYAI.
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ac6aae25-0e72-45b3-a444-c79b10316345-003%22%7D
.ibillboard.com/ Name: ibbid
Value: BBID-01-03205299582133562-16535160
.yandex.com/ Name: yandexuid
Value: 1942822821645815958
.yandex.com/ Name: yuidss
Value: 1942822821645815958
mc.yandex.com/ Name: yabs-sid
Value: 1035780621645815958
.yandex.com/ Name: i
Value: V35YrT65Ri1VJlutYV2DbnyZMBwmIXWguVBBEnYnu1rAiU05ZhCWQrbmi/1vQvsYitQskBJ2GWRykfutIsZ+KhLpTfs=
.yandex.com/ Name: ymex
Value: 1677351958.yrts.1645815958#1677351958.yrtsi.1645815958
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17107-RX-ac6aae25-0e72-45b3-a444-c79b10316345-003
.onaudience.com/ Name: done_redirects161
Value: 1
.exelator.com/ Name: EE
Value: "8337d36e4c24a2b6c1c295a5c8c6319f"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHC2Ng8xdgs1STZyCTRKMks2TDZyNI00TTZItnM2NAybXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzrnFGUn5uq4JuflJmTugIsE%252BYatMjCbEl%252BUWb6IhfXxUUpaQyLSopPBe%252BfqQwAihQsNw%253D%253D"
.aliexpress.com/ Name: acs_usuc_t
Value: x_csrf=13moqy2p8upee&acs_rt=b0679dcfebc54cf6ac1ea43322afa8db
.aliexpress.com/ Name: aeu_cid
Value: 6f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp
.aliexpress.com/ Name: xman_t
Value: 7zvVGkXjfVa7DjbK+Jl0U5v6ar1oXyblfv34tOyyHWCyIjDHSezoD8StHmRto5f0
.aliexpress.com/ Name: xman_f
Value: q8mGA9O8es9Do2HPBhbzkjNOx22///epC3LVei4XL9h1JBaRKPyOwOiu7+7XlNDAu1TAeNZd0JtD9XvjVWNxmXH0/YGGd2JD/jJ6/eGPpraYi90zGen4ug==
.aliexpress.com/ Name: af_ss_a
Value: 1
.onaudience.com/ Name: done_redirects219
Value: 1
.criteo.com/ Name: uid
Value: 61dc3367-e9ed-4c7a-8a9b-3493bdffd6da
.zeotap.com/ Name: zsc
Value: u%5E-%A8%2C%CF%A3%9F%0D%88%C6~M%F1%F2-2%23%7Dw%A9%A2%B8%168%AA%27%B5%83p%D9%1F%0F%A3%1FK%C7%96D%F3%0B%82%EE%CC%B6%01%8E%D0%BF%E7%09K2%D1%AA9%C1%D8%F8%D8z%13%24%EE%87%D3%9A%EB%3F%23%1B%F5%9Es%D6%F1%F4u%E8%AAq%0Fxu%7D%02%D0o%8D%AE%A1%A2g%14%90%86%5E%815+%A0%D56%D2%0B%3AI%27+%AB%0E%09s%BD%1F3h%F7%7FZ%9A%0C%1F%98%90%DA%BD%F8%17%7Fx%07nm%D8%1C%00i%8Cmu%FE+%D9%11%9A%C51e%90%26%85Bz%29%FA%22%D0%0A%CEI%F1%A9%F2%BB%7B%7D%99
.vk.com/ Name: remixlang
Value: 3
.adtelligent.com/ Name: a319130
Value: d6bccc13-2e1b-48a5-84c9-7d5b6db90a98
.aliexpress.com/ Name: xman_us_f
Value: x_locale=en_US&x_l=0&x_c_chg=1&x_as_i=%7B%22aeuCID%22%3A%226f92cc7010974f44a03f9d2f36d88c8d-1645815958560-08003-_9i9ptp%22%2C%22affiliateKey%22%3A%22_9i9ptp%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%224982151647%22%2C%22tagtime%22%3A1645815958560%7D&acs_rt=b0679dcfebc54cf6ac1ea43322afa8db
.adtelligent.com/ Name: a281178
Value: 195ECDD6-E5E1-467D-A566-3B8FDE51B157
.adscale.de/ Name: cct
Value: 1645815959253
.aliexpress.com/ Name: aep_usuc_f
Value: site=glo&c_tp=GBP&region=UK&b_locale=en_US
.m6r.eu/ Name: test
Value: true
.pubmatic.com/ Name: SPugT
Value: 1645815959
.adtelligent.com/ Name: a307971
Value: AF57iPnwDoRVzUsH
.m6r.eu/ Name: cct
Value: 1645815959665
.m6r.eu/ Name: id
Value: eeca0c4d67a4d454e0f30b434e540a60
.ih.adscale.de/ Name: tu
Value: 4#838025851#48~eeca0c4d67a4d454e0f30b434e540a60~457171~0~0#101~BBID-01-03205299582133562-16535160~457171~0~0#38~CAESEOi0VdWb1B9_Hmb3sURBHsk~457171~0~0#39~0a326219-2895-4400-a64b-e3198aebe87a~457171~0~0#40~61dc3367-e9ed-4c7a-8a9b-3493bdffd6da~457171~0~0#42~7765723041879162743~457171~0~0#75~1177295049587875137~457171~0~0#63~YhkolIiGO.verl.gglINwQAA&668~457171~0~0
.audrte.com/ Name: arcki2_adform
Value: 7765723041879162743!20210804!1645815959967
.eyeota.net/ Name: mako_uid
Value: 17f324691d5-2e900000010f4e19
.eyeota.net/ Name: SERVERID
Value: 19993~DM
.audrte.com/ Name: arcki2_TTT
Value: 1645815960114!fc834q4OKQkRWquMN0t9WrmXQ!H4sIAAAAAAAAAB1WOa5FNwhdjGskDxhDGSlKF0VKkd6A2f8Scu6rvp6+rw1ngi5vrrxBOZ/RKr9kc1xyW5F75azhzU7anjzpjCfEdifZPZ2WsWfE03yn8dladh/JuUy8RelWD9oyr57weoPbUb/PeFBfN2mtGt+hTepVynWO5Wl//PnfH3/+9c+/f5MMmn3w7LMlrxHmTrX7IH4l5L2Kqtcr3XrWOS1S1XsIbY5HHLrItSZNV6uV26ZYi7PH7Bufpgetdy6peCdR1FPsw3GozM+bA5fcacTSJ12bwEX3yHP7We+2+XaoxaR4gkP+NvlQp67mmrue12727PIVR6NHaek2uiGbLGQcYPI6V5O1ULd2Ot0Anj0n37hO4/TlecJSm4TUE0VN3UDD5E13F47X3CNG7365TVR0R25KTyfmfGQC2PxwiHHngZoycko6IDxzocVapGtfEhmxfITzG42HPl0ZJHYecOpF1rmTl8Rgn2PxbKPue30vihqgRW4nSGVR5+lddn8PtLx48+S61HMd4tEhst47gfFc5ltvZns2OuTGdO9CT+ei+4Hnbh83/Z2uau2OIVx6CABPWoGarwYI7N3WWPi0vL3td9lQwmu46T0cyijUtCDShfJmtb7t+gME4wDHdbTILwh+b6XZMLmB5/h49GUkK4CTM26S7TRjB+eAXKa1rVDbUCZfCwTnJ7qRTH1Wis/dwW073z/P/oyzOmiBRdxQ+Ja0YIUHq9rpWc4AG3jAXfXOJxrINwZc49OUtYW43nlQjkQQ58Sdx41eJT/WVR2HHqyrxkJzVQICWMyFgf2DoMYBVLO3xUt2daGI+bsp0YJDXiZTodpao9rcgB5ioSWC79mKNDuqly7qc651VhPLOPIWEM8LeX6FL4derDJ96j3s7eoriP0ShI9HXIXwGVjsA52KQ5KIGvjtLZjzkwOtfQbZWJDXg8P7jIp12j7voRGEAxAjVmj0ohAgmqZ6FSyfhvpKzSA1uAwe+ZINtiVV2VYj75nZ+tvnHpBVdtDd4fXdZLgJf3xMWfe14L4DP6CSPATUYN6ZODQQimgYIGZDwGhF5lcpzDlAmzKCDtnKfhI37N1q4y1bTuIAi/cKiA6FDVD6AWo+Tqu777313f/J15DGtyrAEsJie8C4yCfYKwWVru4MI/RfHMJhcG7B+WjvNACRiNVJOW6BljnQGNJTL/IC3xyL0QD2GzcclpL4HBxkKpdOma6LBmG1FuHLwACVrl8WGFnBwQPcXmYPRGkDvx5gm+Y3IRgxCrfYo3Fx7CD5BNzBPjBCJPJP7yeq8SEO8yFd5WAMBO/GHZK8w6GnL5/2Y1JDnOnq6XvI0ODGsaQj+mi/qwixi+cmRLFr4bIzdp+3FYMThQfEj0BPCYK/MAcbwCanRWnj5PtgHkQ8gpMZWXAZhXWEom60vN9DZsJZA1LLDpvzQaBcCaW3x4u446B0gPlGlCAkY4O7NYT0gW++iRT1jti7GGWpMuYj1DVQE3BQFlgq37KNgaXVG89S+cg68DXC/mfOAfk9f6A0FJc0RnWVG7QFQg6iQ00QCWArBcgjEAzQOIL6QGXQhH5S+VSAPiIhgD2zkPNNEdEDeYt8AoELI4vu+Q0IDEJYW2Pttt7ElzsJgxGWUlNIJYtwMMaBEGZhvCqw3AjJT8+ECBHgxPipc8ayuU6tZojFrq4Y/PrhtKGCi90BCOk0OcO5Y7YIGMCMP+NrXBFC19Bn1kzeqT2tQ5k9pmDaT/lCaoJAnfcDA6qClVmSW2mg+Y6xFF9EG2hxwUngu7J/esoNB59+IUB6+QXrl772LUWYO8deCMJAWxoKwh6BsWOgFSpDC6gpCgG1SxizuonWUse8EwyKL6eRBWXIpxAM/I0zGEAzDgQBxh7GB2wO0QEVod5fzMPzeTwMxZsYLuBe1i/EQAueJ+wDa0D3e9ppNwKO/UJyYlfBjIM5sx7t/b7c4YWjDfAG0hAbxvz0khcLSb5JHVsQF2SXPNocO3qCO3Vww/LRwhD6QIhjX+l4u7f5S7QR3y6DzMyO5cIxQCbSGPtQYaPi/wG+QSx8VwoAAA==
.aliexpress.com/ Name: ali_apache_id
Value: 33.0.187.74.1645815960126.045524.3
m.aliexpress.com/ Name: JSESSIONID
Value: 074F04E2EC98865BEF11ABD01F59C13E
.aliexpress.com/ Name: intl_locale
Value: en_US
.adtelligent.com/ Name: a307558
Value: cf1e2b83-7e17-49ff-95d1-db00e3cd37cd
.ads.pubmatic.com/ Name: KCCH
Value: YES
.audrte.com/ Name: arcki2_ddp
Value: CAESEJuNRgEU76Tx39Nn1IAbhzo!20210804!1645815960247
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 156631:4
.pubmatic.com/ Name: DPSync3
Value: 1646956800%3A219_201_221_226_227_235_197%7C1645833600%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1648339200%3A203%7C1646956800%3A222_204_233_230_238_55_161_7_243_22_189_104_176_54_81_71_99_57_231_244_234_88_21_56_165_13_8_220_3_166_5%7C1646352000%3A223_15_2%7C1647043200%3A35%7C1646611200%3A63%7C1650931200%3A69
.audrte.com/ Name: arcki2_pubmatic
Value: 195ECDD6-E5E1-467D-A566-3B8FDE51B157!20210804!1645815960430
.fiftyt.com/ Name: fifid
Value: 4f82dcb8-d8cb-4003-616e-73427065c47f
.fiftyt.com/ Name: cs
Value: MTY0NTgxNTk2MHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fLOFvYrD0K0IiZ9NCXCfcNCMGt8yfP_9slYJTtUQu3Dp
.semasio.net/ Name: SEUNCY
Value: 9A726BF3D0220D2
.w55c.net/ Name: wfivefivec
Value: 9SFmwGc41NnFUI5
sonar.semantiqo.com/ Name: semantiqo_a
Value: 829dd9eeabb44081afc89ede6a6968ab
www.buhoblik.org.ua/ Name: dbl
Value: 829dd9eeabb44081afc89ede6a6968ab
www.buhoblik.org.ua/ Name: fco2r34
Value: 829dd9eeabb44081afc89ede6a6968ab
.fiftyt.com/ Name: fppm
Value: 20220225190600
.audrte.com/ Name: arcki2
Value: fc834q4OKQkRWquMN0t9WrmXQ!20210804!1645815960575
.w55c.net/ Name: matchpubmatic
Value: 5
.creative-serving.com/ Name: tuuid
Value: a62e0b1d-bc55-44c1-9b8e-c61d9ed7700a
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDc1Nkw0MrG0tEwyszBIMbW0sDQ2SzQ2TDVKNE5LMzRlAIIkSY0Zf%2F%2F%2F%2F88P4kAAAIu3DXU%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIktSYAaSgAAAPGwE8"
.adtelligent.com/ Name: a323546
Value: YhkolIiGO.verl.gglINwQAA&668
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:9SFmwGc41NnFUI5
.aliexpress.com/ Name: account_v
Value: 1
.aliexpress.com/ Name: intl_common_forever
Value: XAEicfabBpyHuexWXImVbY+KL0sDfG4gIyqe5LCGHTOocIVBKurSrA==
.aliexpress.com/ Name: e_id
Value: pt90
.adtelligent.com/ Name: a289656
Value: c8b42e30-b81e-480d-8bb8-10b5f3898523
.ipredictive.com/ Name: cu
Value: f8b2517f-966d-11ec-a977-0544ef27bb02|1645815960968
.caltat.com/ Name: caltat
Value: 482c8ce4267845978669ffaeb8eb7ffd
.caltat.com/ Name: off
Value: 482c8ce4267845978669ffaeb8eb7ffd
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-f8b2517f-966d-11ec-a977-0544ef27bb02&KRTB&23011-f8b2517f-966d-11ec-a977-0544ef27bb02
.pubmatic.com/ Name: PugT
Value: 1645815961
.adtelligent.com/ Name: a309255
Value: e5549b9c-f4b0-4f07-90c6-729024194ec2
.adtelligent.com/ Name: a297253
Value: 1177295049587875137
.adtelligent.com/ Name: a309017
Value: c5c5ac99-c444-4746-8925-e21f7a8fa26f-62192894-4348
.adtelligent.com/ Name: vmuid
Value: cceba9e670db1a97
.adtelligent.com/ Name: p440467
Value: c9946af36a2a46eb98a9c9f5e1815abe

9 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D820cc4a1-03b6-492e-480d-5ebb6517d89b%26reqId%3D01a69fb6-c7bf-446c-5838-202b90b7ba20%26zdid%3D1361
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9560.NKnCRd8eIwWSLaaIJ3FOc2PxtTrOEcKM373tmgHdf0Zh6XuNRAW3fLOWA4yo_qC6bp7kMTx3thTvxBBSnYozjw%2C%2C.Q5-BIAhbHRoH8bMT6GV-E5Akh8E%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tags.bluekai.com/site/87734?id=820cc4a1-03b6-492e-480d-5ebb6517d89b&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=820cc4a1-03b6-492e-480d-5ebb6517d89b&reqId=01a69fb6-c7bf-446c-5838-202b90b7ba20&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://mbest.aliexpress.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
acs.aliexpress.com
ad.360yield.com
ad.adriver.ru
ad.turn.com
ad4m.at
admixer-sync.rutarget.ru
ads.betweendigital.com
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
adscale-emea.adnxs.com
adservice.google.com
adservice.google.de
ae01.alicdn.com
af.click.ru
ap.lijit.com
api.pinterest.com
assets.alicdn.com
aud.pubmatic.com
avto-oblik.com.ua
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
bn01.er.bemail.it
buhoblik.org.ua
c1.adform.net
cat.nl.eu.criteo.com
cdn.admixer.net
cdn3.caltat.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.mail.ru
core.iprom.net
counter.yadro.ru
creativecdn.com
csm.eu.criteo.net
csync.loopme.me
d.turn.com
d5p.de17a.com
dis.criteo.com
dm.hybrid.ai
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
docker.creative-serving.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
event.clientgear.com
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
green.erne.co
grsync.ru
i.e-planning.net
ib.adnxs.com
ic.tynt.com
idsync.frontend.weborama.fr
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
intercollectcontact.ru
inv-nets.admixer.net
jaclick.ru
js.adscale.de
js.cookieless-data.com
loada.exelator.com
loadeu.exelator.com
loadm.exelator.com
m.aliexpress.com
m.trafmag.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
mbest.aliexpress.com
mc.yandex.com
mc.yandex.ru
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
onetag-sys.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
ps.eyeota.net
pubmatic-match.dotomi.com
px.adhigh.net
px.owneriq.net
resolve
rtb.fr.eu.criteo.com
rtb.gumgum.com
rtb.nl.eu.criteo.com
rtb.openx.net
s.adtelligent.com
s.amazon-adsystem.com
s.click.aliexpress.com
s.console.adtarget.com.tr
s.e-planning.net
s.tribalfusion.com
sale.aliexpress.com
secure-assets.rubiconproject.com
secure.adnxs.com
simage2.pubmatic.com
simage4.pubmatic.com
sonar.semantiqo.com
spl.zeotap.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
static.tnsis.ru
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.extend.tv
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.spotim.market
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
t.trafmag.com
tags.bluekai.com
tags.crwdcntrl.net
tlgr.org
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
tttttt.me
u-ams02.e-planning.net
uipglob.semasio.net
um.simpli.fi
umagnet.ru
ups.analytics.yahoo.com
us.creativecdn.com
usermatch.krxd.net
visitor.fiftyt.com
vk.com
w.uptolike.com
www.aliexpress.com
www.buhoblik.org.ua
www.google-analytics.com
www.google.com.ua
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
xn--r1a.website
acs.aliexpress.com
ae01.alicdn.com
assets.alicdn.com
resolve
sync.console.adtarget.com.tr
sync.spotim.market
us.creativecdn.com
www.google-analytics.com
www.googletagmanager.com
104.111.215.191
104.111.216.213
104.111.242.53
104.111.245.23
142.250.185.226
142.250.186.130
143.204.98.111
146.0.227.110
146.59.18.237
15.235.15.221
151.1.205.165
151.101.193.44
151.101.2.49
159.65.196.12
168.119.79.223
169.197.150.7
169.50.137.182
178.250.0.139
178.250.0.162
178.250.2.148
178.250.2.151
18.156.0.31
18.193.91.79
18.195.234.70
184.30.24.193
185.184.8.65
185.29.132.241
185.33.221.186
185.33.221.88
185.64.189.110
185.64.190.80
185.64.190.81
185.64.190.87
193.200.65.5
193.200.65.6
193.232.148.140
194.213.62.34
194.247.175.26
195.5.165.20
198.47.127.19
198.47.127.20
2.18.233.180
2.18.233.201
2.18.234.21
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
205.234.175.175
209.54.180.3
212.82.100.182
212.83.160.162
213.155.156.184
213.19.147.45
216.52.2.19
217.197.112.80
23.37.42.132
23.88.75.187
2600:1f18:6593:f606:2bad:1cf:7b7b:1af
2600:9000:2156:7800:f:4f64:8940:93a1
2606:4700:10::ac43:db6
2606:4700:20::ac43:4a81
2606:4700::6810:125e
2606:4700::6812:c05
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:800::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:830::2003
2a00:1450:4001:831::2001
2a00:7a60:0:109e::1
2a02:2638:1::11
2a02:2638:1::2
2a02:2638::2
2a02:2638::3
2a02:6b8::1:119
2a02:fa8:8806:13::1400
2a03:90c0:41:2801::254
2a04:4e42:400::300
2a05:d018:24:b001:5899:3097:1c05:cac7
2a05:d018:d29:3602:550:4075:c055:f9b4
2a06:6440:0:2d02::1
2a0c:5c81:5139::2
3.120.18.167
3.122.33.49
3.124.210.90
3.228.116.73
34.102.253.54
34.195.210.70
34.246.50.75
34.248.69.2
35.158.245.151
35.201.81.244
35.201.96.126
35.227.248.159
35.227.252.103
35.71.131.137
37.157.3.28
37.157.4.24
37.157.4.28
37.18.16.21
37.252.172.249
38.27.122.158
44.193.191.16
46.249.52.248
46.249.52.249
47.252.78.131
5.161.47.120
5.178.65.252
51.89.9.251
52.203.60.58
52.213.253.251
52.214.30.104
52.30.140.199
52.94.222.140
54.236.185.42
54.76.200.156
54.78.254.47
62.109.14.161
62.149.0.72
63.251.232.165
63.33.153.210
66.155.71.150
66.155.71.25
67.202.105.34
69.173.144.139
69.173.144.165
72.251.244.140
72.251.249.9
77.243.60.138
77.95.131.196
80.64.106.152
81.222.128.14
85.114.159.118
87.240.190.78
88.198.31.232
88.212.201.198
89.163.159.104
92.63.105.49
94.100.180.54
94.23.73.243
95.163.114.204
95.216.186.40
95.217.109.66
95.217.86.150
96.46.183.20
002a93857ca724d4828a347c2b419a56eabfd275f206a5febc48246ccfe5830d
01385d72237221efb40ab2c23514e20a92ab9c0cd0264e8064f03f0cb941de6d
01e4f178cabed5f54cda7846ca2fac2d0c8d95fb5a43ef9fa1d5a62d3db56975
025f21eecffd5e4f53f86bfa0cab271497f9e7971e629bb23b8ebe6a8a3f42c4
02caf705996ed3af1e8c494d61d835c04dc590588b0bc1bd7982604201e8dcbc
052155039c13b233f324882bd10dc38150b5bd74fb44f27c0ead4d518fbc901b
066e76a48db7e999de6582661a437987bd8371bbed98db566966ea7008b0b2a2
07b43331e6b2ecf07b979f066b7246ba0ca5e7d6c6bd3046628045ff72f41ec5
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
09ef43311f60323feb3ecd8c3f5e81064548c7e632d58e27253e6fef25bc0e7f
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0ed54caee84c318d07d509d9c9202e69cbcc2cea84cee602621292e7618808ff
0f84bd73c88c389d112f8ed3e53a66e76486943f3642de33d6df1c853f735a60
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1c7ccd354d975ee1e5018cf91d57b416a928d1e9590cc2ee92cf312449145b1f
1ce74486e1edf5e3a7f3d0235aff5fd17b7fa0c7832648ab170a516bb1b804a8
1e589330bfeb3738300c3c79d0bd373cd6f17cd8904927c7b99a06de2d1e647e
202e913beddc16fe6e985984da2d8f17ecd17b3da0fef608d2f0299734466cc4
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
208aedb9771b0e9279ae44de1b2c16711e0fb18425b88790313b19cc3d8e1dfc
2457f1105373752b385b0c0263ce46b21d60c9aa05ecbf30c150543d6c23ebb5
2485fd84df2f7888bfb99c499ea6cafb20f39127ec6fd0f72ddc2b77d02fdf08
2655e4b9178a58fcc8f24db4f58c58a80a4825f7a4819f8d3e162fc91fd6efbf
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2a848f4ba76e34a35cd995394dcafa2a3423fa76c761968db197ac1de002d2fc
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aae5c7ebe833368b30ffc888cc34827b1b6629be3d882c695ab0608b1802745
2cb6aa168491f0d76255839ccbed19fba4f560bcf0b95aea1dc84aa257ac685c
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f389e83ac014e726db63d9ce25e782501ef88fb2699edead3cc9a0cb6373fce
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f5b2833db1493d3cf56c173ea1bbebb6e07b2871466493c41e9c683f0485188
3275b47087afcb3c7628878e40c61e9ee9c1b90f8a265bf2a9aa9d5f0d233762
33f9b37b3d213f4a58930a3fa37c70bf2aa96478c2a82862d7bbe25e1452f11f
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
35c77074524fa5705ce81fb0cea86d0ec3af63e64d8219d9722e8b947d09323f
364d35565bf184c65b556bdf437f92ae4308d3c837416f48f79d66d9a343aa3a
36a8cc71b8c024b285afdf588deb67f2f3ae0b44bb438c65bb9b62a1247c3e3f
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37024e91b4aeb0afb865f6fc5fd3fb99d0738ac8afc05c5b3fb15503b72bb642
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3887f0e3d7b1971098416bd5e0dc53064bdadeacea122b51053a2ed74dbb177f
39d7baa5797d401733cfc40ff26c35e4f4d7318ffcaa221ecf767b4f33bb26cc
3b2212ef1c4d336fbd7983a732d88fa83423a25453209f02f18ab878218d505d
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f13c18a72dbb2df0bec3bab6ed0bf00ae54cd5ab23f21a412cda735ee4e1fda
3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40529330c6cdcd0c00f51554bbe60f0efb95e6d861f9e82f5a8e1accaecc7460
45d97acdd00d9a3d34aa565be8341f8e38a3cdd0d89d37df9fa4d64f1a9e21fe
46f8f0467866bd42499166befd0405d7aa79804d7c6e6811127737ea3edacf11
484c9dc906528d1a062bb6bafbadaf374c145503a4c3de6826c967c642ddcff6
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a8a58134ab0ffbb7251e7015612cdc8633a8c663ef5e2bb94328c3ba53dd390
4a917cbd424303e1b6d60dc0184972732a71937e7897c62989ed366984dbc6ce
4c7464e5ffa964637861f94de3d75d7b3ca3932f7ddb6812cbd826d598904d68
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
51016ca52f4b5ea24337df4e3555e8982a386b8cbf81d3064a5022d856688a62
51963d3074e03b274597ec8a657697e989d104197d060d7f71e4df8971c25edb
51ea27ad151cf652c9c715f857d79788571e9b507aee2d39c650c8c524bd2e72
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d45bafead32e120467c516a40cad41128ad63b258bac104bebdad2eeade16c
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
5a7e535789afbf2902aa1d65d2c670dd9b33440a09a1f842cd96d34af1db3bd9
5c4179f81887adb77b4ed0c03ab4594316179c6fc7e2b78e6958047c2444ade3
5fe833c23075cb21c9eef60d0e819155ad9521ffd91998d3ce116b669e946bcf
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
624108d126aaea46f83bb807588d0fd9a1ad3ce8b237577f70cd5ee6232cbfb4
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
6424d4f142db78c4c986f276dbb6eb8be9886282c0239a8e8d9cda3f00a9ffeb
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cfb1efd2df33497cd72c419b6d3937b1d23e58f355b71f567e1adfdedd818f6
6d50a69b479029d0d1cc0f1e90759a3bcdf1895c518bf4e5bd59879d5f299448
6f8341b02568f0c21ecb4d8bfaea05b0308bc5ec1867d3d7f265107ae3002c11
72312896f981109051b84114eeb536be4f5022de13514660739d253f0ed09304
72a43e51299d6c00a7f3008fad41c177df63f2ac771b147b0a6b2100161a4586
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
773b8e2167621cf7d67f1c7673da9be972cfa1ffa9aebcc6ce83deabeb8e7d53
7a1934a4f985460636c5c11f3594f3d1eaeec946c181629463bd7c6fe8b83c94
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7bb3346371cffae91e494ffea471d08ebeaeac780114953e17419eb9bf93ff95
7d11b40d79fdc071dec110e88bc6fbd99e832b197180d0c9515cc8f99603c29c
829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
88467b23c1044f571783e76997720036df1c0a9925eee5f428c7ff150fa7da56
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
8980be134f83d21785afcf8f206c753e7dbdb6359cc236e336609eb28f0115e0
89c114dc23d61c6b428f26c214e96d1fd49b43c8f777c8fcbb9ffdee7a84d81f
8a71d1d3969b52863691197945e25159d7171b948524d9b9c224395dd6676b2e
8b7ea24747712484c1c05b0337f5538e246fb01a18b8d14ddd2de428f444ea92
8cd650efeae1f95b7655b227ec7cdf9379cc46c40189aaa08163d2ced84dc5cc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dfbfa16c85400143f85eb24eef8df723fd19c190f841c2c5ff22b8d0a5eeb09
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
8fd5f6e7503d4078925f3fada4d3b42ec4e036bf844ee62621f9c6c0272a1495
971fdcab3ba510789903db0ad9ef8e1cfa1c549774ae463b6098c9c5ef8b0132
97ce3fd5f5eee27ebe4513c4731c528cd845b819e865c2c487e23e6926df3ba8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9ae18df2794e90c3f0657da4efd2ee7cb9c7dd294f1f3a9199e4f8bab554f3
9dcf84784d9d584b2f4a3a244fd4124d6939bf424150c01b5e038f055b54b833
9dfa629f6e589820f635505baf15af345cb6b3d6fb89126f5bf75cba3046630e
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d35007c83b3689910808811412e63293a2ae2abf1180a2dbaf4b3f7bb91ce9
a5999cec348d9c44155de3607778eab37958803f0e379211a327cb5b5f69b2db
a6e8aec7ccc3eb5c11b1b26ddb6d10bffafd6c57f9841e8c8d2a7a869ff696d5
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7720e800816b4a0252763ebfe9df86db00185b67657b87c2d0c8096023e1c93
aae7a0b108e6ba697943a6db3cc86164fefc835f8070a9a93425487776cef956
ae12e6ecdb6dea284bb7dffd4868d0e21f27d6f730cf6544e31f940a61412e5d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b248eb55fe8b7dcbc9b631a7eb4fbd1bb7ccfcdf0892f5ac230ce5ffd53ed92e
b53e598b65927cfe813d8fc0140e38492dc672c81062f1c5db566c23b04459fc
b89a9f540b409599b6239fdd4d237c3e0da0cb019e3b04cf0dcc89c1db82d378
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
c1922061e01300c6b8d0e9a9dbc638c2eb7b2f5cf9e7690791bf7be4dd8733d6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c23f13dc75521d634c0f19c8566969275e9e56cd3de9bb6652e38923d4ac99d2
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c6d254ee6b05a14666952b2b7629dedc518103bfed8a8d6ee0c1cbe28f76c6fd
c8e9dc9ff0e6bac845dc13ae72500cd84a2cb5c09e14a51a20f37e3a35b26c5a
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9e6d1a665711c4f829583ad797c12a623991cb1cce1b4f54f32bfb6859f27b
d1cfb6f2358c0dbfe90adc4d94ed03725ce84de91cef3778ce0696c19de9c8a6
d1da0b01a7288710a9b8eb6922accfe64f9a895633ad63867e56f1f41b6da05f
d49d19615523e1f1c471ed886c0580af7a1ced862c588cccdbea5589d31a5acb
d55d7104a0d0ff35d25e1a137a9aab4df566ceb08866807e019434ac45bcc704
da8acdf8975a6bcb47b4640db38b3f91bc3a48e7cbf548b830575d491cb6a0cd
db3f8c106db649397b8741340fd881b1a555442d3084fab0eee2f6077c854b83
dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
def453926bf1e0d62bf8a4cf5c409dd333a049f547e470a509cc738bede438c7
df924700bda8bec99aa5731304e351c07299e5b5df92a6dfedbe857871358cbd
dfb51a77a70ed38db9330f3c37cbb927f065a9a19b2ccd0edccc98dc6fd734ae
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e114394d6b0349144b28d679b6c44fcadbcab634789db73b84ca6e4b55c61dc3
e2cd8a1e5b85cfa69fc04b46ffbf11536afad6e6080e9bf008a0f557cda23c88
e2d9112492a92b8c963f9ded23ac179a118b82c32fe8d6d28c218abc5a076173
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48afda541635daaa863c2409860c358bfe2b7e5c54423d42dd32ebbbc851007
e6972fe2e229ab6115456a139aa95cd8ba67c16ff866efcc1bd6e0cce6407c91
eb67f0a083db90b7da9b98a8a8a78ac8ab2c5c7f813126927f7282a16a8abc0f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efccc83a6ec67c6407f4b2d9664b3033562cc7294b371cd89b5b6541080e4236
f1a47e61dfbe2a0ba893af1d972ab9dafc04d96f5e816f7516f4c5414bd8b849
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3
f328f4ae2fe983386843cc07db0af78c5fe9fa5ae67812f80062d5baa0e61047
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
fbe1d847315188ea2d92fc31cffac79b123cccf0db720e905d22ef7685a066ab
fcbc61a1473aea0abbd62eef06b8b7bf34ff9452ea74f6efcfef28a4ac587ff1
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb