urlscan.io logo urlscan.io
SecurityTrails logo

friends.in.ua Open in urlscan Pro
91.240.20.7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://friends.in.ua/
Effective URL: https://friends.in.ua/
Submission: On December 13 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 58 IPs in 9 countries across 44 domains to perform 448 HTTP transactions. The main IP is 91.240.20.7, located in Lithuania and belongs to WIBO-AS, LT. The main domain is friends.in.ua.
TLS certificate: Issued by R3 on October 31st 2022. Valid for: 3 months.
This is the only time friends.in.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 56 91.240.20.7 59939 (WIBO-AS)
1 2606:50c0:800... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
6 89.149.200.234 60781 (LEASEWEB-...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
8 2a00:1450:400... 15169 (GOOGLE)
1 144.76.109.99 24940 (HETZNER-AS)
4 2a00:1450:400... 15169 (GOOGLE)
3 91.228.155.126 44066 (DE-FIRSTC...)
1 91.227.52.186 56806 (ASCOM4S)
16 65.9.86.82 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 10 2a02:6b8::1:119 208722 (GLOBAL_DC)
1 7 89.108.119.43 197695 (AS-REG)
4 2a00:1450:400... 15169 (GOOGLE)
15 2606:4700:20:... 13335 (CLOUDFLAR...)
1 213.196.39.165 7979 (SERVERS-COM)
15 185.184.8.90 204995 (RTB-HOUSE...)
24 89.149.192.65 60781 (LEASEWEB-...)
35 185.89.210.141 29990 (ASN-APPNEX)
1 157.90.0.13 24940 (HETZNER-AS)
15 2a02:2638:1::1a 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a02:26f0:340... 20940 (AKAMAI-ASN1)
5 5 184.24.9.113 16625 (AKAMAI-AS)
10 104.109.78.125 16625 (AKAMAI-AS)
12 138.201.220.30 24940 (HETZNER-AS)
2 8 185.29.134.249 30419 (MEDIAMATH...)
12 34.243.93.43 16509 (AMAZON-02)
3 184.30.20.207 16625 (AKAMAI-AS)
13 88.221.168.189 16625 (AKAMAI-AS)
11 185.89.211.84 29990 (ASN-APPNEX)
6 2a00:1450:400... 15169 (GOOGLE)
6 2a02:26f0:480... 20940 (AKAMAI-ASN1)
36 37.157.5.142 198622 (ADFORM)
6 81.17.55.160 60781 (LEASEWEB-...)
1 5 138.201.63.164 24940 (HETZNER-AS)
1 5 138.201.63.149 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
3 138.201.84.244 24940 (HETZNER-AS)
5 69.173.144.165 26667 (RUBICONPR...)
18 37.157.5.73 198622 (ADFORM)
1 69.173.144.138 26667 (RUBICONPR...)
6 6 145.239.193.130 16276 (OVH)
3 88.198.250.30 24940 (HETZNER-AS)
3 6 23.67.134.223 16625 (AKAMAI-AS)
3 3 85.239.105.10 16097 (HLKOMM 04...)
12 2606:4700::68... 13335 (CLOUDFLAR...)
3 3 94.23.99.218 16276 (OVH)
3 54.76.176.197 16509 (AMAZON-02)
6 185.86.138.124 201081 (SMARTADSE...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 88.212.202.52 39134 (UNITEDNET)
2 2a02:2638::3 44788 (ASN-CRITE...)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 168.119.149.178 24940 (HETZNER-AS)
1 178.250.0.157 44788 (ASN-CRITE...)
448 58
56    91.240.20.7 (Lithuania)

ASN59939 (WIBO-AS, LT)
friends.in.ua
1    2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)
kodir2.github.io
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
10    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    89.149.200.234 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
franecki.net
5    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
8    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    144.76.109.99 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.99.109.76.144.clients.your-server.de
stats.myangular.life
4    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
partner.googleadservices.com
adservice.google.de
3    91.228.155.126 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde377-1.fornex.org
aurabom.ru
1    91.227.52.186 (Russian Federation)

ASN56806 (ASCOM4S, RU)
www.megastock.ru
16    65.9.86.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-82.ams1.r.cloudfront.net
sholke.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
10    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
7    89.108.119.43 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru
x01.aidata.io
4    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
15    2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.adpone.com
1    213.196.39.165 (Netherlands)

ASN7979 (SERVERS-COM, US)
mxtads.com
15    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
24    89.149.192.65 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
35    185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    157.90.0.13 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.13.0.90.157.clients.your-server.de
shb.richaudience.com
15    2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ac3bcb6729b00b4ccdfb92d35dc43719.safeframe.googlesyndication.com
6    2a02:26f0:3400::5f64:9e19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
5    184.24.9.113 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-9-113.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
12    138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de
hal9000.redintelligence.net
8    185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
12    34.243.93.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
s.update.mediamathtag.com
3    184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com
pixel.mathtag.com
13    88.221.168.189 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-189.deploy.static.akamaitechnologies.com
cdn.adnxs.com
acdn.adnxs.com
11    185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ams3-ib.adnxs.com
6    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a02:26f0:480:10::213:7e97 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
apps.sascdn.com
36    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
6    81.17.55.160 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
euw1.smartadserver.com
5    138.201.63.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de
hal90006.redintelligence.net
5    138.201.63.149 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de
hal90009.redintelligence.net
2    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    138.201.84.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de
hal900026.redintelligence.net
5    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
18    37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
6    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
3    88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
6    23.67.134.223 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-134-223.deploy.static.akamaitechnologies.com
www.awin1.com
3    85.239.105.10 (Eilenburg, Germany)

ASN16097 (HLKOMM 04107 Leipzig, DE)
trf.greatviews.de
12    2606:4700::6813:b979 (United States)

ASN13335 (CLOUDFLARENET, US)
www.parship.de
3    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
3    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
6    185.86.138.124 (France)

ASN201081 (SMARTADSERVER, FR)
www8.smartadserver.com
3    2606:4700::6810:cc16 (United States)

ASN13335 (CLOUDFLARENET, US)
eum.instana.io
1    88.212.202.52 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru
counter.yadro.ru
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    168.119.149.178 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.178.149.119.168.clients.your-server.de
sync.richaudience.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
Apex Domain
Subdomains		 Transfer
59 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 218
cdn.adnxs.com — Cisco Umbrella Rank: 1392
ams3-ib.adnxs.com — Cisco Umbrella Rank: 8220
acdn.adnxs.com — Cisco Umbrella Rank: 579
312 KB
56 friends.in.ua
friends.in.ua
2 MB
54 adform.net
track.adform.net — Cisco Umbrella Rank: 4163
s1.adform.net — Cisco Umbrella Rank: 9699
560 KB
36 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1508
euw1.smartadserver.com — Cisco Umbrella Rank: 34313
www8.smartadserver.com — Cisco Umbrella Rank: 6144
49 KB
25 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 55258
hal90006.redintelligence.net — Cisco Umbrella Rank: 666810
hal90009.redintelligence.net — Cisco Umbrella Rank: 706826
hal900026.redintelligence.net — Cisco Umbrella Rank: 505942
553 KB
21 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 860
eus.rubiconproject.com — Cisco Umbrella Rank: 547
token.rubiconproject.com — Cisco Umbrella Rank: 551
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2189
57 KB
18 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 734
gum.criteo.com — Cisco Umbrella Rank: 399
mug.criteo.com — Cisco Umbrella Rank: 3032
10 KB
17 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
ac3bcb6729b00b4ccdfb92d35dc43719.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
245 KB
16 sholke.com
sholke.com — Cisco Umbrella Rank: 146180
51 KB
15 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6590
3 KB
15 adpone.com
hb.adpone.com — Cisco Umbrella Rank: 23256
2 MB
12 parship.de
www.parship.de — Cisco Umbrella Rank: 316772
44 KB
12 mediamathtag.com
s.update.mediamathtag.com — Cisco Umbrella Rank: 8932
59 KB
12 sascdn.com
ced-ns.sascdn.com — Cisco Umbrella Rank: 2356
apps.sascdn.com — Cisco Umbrella Rank: 7554
73 KB
11 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 3593
pixel.mathtag.com — Cisco Umbrella Rank: 910
5 KB
9 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 79736
medialead.de — Cisco Umbrella Rank: 79042
3 KB
8 gstatic.com
fonts.gstatic.com
93 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9046
3 KB
7 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 15547
49 KB
6 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16963
4 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
161 KB
6 franecki.net
franecki.net — Cisco Umbrella Rank: 142968
40 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
40 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
ajax.googleapis.com — Cisco Umbrella Rank: 311
37 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 instana.io
eum.instana.io — Cisco Umbrella Rank: 6880
29 KB
3 ad-server.eu
ad-server.eu — Cisco Umbrella Rank: 170782
936 B
3 greatviews.de
trf.greatviews.de — Cisco Umbrella Rank: 380354
3 KB
3 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 77716
1 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4242
58 KB
3 aurabom.ru
aurabom.ru
45 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 662
58 KB
2 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 4114
sync.richaudience.com — Cisco Umbrella Rank: 1837
453 B
2 google.de
adservice.google.de — Cisco Umbrella Rank: 11832
914 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
89 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
86 KB
1 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 11213
287 B
1 mxtads.com
mxtads.com
6 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 840
464 B
1 megastock.ru
www.megastock.ru
2 KB
1 myangular.life
stats.myangular.life — Cisco Umbrella Rank: 97236
187 B
1 github.io
kodir2.github.io — Cisco Umbrella Rank: 217788
2 KB
0 yandex.ua Failed
mc.yandex.ua Failed
0 takedwn.ws Failed
test.takedwn.ws Failed
448 44
Domain Requested by
56 friends.in.ua 1 redirects friends.in.ua
ajax.googleapis.com
36 track.adform.net ced-ns.sascdn.com
s1.adform.net
35 ib.adnxs.com hb.adpone.com
acdn.adnxs.com
24 prg.smartadserver.com hb.adpone.com
18 s1.adform.net track.adform.net
s1.adform.net
friends.in.ua
16 sholke.com friends.in.ua
sholke.com
15 bidder.criteo.com hb.adpone.com
15 prebid-eu.creativecdn.com hb.adpone.com
15 hb.adpone.com sholke.com
12 www.parship.de hal900026.redintelligence.net
hal90006.redintelligence.net
hal90009.redintelligence.net
www.parship.de
12 s.update.mediamathtag.com friends.in.ua
s.update.mediamathtag.com
12 hal9000.redintelligence.net friends.in.ua
hal900026.redintelligence.net
hal90006.redintelligence.net
hal90009.redintelligence.net
11 ams3-ib.adnxs.com hb.adpone.com
sholke.com
cdn.adnxs.com
10 acdn.adnxs.com sholke.com
hb.adpone.com
10 eus.rubiconproject.com friends.in.ua
eus.rubiconproject.com
10 pagead2.googlesyndication.com friends.in.ua
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
8 tags.mathtag.com 2 redirects sholke.com
friends.in.ua
8 fonts.gstatic.com fonts.googleapis.com
7 mc.yandex.com 3 redirects friends.in.ua
7 x01.aidata.io 1 redirects friends.in.ua
x01.aidata.io
6 www8.smartadserver.com friends.in.ua
6 www.awin1.com 3 redirects sholke.com
6 pv.medialead.de 6 redirects
6 euw1.smartadserver.com ced-ns.sascdn.com
6 apps.sascdn.com ced-ns.sascdn.com
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
friends.in.ua
pagead2.googlesyndication.com
6 ced-ns.sascdn.com friends.in.ua
6 franecki.net friends.in.ua
franecki.net
5 token.rubiconproject.com eus.rubiconproject.com
5 hal90009.redintelligence.net 1 redirects sholke.com
hal90009.redintelligence.net
5 hal90006.redintelligence.net 1 redirects sholke.com
hal90006.redintelligence.net
5 secure-assets.rubiconproject.com 5 redirects
5 www.google-analytics.com friends.in.ua
www.google-analytics.com
www.googletagmanager.com
4 securepubads.g.doubleclick.net sholke.com
securepubads.g.doubleclick.net
4 fonts.googleapis.com friends.in.ua
hal900026.redintelligence.net
hal90006.redintelligence.net
hal90009.redintelligence.net
3 eum.instana.io www.parship.de
3 ad-server.eu sholke.com
3 medialead.de 3 redirects
3 trf.greatviews.de 3 redirects
3 pb.media01.eu hal900026.redintelligence.net
hal90006.redintelligence.net
hal90009.redintelligence.net
3 hal900026.redintelligence.net hal9000.redintelligence.net
hal900026.redintelligence.net
3 cdn.adnxs.com hb.adpone.com
3 pixel.mathtag.com friends.in.ua
3 mc.yandex.ru 2 redirects aurabom.ru
3 aurabom.ru friends.in.ua
aurabom.ru
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net hb.adpone.com
static.criteo.net
2 www.google.com tpc.googlesyndication.com
2 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 connect.facebook.net friends.in.ua
connect.facebook.net
2 www.googletagmanager.com friends.in.ua
aurabom.ru
1 mug.criteo.com
1 sync.richaudience.com
1 counter.yadro.ru 1 redirects
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 ac3bcb6729b00b4ccdfb92d35dc43719.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 shb.richaudience.com hb.adpone.com
1 mxtads.com aurabom.ru
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.megastock.ru friends.in.ua
1 stats.myangular.life friends.in.ua
1 ajax.googleapis.com friends.in.ua
1 kodir2.github.io friends.in.ua
0 mc.yandex.ua Failed friends.in.ua
0 test.takedwn.ws Failed kodir2.github.io
448 67

This site contains no links.

Subject Issuer Validity Valid
friends.in.ua
R3		 2022-10-31 -
2023-01-29		 3 months crt.sh
*.github.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-04-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
franecki.net
R3		 2022-11-26 -
2023-02-24		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-21 -
2022-12-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
stats.myangular.life
Sectigo RSA Domain Validation Secure Server CA		 2022-09-04 -
2023-10-03		 a year crt.sh
aurabom.ru
R3		 2022-11-26 -
2023-02-24		 3 months crt.sh
megastock.ru
R3		 2022-11-08 -
2023-02-06		 3 months crt.sh
sholke.com
Amazon		 2022-11-28 -
2023-12-27		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-03-30		 5 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-11		 a year crt.sh
mxtads.com
R3		 2022-10-22 -
2023-01-20		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
my.aidata.me
Sectigo RSA Domain Validation Secure Server CA		 2022-02-15 -
2023-02-15		 a year crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-08 -
2023-09-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
redintelligence.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
update.mediamathtag.com
R3		 2022-10-22 -
2023-01-20		 3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-20 -
2023-05-21		 a year crt.sh
www.parship.de
Cloudflare Inc ECC CA-3		 2022-05-09 -
2023-05-09		 a year crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh
*.instana.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-17 -
2023-11-17		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh

This page contains 72 frames:

Primary Page: https://friends.in.ua/
Frame ID: 47057575C0B50990383C167BB09ABDDD
Requests: 100 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 00044399530A5999CB29200501900960
Requests: 1 HTTP requests in this frame

Frame: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=6652701670900663197
Frame ID: 0540BC3F8C6804FF94565C4ED2F8E3B0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1034840951493578&output=html&adk=1812271804&adf=3025194257&lmt=1670900663&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Ffriends.in.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670900663034&bpp=3&bdt=716&idt=189&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2670508497009&frm=20&pv=2&ga_vid=845992931.1670900663&ga_sid=1670900663&ga_hid=542884158&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071277%2C44780792&oid=2&pvsid=3278526591422257&tmod=725266722&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=225
Frame ID: E37DE326EC24D56839E28FBEDFC6F426
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 5BA34C877450C39B3D1C5923B1B949CB
Requests: 19 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=knmkvkwmj&e=1524064857105
Frame ID: E345C49A5D33A6047FB8F6D0C0EAC6A0
Requests: 7 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=itnvaapo&e=1524064857105
Frame ID: 12B0FF6180EBDCDC80481D5B6C31885B
Requests: 7 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=hfrveoza&e=1524064857105
Frame ID: 0AB3574197DFD98E110F2AB5DA873844
Requests: 7 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=sutyqaxnfc&e=1524064857105
Frame ID: 4927CDD8CD70D8372BC85FB33C827A92
Requests: 7 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=xixwrtz&e=1524064857105
Frame ID: 95274561E06A6F12317CD89635FA6EE2
Requests: 7 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=kmjolxcm&e=1524064857105
Frame ID: 55AF75D5391BCB494C9E56B3FD800284
Requests: 7 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=ocmjq&e=1524064857105
Frame ID: D59B961303FAE1F7F1DE15323A833B2C
Requests: 7 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=cddnzhbvb&e=1524064857105
Frame ID: 6130CA2463BC335EE560C83B6D7AD1BA
Requests: 7 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=skiweek&e=1524064857105
Frame ID: D8F54BB3BBE33B29B6825A7F9DD4BCC6
Requests: 6 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=dgrhxzjqm&e=1524064857105
Frame ID: 483CA4A310421C0A7A3DD9901FD08C46
Requests: 6 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=ikbysaw&e=1524064857105
Frame ID: B38BF084A58B5DB2FFE8BA75811C56FB
Requests: 6 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=yqohrxgm&e=1524064857105
Frame ID: A8F98A7311EFE486B1F2E3A0C3C53F29
Requests: 6 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=plxhds&e=1524064857105
Frame ID: D4F3BF126E31B72DCA631FA384C5009A
Requests: 6 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=ammlwb&e=1524064857105
Frame ID: 360CF799835FAB96F34DEFDC3DF7085A
Requests: 6 HTTP requests in this frame

Frame: https://ac3bcb6729b00b4ccdfb92d35dc43719.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: FDDEE15638CAD4FF04F0AFEB8B508469
Requests: 1 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: CC6B00F097175F065F6C06EA11086AFA
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: B1B675237C2BC330131C480AD3959297
Requests: 3 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: 80849E21DFF61F94A96DAE77AFFFA968
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 983FF7FA7A5900F62B95F43FB59D694E
Requests: 4 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: 161FD95D3CA4509AD615D6BAC06C8C54
Requests: 2 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/zone/qfqcwu936glt?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=7519516833810243741&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7519516833810243741%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D
Frame ID: C176B3E2F84F7B28F5620B8FC7D9A72E
Requests: 25 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/zone/qfqcwu936glt?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=6366595329203396825&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6366595329203396825%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D
Frame ID: 3428BD5C244CCDF25FF887AC01068490
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: BCA49E5FF30681E0119F07B73EABF14C
Requests: 3 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: 8056D2110D77012B1187D9C311744DD4
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: DAFC32517C6FB766EF1C745F03197C58
Requests: 3 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: B9A1DBB81F0B4BC609FEE643523E514B
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 5E6A98657BEB3004FACEB76BFB9FCC1A
Requests: 3 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: D06A9512E5624A89FB0F2849C68EE2F2
Requests: 2 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%226054411e-56b9-4529-a5c7-0caf63bd1e04%22%2c%22adomain%22%3a%22rumpopn.com%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2258441608%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222819364%22%2c%22adid%22%3a%2258441608%22%2c%22hash%22%3a%22-7782229621295426521%22%7d
Frame ID: 2A6CB83C0B56B88385629D2A693D34A2
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=58441608;rtbwp=fDlGELgw_LYpPWbcaRLTo71WBq8Wwe88HLYMgA;rtbdata=EgHIUscw8nuwzdRJYb7m9YozsmgFr4h66kkrem_n4pWYKyY27RLn2--7UQrQavP22hj6R4ZnCmZlEYXDnAyctXSPuRfwq2U-0tZ2gHoqt3dwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufbTxdNCFNgtsYy9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRvJX2KMh671V4KLMr5O4ZVNZPSVCRcBPzE1
Frame ID: 3443064CEBC41A9CDC66D3AFE2DA3917
Requests: 10 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22cff4e43d-8fd9-4eff-8813-afc8b698dc06%22%2c%22adomain%22%3a%22beratung.de%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2258871330%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222821951%22%2c%22adid%22%3a%2258871330%22%2c%22hash%22%3a%229035198099596091152%22%7d
Frame ID: 24CE474B8B9B9B376D3AC2CC6800137B
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=58871330;rtbwp=awkkLAPbe_0lwkEx38vCJ4JzsA9WBZfr8M4wPg;rtbdata=xyM5PMf_e7HMNJiEZyaoh34DzZ_1c6RvttvmmmYAHQrjw8f5yuW2b98e2NGQNPpHo6lrrtXl9r10TwS1CH1FAv18cWo3qXfQQQj86ERciR9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufZ2yZ_uCUCXkYy9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRvJX2KMh671VyeheoegvN1zZPSVCRcBPzE1
Frame ID: 2FF48173083D487E3712965796E4A2DB
Requests: 10 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%2258521dfa-fe3f-4f72-9d27-83fb3de0f721%22%2c%22adomain%22%3a%22wohntraum-weiden.de%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2256588294%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222744137%22%2c%22adid%22%3a%2256588294%22%2c%22hash%22%3a%22-4790844819760506036%22%7d
Frame ID: 42D80F848FCA4D89D9AEB865274CD090
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=56588294;rtbwp=5gcch0fRL-fyzPOzRMHXEzR4Q1prnYd_Tc_oQQ;rtbdata=dVWYmnj-zflUAf1Txsqp5Ub7XDhUkMlG3XZz0AVMArHLfvca8RlJqeJP3jCI3qERBLOwN9YqiXvKc8PD78MKgOVRhDgrzx29I415sj83Pk1wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufYfohmA3MpgH4y9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRvJX2KMh671V6EuVBWCp8k1ZPSVCRcBPzE1
Frame ID: 84E2CFA2A8481D4AE0D082C7F649EE8B
Requests: 10 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/zone/qfqcwu936glt?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=1754909309698679023&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1754909309698679023%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D
Frame ID: 0CFC43CE3ED2A0C761DD2F3BAA709E7D
Requests: 11 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%2266fcc7da-bad5-4f11-91f4-c869224d2ddf%22%2c%22adomain%22%3a%22firmen.tv%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2257837237%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222791744%22%2c%22adid%22%3a%2257837237%22%2c%22hash%22%3a%228972679532373123456%22%7d
Frame ID: 2772E986E56682BE32A82D197805BF6F
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=57837237;rtbwp=OKUyPh807jSpmgUKHWyEtdCzZce2ZXAhmC4kkA;rtbdata=NNFYuMWAQnPtYeQBp6e04dSs5SUnb2g2AkyxuufZQ5Odtdw1azOZnBj85PPOzRRFVyT7TpbVGOI6SIahnz3ghiwtjqI06TEx9DrP2HGGHdFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufZjZDel7w-fQoy9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRuru07Cw_7F_aEuVBWCp8k1ZPSVCRcBPzE1
Frame ID: D238E04C4FCF03D1998A0E6FDF31A379
Requests: 10 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22ce4af49e-0ad4-4e3f-8f96-0662149ff991%22%2c%22adomain%22%3a%22firmen.tv%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2257837237%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222791744%22%2c%22adid%22%3a%2257837237%22%2c%22hash%22%3a%228972679532373123456%22%7d
Frame ID: 7BE4CD20A15CCD59AF379D02E93F6D28
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=57837237;rtbwp=OlbxoM4ZynxiPucwEpyFw0J3LY6zy__IX4olQQ;rtbdata=3XPskYh16vZAUWZvSzSZLSx2mumz4b3pnxOBaxOs8ORSUNHAL37Y06Q-fy_RuKbl2l5BmovERcqYjHBVjaY4p6BKed6m-K1obc5MbjISijVwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufaKYl9twExy74y9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRuru07Cw_7F_YKLMr5O4ZVNZPSVCRcBPzE1
Frame ID: C5EF25BF5D73FBDD7092AAC85E3FEB52
Requests: 10 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22d6b4cc05-ca2a-4d9b-809a-30b2f6e7ee22%22%2c%22adomain%22%3a%22firmen.tv%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2257894125%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222791953%22%2c%22adid%22%3a%2257894125%22%2c%22hash%22%3a%22-2638847429860618896%22%7d
Frame ID: 5A4A5F64F8A5DDC192D29C32FC217918
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=57894125;rtbwp=soOWlH_GRzEhG-lZ9sNIVtsf1mAa9AEH6gpAbg;rtbdata=kOehyWS82X-DhlkeCd3s0lcsotEki1H2s1GwlNU0x3zUjXYRxN4kjsaVYKlH7quXcD7RnWuKfmsDrig4-qo_N9l_KU8WH-XRSwmGgMrdL3twGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufaxTtEYB4XzvIy9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRvJX2KMh671V4KLMr5O4ZVNZPSVCRcBPzE1
Frame ID: D41252D39AF625C9BDC9CEABAA3E3022
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5F1B6C6B0229B9C1152BBD1DBF424E36
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9840DEE6B94DED748EBDA2C538260C1E
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=41535200007297500951433012172026&actionid=981741&produktid=&dt_url=
Frame ID: C13CF5FCA71E213008B41EE4CFF11F4A
Requests: 1 HTTP requests in this frame

Frame: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c49c6e-7a92-11ed-9804-00155def0803ID
Frame ID: 756E7F3122DAF1E933212D565AC03BD9
Requests: 5 HTTP requests in this frame

Frame: https://hal900026.redintelligence.net/request_content.php?s=41535200007297500951433012172026&a=2347597a
Frame ID: 7F934B2FE9929DF3C0E33A8CF9B1D8BF
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: 32F13D93956450D8956E2881956488AE
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=29815100008565000951433012172006&actionid=981741&produktid=&dt_url=
Frame ID: 2C126AA4AC30D6FED1F6FBC3E2772157
Requests: 1 HTTP requests in this frame

Frame: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e4d0-7a92-11ed-a9e4-00155def0803ID
Frame ID: A0CE4C228D2DF795C3BE80E454CE63B0
Requests: 5 HTTP requests in this frame

Frame: https://hal90006.redintelligence.net/request_content.php?s=29815100008565000951433012172006&a=79596e9a
Frame ID: 1A9C9952AA9DEA6834D6FC7F04F6E4B6
Requests: 9 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=62272200006256900951433012172009&actionid=981741&produktid=&dt_url=
Frame ID: 1AA4052CB3953ECC0BBF32DD00689CB4
Requests: 1 HTTP requests in this frame

Frame: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e336-7a92-11ed-b554-00155def0803ID
Frame ID: 1E8B288F6149C13F898E74C1E1CD9306
Requests: 5 HTTP requests in this frame

Frame: https://hal90009.redintelligence.net/request_content.php?s=62272200006256900951433012172009&a=39f35660
Frame ID: 5B6E4586C9BF9E927FF748DF7A169869
Requests: 9 HTTP requests in this frame

Frame: blob://https://sholke.com/c72c7803-0d45-4093-a063-61684222e8d0
Frame ID: 5BCCEB5B36BFDAAC84B6276AC39EF08F
Requests: 1 HTTP requests in this frame

Frame: https://x01.aidata.io/stats?pixel=VIBOOM&v=1670900664091&url=https%3A%2F%2Ffriends.in.ua%2F&is_js_referrer=1&origin_referrer=&pid=VIBOOM&js=1&sid=31be860044fa4dd8b3a2b93bc144f09b&__upin=dbLQMgBOPT9o3yyhTHDDVQ&id=53ffcc7e4bba25670a61925f212d9a9d&url=https%3A%2F%2Ffriends.in.ua%2F&payload=%7B%22event%22%3A%22referrer%22%2C%22type%22%3A%22referrer%22%2C%22data%22%3A%7B%22value%22%3A%22%22%7D%7D
Frame ID: FCF5D41DC594AA626A7A85B9D8FB111E
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 72C711D9E20B23B5F4CA8ABFD9343AC6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B8EECF57E2F4A21B81A26FCD8D636F15
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua
Frame ID: 33E676E466DEEC9B318266C35B7520AC
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 11C6AF0B0DF183965406B74E24898075
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CD3A04FF4FC5B10C7C3B654F07FB607B
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9EC34B13418369665BCEDBFA3404AB6B
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A2F735F55F82C12225ED88B0883DF1F4
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CF5F9A96297FB79D45DB2146A18FD5F8
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 09C51219D7A35DEC0EB189902BEB972E
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 71F150DB408D94FEB893AFCA6531775E
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5BEFC7E5A313D7D3DCDCA5C9E7CE1AC2
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F4329EE85E2AD3B715C319781A885D76
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Дивитися культові Серіали та Мультсеріали українською мовою онлайн на сайті FRIENDS

Page URL History Show full URLs

  1. http://friends.in.ua/ HTTP 301
    https://friends.in.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

448
Requests

96 %
HTTPS

39 %
IPv6

44
Domains

67
Subdomains

58
IPs

9
Countries

6631 kB
Transfer

14630 kB
Size

47
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://friends.in.ua/ HTTP 301
    https://friends.in.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88
  • https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=53ffcc7e4bba25670a61925f212d9a9d&v=1670900663549 HTTP 302
  • https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=53ffcc7e4bba25670a61925f212d9a9d&v=1670900663549&pid=VIBOOM&js=1&show_js_referer=1&bounce=1
Request Chain 147
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9850.qXggePT6TwLnP06DmNlMakrpA2FG6CQQ-fupDVjuoQo7WEO4AI8S38qbLeb7rUn2.wsWfgACrgHfgjbhzNa4g8GzK_dg%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9850.Gp2DzH6myaY90aVyKKHMDSdUrkdo_eq8GK0-8jnFFzpiqpAmkKzv8GtAVI2aUh53HXopV_jMf63Z_b3Ygyk3OwDGeFZSBgaBaDloQ5lPiwY%2C.l0HFwvlD1UrIOXVkdr4BkAZTSwA%2C
Request Chain 205
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Request Chain 207
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Request Chain 210
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTkdNeE1HWTVPR010TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1MTk1MTY4MzM4MTAyNDM3NDEvNjYyMjM5Ni80NTYyMzEyLzEzL1lBQURRaEd3S196ZHJOY09TMm1mdlNCMFRTQnhYazJkTTU0aVE2U1F4cTAvMS8xMy8wLzAvOTU2ODAzLzEzODg4MDY3MDEvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzc1MTk1MTY4MzM4MTAyNDM3NDEvenJoLzAvMzgvMTYvOTk5LzMyMi84Mi4xOTkuMTMwLjAvMC4wMDAvMTY3MDkwMDY2NC8xNjcwOTEzMjY0LzEzLzEwMjY0Lw/S2df2tkLiMra4f7312jsmL_POSE&nodeid=3747&group=zrh&auctionid=7519516833810243741&pbs_auctionid=7519516833810243741&shardkey=7519516833810243741&sid=4562312&cid=6622396&bp=a_accjea&min_bid_win=${AUCTION_MIN_TO_WIN}&nfy_act=LD5wew&bfip=185.29.132.98&type=imp&client=c2s HTTP 302
  • https://tags.mathtag.com/ck-confirm?bid_id=7519516833810243741&node_id=3747&exch_id=13
Request Chain 217
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTkdNeE1HWTVPR010TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzNjY1OTUzMjkyMDMzOTY4MjUvNjYyMjM5Ni80NTYyMzEyLzEzL1lBQURRaEd3S196ZHJOY09TMm1mdmU4a1hEM2M5aDNmRnoyTlNINUY0X3MvMS8xMy8wLzAvOTU2ODAzLzEzODg4MDY3MDEvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzYzNjY1OTUzMjkyMDMzOTY4MjUvenJoLzAvMzgvMTYvOTk5LzMyMi84Mi4xOTkuMTMwLjAvMC4wMDAvMTY3MDkwMDY2NC8xNjcwOTEzMjY0LzEzLzEwMjY0Lw/OSD4kdC552c4VDuf5ees4u4VS7U&nodeid=3747&group=zrh&auctionid=6366595329203396825&pbs_auctionid=6366595329203396825&shardkey=6366595329203396825&sid=4562312&cid=6622396&bp=a_accjea&min_bid_win=${AUCTION_MIN_TO_WIN}&nfy_act=LD5wew&bfip=185.29.135.69&type=imp&client=c2s HTTP 302
  • https://tags.mathtag.com/ck-confirm?bid_id=6366595329203396825&node_id=3747&exch_id=13
Request Chain 222
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Request Chain 224
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Request Chain 226
  • https://mc.yandex.com/watch/36124145?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A776n41m7q3df66onruy8z%3Afp%3A1131%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A1024263789046%3Ahid%3A238911461%3Az%3A0%3Ai%3A20221213030424%3Aet%3A1670900664%3Ac%3A1%3Arn%3A896622137%3Arqn%3A1%3Au%3A1670900664880591006%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C117%2C566%2C56%2C148%2C0%2C%2C669%2C14%2C%2C%2C%2C1556%3Aco%3A0%3Acpf%3A1%3Ans%3A1670900661486%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1670900665%3At%3A%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/36124145/1?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A776n41m7q3df66onruy8z%3Afp%3A1131%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A1024263789046%3Ahid%3A238911461%3Az%3A0%3Ai%3A20221213030424%3Aet%3A1670900664%3Ac%3A1%3Arn%3A896622137%3Arqn%3A1%3Au%3A1670900664880591006%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C117%2C566%2C56%2C148%2C0%2C%2C669%2C14%2C%2C%2C%2C1556%3Aco%3A0%3Acpf%3A1%3Ans%3A1670900661486%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1670900665%3At%3A%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 228
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Request Chain 239
  • https://hal90006.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=78aec0932c&subid=&uid=ef3f315eae9a66bd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7519516833810243741%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dsutyqaxnfc%26e%3D1524064857105&ancestorOrigins=https%3A%2F%2Fsholke.com%2Chttps%3A%2F%2Ffriends.in.ua&random=5908056464903&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90006.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=78aec0932c&subid=&uid=ef3f315eae9a66bd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7519516833810243741%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dsutyqaxnfc%26e%3D1524064857105&ancestorOrigins=https%3A%2F%2Fsholke.com%2Chttps%3A%2F%2Ffriends.in.ua&random=5908056464903&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 246
  • https://hal90009.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=3f91bafc21&subid=&uid=5d765cb73672b556&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6366595329203396825%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dxixwrtz%26e%3D1524064857105&ancestorOrigins=https%3A%2F%2Fsholke.com%2Chttps%3A%2F%2Ffriends.in.ua&random=6099865048724&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90009.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=3f91bafc21&subid=&uid=5d765cb73672b556&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6366595329203396825%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dxixwrtz%26e%3D1524064857105&ancestorOrigins=https%3A%2F%2Fsholke.com%2Chttps%3A%2F%2Ffriends.in.ua&random=6099865048724&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 256
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9850.IBXKeyAqLaekDh6g_nRKptFIO9o4Mmep7wkG48F6FIbLr_wJRxxbJ5tK9S7BU8mU.2r4od9XfU9faYQ89UDuI3phRaq0%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9850.DnApnOwPwgoszESo4KyneY1zt2cGGKXDZNf2TnAJKvMqxotUnzqvzKY-7PwbKah547_IhNSs1GvA5eN6th9YaT5aTQfJeF6rR4UBgfBbVao%2C.Rzr_h2yRN4nZR2edJiJYMyCEJxs%2C
Request Chain 281
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=41535200007297500951433012172026&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=41535200007297500951433012172026&actionid=981741&produktid=&dt_url=
Request Chain 282
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=41535200007297500951433012172026&pv=1 HTTP 302
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
  • https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c49c6e-7a92-11ed-9804-00155def0803ID
Request Chain 285
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=41535200007297500951433012172026 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=41535200007297500951433012172026 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 288
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=29815100008565000951433012172006&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=29815100008565000951433012172006&actionid=981741&produktid=&dt_url=
Request Chain 289
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=29815100008565000951433012172006&pv=1 HTTP 302
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
  • https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e4d0-7a92-11ed-a9e4-00155def0803ID
Request Chain 292
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29815100008565000951433012172006 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29815100008565000951433012172006 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 296
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=62272200006256900951433012172009&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=62272200006256900951433012172009&actionid=981741&produktid=&dt_url=
Request Chain 297
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=62272200006256900951433012172009&pv=1 HTTP 302
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
  • https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e336-7a92-11ed-b554-00155def0803ID
Request Chain 300
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=62272200006256900951433012172009 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=62272200006256900951433012172009 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 379
  • https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
  • https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Request Chain 419
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=friends.in.ua&sn=ChromeSyncframe&so=0&topUrl=friends.in.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=pdcJjnxqZnpSNkl2bUZZQTBvNXlaN1ZMTzU5bFRIVzNMYTRDbUdGVkJNWmVhRmMvNDlCS0hRVE93aFFkYmRqR0IwN1JrZDllcTE1WWtIc3p3ZVcxcXVVOGxJcWhTVnpmZktYRmUzQ1lmUDR0Vlp3aSs1TUkyZUUzMlE4dFd4UEprb0dCTXBRdVZzNVh5Q2dHNGw4bVQ1amZsNUdwSnV5cnZpYm1CdTZ3RkdnS3NmU3Bkb3RpajgwYjFCWE9WdHdXRi9jZVJ6V2dLQmYwVjdvcjdleVNYR0R0UER6RjJVSnp3ekVWeWNQMnduZjdoc0RRWjVLVlN4aG5xTXFDcjlhTG9EeFZSNkMwaVZ3QnVRUWJqZjd0dkM5R21jdz09fA&cppv=2

448 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
friends.in.ua/
Redirect Chain
  • http://friends.in.ua/
  • https://friends.in.ua/
35 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 / PHP/5.6.40
Resource Hash
a5f1639083a2141204337b90f6465349a71631b133251c3eae888c9ca63da1b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 13 Dec 2022 03:04:22 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx/1.16.1
strict-transport-security
max-age=31536000;
x-powered-by
PHP/5.6.40

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Tue, 13 Dec 2022 03:04:21 GMT
Location
https://friends.in.ua:443/
Server
nginx/1.16.1
Transfer-Encoding
chunked
actualize.js
kodir2.github.io/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kodir2.github.io/actualize.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
0bb75f6e07ec4d6d4e3ae2039822690b7d71e52c0208b63e5f34529d975db744
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-fastly-request-id
7716106e14a58f959bc5f6364aaecce020f3a900
strict-transport-security
max-age=31556952
content-encoding
gzip
via
1.1 varnish
date
Tue, 13 Dec 2022 03:04:22 GMT
age
220
x-cache
HIT
x-cache-hits
3
x-proxy-cache
MISS
content-length
1531
x-served-by
cache-lcy-eglc8600024-LCY
last-modified
Thu, 13 Oct 2022 10:51:59 GMT
server
GitHub.com
x-github-request-id
7418:1625:9B773B:D91520:638819B7
x-timer
S1670900663.683842,VS0,VE2
etag
W/"6347edcf-c36"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Thu, 01 Dec 2022 03:14:23 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-60815340-5
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3049db46fa07d4ee444c862e4efad3775e181f8691ebca3a2942a9c6b4cc2606
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
43651
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 13 Dec 2022 03:04:22 GMT
index.php
friends.in.ua/engine/classes/min/ 		205 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/engine/classes/min/index.php?charset=utf-8&g=general&21
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 / PHP/5.6.40
Resource Hash
4f8c566f2cc5e60ddec29774fddf017646b0d814eb25c6132d89c5c7cebd4cc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
last-modified
Sun, 18 Jun 2017 13:31:36 GMT
server
nginx/1.16.1
x-powered-by
PHP/5.6.40
etag
"pub1497792696;gz"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=31536000
content-length
62137
expires
Wed, 13 Dec 2023 03:04:22 GMT
grid.css
friends.in.ua/templates/StopFilm/css/ 		17 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/css/grid.css
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
a472ce20c2c4ab1907fedde9d44b4f0d09e295d22603d26bc392233ba4a4448a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Mon, 11 Mar 2019 19:53:00 GMT
server
nginx/1.16.1
etag
"5c86bc9c-4559"
content-type
text/css
cache-control
max-age=864000
accept-ranges
bytes
content-length
17753
expires
Fri, 23 Dec 2022 03:04:22 GMT
style.css
friends.in.ua/templates/StopFilm/css/ 		11 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/css/style.css?v=1.1.3
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
19a504af35c5c86859ecc31d7c9851dfc96dfe7828484998fdfd544d45fe6add
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Mon, 08 Jul 2019 13:20:42 GMT
server
nginx/1.16.1
etag
"5d23432a-2a87"
content-type
text/css
cache-control
max-age=864000
accept-ranges
bytes
content-length
10887
expires
Fri, 23 Dec 2022 03:04:22 GMT
engine.css
friends.in.ua/templates/StopFilm/css/ 		59 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/css/engine.css
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
46967c5357950663d5b99cea4a1646982f8cc90467f8d2fcd5d7c5e38d0f96dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Sun, 18 Jun 2017 13:36:12 GMT
server
nginx/1.16.1
etag
"594681cc-eab1"
content-type
text/css
cache-control
max-age=864000
accept-ranges
bytes
content-length
60081
expires
Fri, 23 Dec 2022 03:04:22 GMT
style.css
friends.in.ua/templates/StopFilm/stylesheets/ 		31 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/stylesheets/style.css?v=1.0.5
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
02a58acbc441082afffc279ae739aa8359c1e3b39ec18621647611b1e93809a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Wed, 20 Nov 2019 22:48:43 GMT
server
nginx/1.16.1
etag
"5dd5c2cb-7af4"
content-type
text/css
cache-control
max-age=864000
accept-ranges
bytes
content-length
31476
expires
Fri, 23 Dec 2022 03:04:22 GMT
font-awesome.css
friends.in.ua/templates/StopFilm/css/ 		27 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/css/font-awesome.css
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
b27dac1362a907e10e84987c6e2ba5f5fbb716f095bd646f85de1d1927750b3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Sun, 02 Jun 2019 00:17:35 GMT
server
nginx/1.16.1
etag
"5cf3159f-6cff"
content-type
text/css
cache-control
max-age=864000
accept-ranges
bytes
content-length
27903
expires
Fri, 23 Dec 2022 03:04:22 GMT
responsive.css
friends.in.ua/templates/StopFilm/css/ 		7 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/css/responsive.css
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f0890052c64e6ebeb30ce1522f4b4255ec1e28acd020f57ed371134d4cf06801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Thu, 16 May 2019 20:34:47 GMT
server
nginx/1.16.1
etag
"5cddc967-1d2d"
content-type
text/css
cache-control
max-age=864000
accept-ranges
bytes
content-length
7469
expires
Fri, 23 Dec 2022 03:04:22 GMT
pushy.css
friends.in.ua/templates/StopFilm/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/css/pushy.css
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
ec7c7704dff96cefde09d463320858879f5d02567828c3e3c1480527cd23f012
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Sun, 18 Jun 2017 13:36:12 GMT
server
nginx/1.16.1
etag
"594681cc-f08"
content-type
text/css
cache-control
max-age=864000
accept-ranges
bytes
content-length
3848
expires
Fri, 23 Dec 2022 03:04:22 GMT
buttons.css
friends.in.ua/templates/StopFilm/css/ 		18 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/css/buttons.css?v=1.0.2
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
486cf8923081a57175e52763b3ecaf24fa6c3c2338770f3ae07064e5161865d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Sat, 21 Apr 2018 21:44:52 GMT
server
nginx/1.16.1
etag
"5adbb0d4-4994"
content-type
text/css
cache-control
max-age=864000
accept-ranges
bytes
content-length
18836
expires
Fri, 23 Dec 2022 03:04:22 GMT
slick.css
friends.in.ua/templates/StopFilm/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/css/slick.css
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Fri, 08 Mar 2019 22:46:03 GMT
server
nginx/1.16.1
etag
"5c82f0ab-6f0"
content-type
text/css
cache-control
max-age=864000
accept-ranges
bytes
content-length
1776
expires
Fri, 23 Dec 2022 03:04:22 GMT
slick-theme.css
friends.in.ua/templates/StopFilm/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/css/slick-theme.css?v=1.0.7
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
833bf0ec37d8a8c48ee876d0eb3d4c140fa7436d272d693097f005606f288e66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Fri, 08 Mar 2019 22:46:03 GMT
server
nginx/1.16.1
etag
"5c82f0ab-617"
content-type
text/css
cache-control
max-age=864000
accept-ranges
bytes
content-length
1559
expires
Fri, 23 Dec 2022 03:04:22 GMT
new_header.css
friends.in.ua/templates/StopFilm/css/ 		9 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/css/new_header.css?v=1.0.1
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
9a210f208afe7d94673898071f42e05c6040ae0d98aff80c0dd2770a18da62d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 03 Nov 2020 15:31:45 GMT
server
nginx/1.16.1
etag
"5fa177e1-23c1"
content-type
text/css
cache-control
max-age=864000
accept-ranges
bytes
content-length
9153
expires
Fri, 23 Dec 2022 03:04:22 GMT
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600|Oswald:700&subset=cyrillic
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a49365a0972e0978e6bb697a7f2f6916fcc47c6482b994b69e16122589964f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Dec 2022 03:04:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 03:04:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Dec 2022 03:04:22 GMT
scripts.js
friends.in.ua/templates/StopFilm/js/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/js/scripts.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
ca706f7070b55f04ad7e61bcd28ddf780ca341464cd42a329400101f0b01e423
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Sun, 18 Jun 2017 13:36:13 GMT
server
nginx/1.16.1
etag
"594681cd-8e69"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
36457
expires
Fri, 23 Dec 2022 03:04:22 GMT
modernizr.js
friends.in.ua/templates/StopFilm/js/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/js/modernizr.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
d83c8c684c71b22436e90b2de30f4346a6691d1a40e93a19285864ee5725108a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Sun, 18 Jun 2017 13:36:13 GMT
server
nginx/1.16.1
etag
"594681cd-2663"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
9827
expires
Fri, 23 Dec 2022 03:04:22 GMT
ads.js
friends.in.ua/templates/StopFilm/js/ 		17 B
235 B 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/js/ads.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
ab8b6924619317a40378b8e6300d982eed7212151048bc43bd2f3706ca428621
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 10 Apr 2018 22:38:13 GMT
server
nginx/1.16.1
etag
"5acd3cd5-11"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
17
expires
Fri, 23 Dec 2022 03:04:22 GMT
libs.js
friends.in.ua/templates/StopFilm/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/js/libs.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
371bd1007ecc50fdb3474537fd2a65516483e547bd0a552e0c51770c5c4e5952
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Thu, 16 May 2019 18:04:24 GMT
server
nginx/1.16.1
etag
"5cdda628-b99"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
2969
expires
Fri, 23 Dec 2022 03:04:22 GMT
share42.js
friends.in.ua/photos/share/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/photos/share/share42.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
e25b1807f6285a992305a2a993e7894c56c8864b20d7627f8956c454a8a84824
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Sat, 28 Jul 2018 11:46:07 GMT
server
nginx/1.16.1
etag
"5b5c577f-b4c"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
2892
expires
Fri, 23 Dec 2022 03:04:22 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 12:28:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33576
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 12:28:23 GMT
slick.min.js
friends.in.ua/templates/StopFilm/js/ 		42 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/js/slick.min.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Sat, 22 Dec 2018 17:00:11 GMT
server
nginx/1.16.1
etag
"5c1e6d9b-a76f"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
42863
expires
Fri, 23 Dec 2022 03:04:22 GMT
header.js
friends.in.ua/templates/StopFilm/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/js/header.js?v=1.0.2
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f800e06dd0a06d26695ce311bdd13904916ae3e280481842cb5ffec4ddccc9a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Fri, 09 Aug 2019 17:29:30 GMT
server
nginx/1.16.1
etag
"5d4dad7a-7f5"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
2037
expires
Fri, 23 Dec 2022 03:04:22 GMT
video_switches.js
friends.in.ua/templates/StopFilm/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/js/video_switches.js?v=1.0.6
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f4d6fa15792bf2316634e30547b58982f70779af811f4f4612d78d4af4525a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Thu, 18 Apr 2019 23:47:53 GMT
server
nginx/1.16.1
etag
"5cb90ca9-4b3"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
1203
expires
Fri, 23 Dec 2022 03:04:22 GMT
jquery.video.js
friends.in.ua/js/ 		925 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/js/jquery.video.js?v=2.0.7
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
39980b315eb62a1631c5f4016ab4b3e6cf632996def0434b91cec6077ec9bb64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 10 Apr 2018 22:42:44 GMT
server
nginx/1.16.1
etag
"5acd3de4-39d"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
925
expires
Fri, 23 Dec 2022 03:04:22 GMT
logo1.png
friends.in.ua/templates/StopFilm/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/templates/StopFilm/images/logo1.png
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
c24bbcb3112da75415103f764163f3d510440abe4f3916e601ae6c1fa894eb4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Sun, 07 Jul 2019 14:02:55 GMT
server
nginx/1.16.1
etag
"5d21fb8f-299c"
content-type
image/png
cache-control
max-age=864000
accept-ranges
bytes
content-length
10652
expires
Fri, 23 Dec 2022 03:04:22 GMT
serial-druzi.jpg
friends.in.ua/photos/films/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/photos/films/serial-druzi.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
1e7e6b59a5b05255178c9b9acfc303fe2c35a16534e61076c8bfe37a16ec8e51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Mon, 15 Apr 2019 22:33:58 GMT
server
nginx/1.16.1
etag
"5cb506d6-13533"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
79155
expires
Fri, 23 Dec 2022 03:04:22 GMT
charmed.jpg
friends.in.ua/posters/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/charmed.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
8fbef915c39b670da441a27a7ac28cfbd480a921ee6ec1ec0d325aec3d074914
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Sat, 18 May 2019 16:00:51 GMT
server
nginx/1.16.1
etag
"5ce02c33-69d1"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
27089
expires
Fri, 23 Dec 2022 03:04:22 GMT
domogospodarky.jpg
friends.in.ua/posters/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/domogospodarky.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
c2899b0932bdf27ca8d24ffefabe2892045f7dd8bcb3d45ba2c81f683578f308
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Thu, 16 May 2019 21:40:32 GMT
server
nginx/1.16.1
etag
"5cddd8d0-70da"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
28890
expires
Fri, 23 Dec 2022 03:04:22 GMT
pokoyivky.jpg
friends.in.ua/photos/pokoyivky/ 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/photos/pokoyivky/pokoyivky.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
b9132ab54c6e1bc9d6c1fd6b66b93c77894cda13b87cc8fdb3fabb1d4222ee0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Wed, 09 Feb 2022 09:50:32 GMT
server
nginx/1.16.1
etag
"62038e68-23273"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
143987
expires
Fri, 23 Dec 2022 03:04:22 GMT
seks-i-misto.jpg
friends.in.ua/posters/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/seks-i-misto.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
57747d0c58d8a960164c63f821b3132b813318f97d34fe74ed61ff679158ede4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Thu, 13 Jun 2019 20:59:48 GMT
server
nginx/1.16.1
etag
"5d02b944-c438"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
50232
expires
Fri, 23 Dec 2022 03:04:22 GMT
roksolana.jpg
friends.in.ua/posters/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/roksolana.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f83aba329a813f09369e5835393cf80f17235983b5933dcd51b8a8f3d95aac73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Wed, 07 Aug 2019 11:23:02 GMT
server
nginx/1.16.1
etag
"5d4ab496-1019b"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
65947
expires
Fri, 23 Dec 2022 03:04:22 GMT
ErkenciKus.jpg
friends.in.ua/photos/ErkenciKus/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/photos/ErkenciKus/ErkenciKus.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
8078f97416dbfbb2b24d6a2ae82d6130ace453db0199a80746dfac32ac1040b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Sat, 29 Jan 2022 20:59:25 GMT
server
nginx/1.16.1
etag
"61f5aaad-e276"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
57974
expires
Fri, 23 Dec 2022 03:04:22 GMT
IstanbulluGelin.jpg
friends.in.ua/photos/IstanbulluGelin/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/photos/IstanbulluGelin/IstanbulluGelin.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
825190bc39f5380a2a05980aa17f0503dceaa0704081a20b97f43afb180ca5ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Fri, 26 Nov 2021 09:34:08 GMT
server
nginx/1.16.1
etag
"61a0aa10-dd71"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
56689
expires
Fri, 23 Dec 2022 03:04:22 GMT
vandavizhen.jpg
friends.in.ua/posters/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/vandavizhen.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
ae667f9c3a748739ea15139d817849bca484b29d00bdbdb3c5c6c318a87951b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Sat, 27 Feb 2021 13:15:04 GMT
server
nginx/1.16.1
etag
"603a45d8-149c4"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
84420
expires
Fri, 23 Dec 2022 03:04:22 GMT
mandalorec.jpg
friends.in.ua/posters/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/mandalorec.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0c24d5868a3003ccf924ab3d528967219e03d6c93d46da648dc7e15b7d0b005d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Fri, 06 Nov 2020 19:17:18 GMT
server
nginx/1.16.1
etag
"5fa5a13e-11ca9"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
72873
expires
Fri, 23 Dec 2022 03:04:22 GMT
office.jpg
friends.in.ua/posters/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/office.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
01f460e02afed4fa122618a31212b246ecb7004961851dce17a42500dc4e0442
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Mon, 22 Jun 2020 13:53:11 GMT
server
nginx/1.16.1
etag
"5ef0b7c7-fe2a"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
65066
expires
Fri, 23 Dec 2022 03:04:22 GMT
la-casa-de-papel.jpg
friends.in.ua/posters/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/la-casa-de-papel.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
855cf138941573cf3dd1daf6ea12a15122e115c9145d809c8e3556f73668e254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Mon, 06 Sep 2021 19:29:55 GMT
server
nginx/1.16.1
etag
"61366c33-14e6a"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
85610
expires
Fri, 23 Dec 2022 03:04:22 GMT
vidmak.jpg
friends.in.ua/posters/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/vidmak.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
164331299d8714c825f8579119570c0281762fd67567e32cfa7e95cfa0516a22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Fri, 27 Dec 2019 02:18:08 GMT
server
nginx/1.16.1
etag
"5e0569e0-10e4a"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
69194
expires
Fri, 23 Dec 2022 03:04:22 GMT
baffi.jpg
friends.in.ua/posters/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/baffi.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
ba6ad3d5f2e4f812f189159634422ef4595e1efecc67ac79f5bd484fba3e3a46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Mon, 09 Mar 2020 14:44:01 GMT
server
nginx/1.16.1
etag
"5e665631-f28f"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
62095
expires
Fri, 23 Dec 2022 03:04:22 GMT
big-bang.jpg
friends.in.ua/posters/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/big-bang.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0462c90aa69c24ecb90cfb59024b71fb99c89c911432d5ad21c7cbf18ef7ea6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 23 Jul 2019 15:21:03 GMT
server
nginx/1.16.1
etag
"5d3725df-11543"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
70979
expires
Fri, 23 Dec 2022 03:04:22 GMT
sheldon.jpg
friends.in.ua/posters/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/sheldon.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0914444836fae2f430d7c42f27b07a536508197a35aa9e4c8294bc5f7978d08b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 06 Aug 2019 14:10:15 GMT
server
nginx/1.16.1
etag
"5d498a47-b347"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
45895
expires
Fri, 23 Dec 2022 03:04:22 GMT
novobranec.jpg
friends.in.ua/posters/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/novobranec.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0312e1f30bf4a79a90bead6d2cd681c2049e8a51d9e4a55249f21b2300da09c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Wed, 20 Nov 2019 20:16:55 GMT
server
nginx/1.16.1
etag
"5dd59f37-bc29"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
48169
expires
Fri, 23 Dec 2022 03:04:22 GMT
met-mother.jpg
friends.in.ua/posters/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/met-mother.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
94d7aa346974c2fb89458181777b05db520c81fefd53220dd124f064b08e6866
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 06 Aug 2019 19:03:02 GMT
server
nginx/1.16.1
etag
"5d49cee6-e08a"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
57482
expires
Fri, 23 Dec 2022 03:04:22 GMT
alf.jpg
friends.in.ua/posters/alf/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/alf/alf.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
19bcad5c32c05a87eeecac5ae6a3398dc2b3d2a0409a32f32c4824b4a0ca9459
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Mon, 16 Sep 2019 21:48:34 GMT
server
nginx/1.16.1
etag
"5d800332-e9cb"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
59851
expires
Fri, 23 Dec 2022 03:04:22 GMT
joey.jpg
friends.in.ua/posters/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/joey.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
d9f7eb7abd8c938bdd86975d382911f93580a1a4622b2b816fb920f93e9a66ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Sun, 11 Aug 2019 15:35:16 GMT
server
nginx/1.16.1
etag
"5d5035b4-bb7c"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
47996
expires
Fri, 23 Dec 2022 03:04:22 GMT
ncis.jpg
friends.in.ua/posters/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/ncis.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
00ac6ba4c7cd386ce2f692f45e7718b866bb00af4a14be2efab8e49a90b3df01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Wed, 14 Aug 2019 22:12:20 GMT
server
nginx/1.16.1
etag
"5d548744-10fae"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
69550
expires
Fri, 23 Dec 2022 03:04:22 GMT
dyvni-dyva.jpg
friends.in.ua/posters/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/dyvni-dyva.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
c6002842e5f7cd5d7898ccd55452049240e2014e283191fb63770bfe3ec49973
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Sat, 06 Jul 2019 22:49:34 GMT
server
nginx/1.16.1
etag
"5d21257e-d53b"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
54587
expires
Fri, 23 Dec 2022 03:04:22 GMT
doktor-haus.jpg
friends.in.ua/posters/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/doktor-haus.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f60dae7119e9a426e1d780c4975d6bcc5a86ee60638a8bd0588324ed29905438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Mon, 17 Jun 2019 15:06:56 GMT
server
nginx/1.16.1
etag
"5d07ac90-d009"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
53257
expires
Fri, 23 Dec 2022 03:04:22 GMT
rozcharuvannya.jpg
friends.in.ua/posters/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/rozcharuvannya.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
425d14466d34dbb0acaa9cac644d5508c96124e36c0f233b365dff87a6e37874
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Thu, 16 May 2019 21:43:08 GMT
server
nginx/1.16.1
etag
"5cddd96c-a50d"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
42253
expires
Fri, 23 Dec 2022 03:04:22 GMT
policiya-paradayz.jpg
friends.in.ua/posters/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/policiya-paradayz.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
5ce0bbe89a521f471b2e1dcac3dfde2fa5532200acc9d5d3c8a450f363a2c54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Sun, 19 May 2019 19:05:17 GMT
server
nginx/1.16.1
etag
"5ce1a8ed-8991"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
35217
expires
Fri, 23 Dec 2022 03:04:22 GMT
jquery.cookie.js
friends.in.ua/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/js/jquery.cookie.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Fri, 11 Aug 2017 11:22:09 GMT
server
nginx/1.16.1
etag
"598d9361-c31"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
3121
expires
Fri, 23 Dec 2022 03:04:22 GMT
share.js
friends.in.ua/templates/StopFilm/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/js/share.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
77b923d6fd76d50e9728f2786c10de9ab04d7853b863244de8f4f9ab612f8bd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Sun, 18 Jun 2017 13:36:13 GMT
server
nginx/1.16.1
etag
"594681cd-c98"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
3224
expires
Fri, 23 Dec 2022 03:04:22 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29e481af69eb714fb2745f0722c3d5ac2b27afd98eceef57fa58fa623f9700c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49394
x-xss-protection
0
server
cafe
etag
282091001129353408
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 03:04:22 GMT
pushy.min.js
friends.in.ua/templates/StopFilm/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/js/pushy.min.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
5f1a3a89f85d7d8fea248137111c5030e521d9efa3da80f95eaa2bf8ac3b6836
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Sun, 18 Jun 2017 13:36:13 GMT
server
nginx/1.16.1
etag
"594681cd-7d2"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
2002
expires
Fri, 23 Dec 2022 03:04:22 GMT
lib.js
franecki.net/js/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://franecki.net/js/lib.js?no_dmp=1
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
ed4a6bfc2ee3e531be78b7330cbdbf23b564fa5144975bca472d60c3b03212b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:22 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/javascript
Connection
close
Expires
0
lib.js
franecki.net/js/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://franecki.net/js/lib.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
5301276dbca72c00ff6748a3afa4878181bc89eb738ff88720663d53fc59fbf4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:22 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/javascript
Connection
close
Expires
0
thesimpsons.jpg
friends.in.ua/templates/StopFilm/images/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/templates/StopFilm/images/thesimpsons.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/templates/StopFilm/css/style.css?v=1.1.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
480e671f35917348ea232ffe01e2d759469f630f3b4045689e60d2edf69b63e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/templates/StopFilm/css/style.css?v=1.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:22 GMT
strict-transport-security
max-age=31536000;
last-modified
Wed, 21 Jun 2017 10:09:06 GMT
server
nginx/1.16.1
etag
"594a45c2-78aa"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
30890
expires
Fri, 23 Dec 2022 03:04:22 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Dec 2022 01:15:46 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6516
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 13 Dec 2022 03:15:46 GMT
sdk.js
connect.facebook.net/ru_RU/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c325dbae60172806a015082cd51d4b1479b2c735e39e8b480aeeda0a73725e57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Dec 2022 03:04:22 GMT
content-md5
oS5294YBMJrPB8PCclq2Sg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
RKswBuA9urDr7NgLc+B5cFeAUb0jGctCDgFVgUre7HlZ0NH9iYANyu/avYeWt4Bbtk4UXOTodji8d6l1LY/Gow==
x-fb-trip-id
917726464
x-fb-content-md5
5183909f3f103e5f5f7e373c5c1d8936
cross-origin-opener-policy
same-origin-allow-popups
etag
"c805606e0200411d5f120c876f476263"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Tue, 13 Dec 2022 03:21:05 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUJiZTaR.woff2
fonts.gstatic.com/s/oswald/v49/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUJiZTaR.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600|Oswald:700&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c298c7796b872b6caa387178a0089923ed809b663bc5584601ec7c2182eb2bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://friends.in.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 16:05:23 GMT
x-content-type-options
nosniff
age
212339
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5856
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:16:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 16:05:23 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600|Oswald:700&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://friends.in.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 21:17:51 GMT
x-content-type-options
nosniff
age
20791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10172
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:23:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 21:17:51 GMT
ping
test.takedwn.ws/ 		0
0
player
stats.myangular.life/ 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.myangular.life/player?hit=script&sub=actualize&host=friends.in.ua
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.109.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.109.76.144.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 13 Dec 2022 03:04:22 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/webp
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 0004 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
12490
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 23:36:13 GMT
etag
10353107486223812946
expires
Mon, 26 Dec 2022 23:36:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
0cebdb31bcc8cbf9d7da8a95e22b5982.js
franecki.net/assets/pack/ 		0
606 B 		Script
General
Check archive.org
Download Go to
Full URL
https://franecki.net/assets/pack/0cebdb31bcc8cbf9d7da8a95e22b5982.js?1&ct=na&webp=1&sw=1600&sh=1200&ww=1600&wh=1200&fp=42a0872bef3364e3484ecd91a6996b1e&libjs=1&dc_rid=
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js?no_dmp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:23 GMT
Strict-Transport-Security
max-age=86400; includeSubDomains; preload
Content-Encoding
gzip
x-render-time
3.78
Server
openresty
Transfer-Encoding
chunked
x-adwsegments
{"r:100842:iprange:1":1}
access-control-allow-credentials
true
Connection
close
Access-Control-Allow-Headers
*
b884872a195939d21d07f1384cc7928d.js
franecki.net/assets/pack/ 		0
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://franecki.net/assets/pack/b884872a195939d21d07f1384cc7928d.js?1&ct=na&webp=1&sw=1600&sh=1200&ww=1600&wh=1200&fp=42a0872bef3364e3484ecd91a6996b1e&libjs=1&dc_rid=
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js?no_dmp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:23 GMT
Strict-Transport-Security
max-age=86400; includeSubDomains; preload
Content-Encoding
gzip
x-render-time
5.8
Server
openresty
Transfer-Encoding
chunked
x-adwsegments
{"r:100842:iprange:1":1}
access-control-allow-credentials
true
Connection
close
Access-Control-Allow-Headers
*
67b798e50a15eca78568eeb621e83c3f.js
franecki.net/assets/pack/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://franecki.net/assets/pack/67b798e50a15eca78568eeb621e83c3f.js?1&ct=na&webp=1&sw=1600&sh=1200&ww=1600&wh=1200&fp=42a0872bef3364e3484ecd91a6996b1e&libjs=1&dc_rid=
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js?no_dmp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
a57acc7776143c4260462075f7ee06df650c3ea5969900f63f1246b0fb76cff4
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:23 GMT
Strict-Transport-Security
max-age=86400; includeSubDomains; preload
Content-Encoding
gzip
x-render-time
22.1
Transfer-Encoding
chunked
x-adwsegments
{"r:100842:iprange:1":1}
Connection
close
x-sspt
13
Pragma
no-cache
Server
openresty
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
Access-Control-Allow-Headers
*
x-cid
33246
Expires
Mon, 04 Dec 1999 21:29:02 GMT
sdk.js
connect.facebook.net/ru_RU/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js?hash=21d6070c59893bc956d5955e6086e531
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
196f6aaf899900b6f188851c715fe7c4973af8fde8da73b1aaaf2c223fd3b144
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://friends.in.ua/
Origin
https://friends.in.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Dec 2022 03:04:23 GMT
content-md5
7H1ovbUc3h19o7mlynIgHw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88683
x-fb-rlafr
0
x-fb-debug
TSZPw4yzUgX6srqIX1v217MTvV9CmsUKcdw1esG84TKx1VXcu8YsdIfpiSHOgUDA997m1/EqlGmibv5aO0TKOQ==
x-fb-content-md5
9b32de68bef8e9d58d1d8161df6c3715
cross-origin-opener-policy
same-origin-allow-popups
etag
"62735deedb6afe278bb62dc22b779489"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 13 Dec 2023 01:09:09 GMT
collect
www.google-analytics.com/j/ 		2 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=542884158&t=pageview&_s=1&dl=https%3A%2F%2Ffriends.in.ua%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=579072286&gjid=1873684442&cid=845992931.1670900663&tid=UA-60815340-5&_gid=224874732.1670900663&_r=1&_slc=1&z=305764429
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://friends.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://friends.in.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=542884158&t=pageview&_s=1&dl=https%3A%2F%2Ffriends.in.ua%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1453437258&gjid=792894930&cid=845992931.1670900663&tid=UA-60815340-5&_gid=224874732.1670900663&_r=1&gtm=2oubu0&z=1489116873
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://friends.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://friends.in.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/ 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1034840951493578&plah=friends.in.ua&bust=31071277
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c3ef0d487495cdc55f766d8fc6fa80411aca75d28b30c0b9884b139e698f604
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119732
x-xss-protection
0
server
cafe
etag
8457597516344954602
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 03:04:23 GMT
/
aurabom.ru/player/ 		126 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aurabom.ru/player/
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.155.126 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde377-1.fornex.org
Software
nginx /
Resource Hash
044d04a11d05e6208ce67b4e43880fa4e63dccf08256db539fd3f120cb711f1b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:23 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"1f73f-fwaicZvqE8WS+wzcyhH5iQ"
Vary
Accept-Encoding
Transfer-Encoding
chunked
X-Hostname
dsde382.rotator.viboom.com
Content-Type
text/javascript; charset=utf-8
Connection
keep-alive
humanitarian-five.js
franecki.net/js/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://franecki.net/js/humanitarian-five.js?no_dmp=1
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
6b5f93fcba0cae2cf7d63478302e219b922d252bca9925061e733d5494da52ac

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:23 GMT
Content-Encoding
gzip
Last-Modified
Sun, 02 Oct 2022 10:49:31 GMT
Server
openresty
ETag
W/"63396cbb-ad30"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Connection
close
test-ad.php
friends.in.ua/ 		4 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/test-ad.php?adsize=981&adnet=120x600&adspace=adslot
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 / PHP/5.6.40
Resource Hash
5db1fee4b5703808c48078a76768b155b421b210c0761cd6a5d223f4d99f1eaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept
*/*
Referer
https://friends.in.ua/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
strict-transport-security
max-age=31536000;
server
nginx/1.16.1
x-powered-by
PHP/5.6.40
content-type
text/html; charset=UTF-8
fontawesome-webfont.woff
friends.in.ua/templates/StopFilm/fonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/templates/StopFilm/css/font-awesome.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://friends.in.ua/templates/StopFilm/css/font-awesome.css
Origin
https://friends.in.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
strict-transport-security
max-age=31536000;
last-modified
Sun, 18 Jun 2017 13:36:13 GMT
server
nginx/1.16.1
etag
"ffac-5523c1a1a4d40"
content-type
application/font-woff
accept-ranges
bytes
content-length
65452
adv.png
friends.in.ua/ 		544 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/adv.png?adsize=981&adnet=120x600&adspace=adslot
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
e9d04b52142cb63af955d167a62bc412e280b01a17648994aa4b838e0c979c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 10 Apr 2018 22:08:58 GMT
server
nginx/1.16.1
etag
"5acd35fa-220"
content-type
image/png
cache-control
max-age=864000
accept-ranges
bytes
content-length
544
expires
Fri, 23 Dec 2022 03:04:23 GMT
azure_rus.gif
www.megastock.ru/doc/88x31_user/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.megastock.ru/doc/88x31_user/azure_rus.gif
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.227.52.186 , Russian Federation, ASN56806 (ASCOM4S, RU),
Reverse DNS
Software
openresty / ASP.NET
Resource Hash
1cdfec4471965cdc07a0a4fff3c5d65c624d201dd2d30772d1fa40adff2d9e4e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:23 GMT
Last-Modified
Thu, 07 Nov 2013 09:45:35 GMT
Server
openresty
ETag
"1d4ce71b9edbce1:0"
X-Powered-By
ASP.NET
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2183
t.js
sholke.com/ Frame 0540 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=6652701670900663197
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-82.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd0038772a98bda5ec58eba7ca6dc699314b866e14a3a5f45921847d033873f1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
_w3ae0RYCGBlDTPjQPIQB8LKoj64xOVc
content-encoding
br
via
1.1 362b298821815168614ba932732916ea.cloudfront.net (CloudFront)
date
Tue, 13 Dec 2022 01:01:10 GMT
last-modified
Fri, 11 Nov 2022 10:14:17 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
7399
etag
W/"57c945f3c1feba973398debac47b1341"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
XwlubQi0qSl-UUdQpR42KL3ulLZsUTab6_W26Bel3gpYG-zHrbUK1A==
cookie.js
partner.googleadservices.com/gampad/ 		393 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=friends.in.ua&callback=_gfp_s_&client=ca-pub-1034840951493578&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1034840951493578&plah=friends.in.ua&bust=31071277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7753bef19914cd36a470ceb59a967d99f19155b34505f8c50f0720d760dfdbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
252
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=friends.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1034840951493578&plah=friends.in.ua&bust=31071277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=friends.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1034840951493578&plah=friends.in.ua&bust=31071277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E37D 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1034840951493578&output=html&adk=1812271804&adf=3025194257&lmt=1670900663&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Ffriends.in.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670900663034&bpp=3&bdt=716&idt=189&shv=r20221207&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2670508497009&frm=20&pv=2&ga_vid=845992931.1670900663&ga_sid=1670900663&ga_hid=542884158&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071277%2C44780792&oid=2&pvsid=3278526591422257&tmod=725266722&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=225
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1034840951493578&plah=friends.in.ua&bust=31071277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 03:04:23 GMT
expires
Tue, 13 Dec 2022 03:04:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
t6vjtkugvap61lmhzkwwc.json
sholke.com/c/ Frame 0540 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sholke.com/c/t6vjtkugvap61lmhzkwwc.json
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=6652701670900663197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-82.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b297024f28bf7c02f796c5c55280dd53fd0047fa2e52c9d8c315c6128edb295

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 06:20:37 GMT
x-amz-version-id
pVkEGPVSKVwkyogRewqUk3pqmAvdsx25
via
1.1 05ec74146f636de45e985d09f62976dc.cloudfront.net (CloudFront)
last-modified
Thu, 10 Nov 2022 10:46:38 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
74626
etag
"9a54f2d2288abe8c26895e080138964a"
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
content-length
1358
x-amz-cf-id
YdXiTKjr2seM3x1lbiALaRrBOKVFS-aZeqEnwrB0gz6n6VCldS-taQ==
watch.js
mc.yandex.ru/metrika/ 		162 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: aurabom.ru
URL: https://aurabom.ru/player/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
f5cecd59e22ff2b722cedfe2f33d92d2504a97cdf33d4f24b8dbc735eb575558
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 09 Dec 2022 16:09:11 GMT
etag
"63933377-e2ff"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
58111
expires
Tue, 13 Dec 2022 04:04:23 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-57015589-1&l=viboomGa
Requested by
Host: aurabom.ru
URL: https://aurabom.ru/player/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3d2985e23dad970ecde6f0fd0990898d71bb366e57c8e00c7a61e786b8d1af98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
43670
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 13 Dec 2022 03:04:23 GMT
video.css
aurabom.ru/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aurabom.ru/video.css
Requested by
Host: aurabom.ru
URL: https://aurabom.ru/player/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.155.126 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde377-1.fornex.org
Software
nginx /
Resource Hash
892cb57a1eeb3e07a75462120d3b8429f2cf28d1f57aba1d7933395a9043bb7b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:23 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"688f-KJGOmg0i5xsU4jAsDLZ+fw"
Vary
Accept-Encoding
Transfer-Encoding
chunked
X-Hostname
dsde382.rotator.viboom.com
Content-Type
text/css; charset=utf-8
Connection
keep-alive
pixel.js
x01.aidata.io/
Redirect Chain
  • https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=53ffcc7e4bba25670a61925f212d9a9d&v=1670900663549
  • https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=53ffcc7e4bba25670a61925f212d9a9d&v=1670900663549&pid=VIBOOM&js=1&show_js_referer=1&bounce=1
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=53ffcc7e4bba25670a61925f212d9a9d&v=1670900663549&pid=VIBOOM&js=1&show_js_referer=1&bounce=1
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Server
89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51370.reg.regrucolo.ru
Software
nginx /
Resource Hash
752a46e373416e8e116514a5f6f2ddda6a20281376e27352095f6bb4137109bf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:23 GMT
content-encoding
gzip
last-modified
Tue, 13 Dec 2022 03:04:22 GMT
server
nginx
access-control-allow-methods
GET, POST
content-type
application/javascript
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Tue, 13 Dec 2022 03:04:22 GMT

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:23 GMT
last-modified
Tue, 13 Dec 2022 03:04:22 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=53ffcc7e4bba25670a61925f212d9a9d&v=1670900663549&pid=VIBOOM&js=1&show_js_referer=1&bounce=1
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Tue, 13 Dec 2022 03:04:22 GMT
/
aurabom.ru/video/get/ 		202 B
715 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aurabom.ru/video/get/?platformId=101909&format=3&overrollType=embeded&sig=31aeb6078a58f6d2&data=%7B%22shown%22%3A%5B%5D%2C%22errors%22%3A%5B%5D%2C%22dimentions%22%3A%7B%7D%2C%22referer%22%3A%22https%3A%2F%2Ffriends.in.ua%2F%22%2C%22origReferer%22%3A%22https%3A%2F%2Ffriends.in.ua%2F%22%2C%22location%22%3A%22https%3A%2F%2Ffriends.in.ua%2F%22%2C%22n%22%3A0%2C%22lang%22%3A%22en-US%22%2C%22title%22%3A%22%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS%22%7D&vbmuid=53ffcc7e4bba25670a61925f212d9a9d
Requested by
Host: aurabom.ru
URL: https://aurabom.ru/player/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.155.126 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde377-1.fornex.org
Software
nginx /
Resource Hash
8d4b9d561703235b44c824408370d4405e2c2c7ba7da310af7f40fc094da283e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:23 GMT
Server
nginx
ETag
W/"ca-2ZN5lu9UKj1bfipcdO3KEw"
Rotator-message
video: no campaignAccess, code: -11, msg: undefined, format: 3, platformId: 101909, rtrCampaignId: false
X-Hostname
dsde382.rotator.viboom.com
Content-Type
text/javascript; charset=utf-8
Vary
Accept-Encoding
Connection
keep-alive
Content-Length
202
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5BA3 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=6652701670900663197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1420 / 863 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 13 Dec 2022 03:04:23 GMT
prebid7.19.0.js
hb.adpone.com/ Frame 5BA3 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=6652701670900663197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
50AKJCXZM2F502Y7
age
7000
x-amz-id-2
euwdJa3DlY8eRX9Q6EF+KI+xyX5blVJtrYbsz2Uz7/W+O0ZV7kuQuvgS0aTPY5Ra8xs1/4D25gM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pztjMkrKzhnfUiN1FE%2BwJHU6cHn1CVAOQ3y72Ee8J0aBmgs216LPmXnL2saF%2BRnjoas%2FEABpjSmQzScOc7VDC6W5aSANLMO8QMdWDRqQubB%2FWQI82z2Telf8i2x27%2FwM1EypTnxTYBtHJ%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778b78dc9980888f-LHR
p.html
sholke.com/r/ Frame E345 		10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=knmkvkwmj&e=1524064857105
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=6652701670900663197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-82.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
7
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 03:04:23 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 362b298821815168614ba932732916ea.cloudfront.net (CloudFront)
x-amz-cf-id
XOijgz6cdTvPTgkUabApHFnCCpMOFrUKfF5XLo67SZMgm-M4ATaDLg==
x-amz-cf-pop
AMS1-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame 12B0 		10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=itnvaapo&e=1524064857105
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=6652701670900663197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-82.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
7
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 03:04:23 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 362b298821815168614ba932732916ea.cloudfront.net (CloudFront)
x-amz-cf-id
qXUTtG6iyw0paICLXGfkK16L9ArTSIFNXTrS6pU62LgVwReEZJCgLQ==
x-amz-cf-pop
AMS1-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame 0AB3 		10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=hfrveoza&e=1524064857105
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=6652701670900663197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-82.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
7
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 03:04:23 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 362b298821815168614ba932732916ea.cloudfront.net (CloudFront)
x-amz-cf-id
BXTtTIavki0UnYhNYhFbWbFLidj2e7rR1cOl7-QK9YRqHFzaOXG-EQ==
x-amz-cf-pop
AMS1-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame 4927 		10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=sutyqaxnfc&e=1524064857105
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=6652701670900663197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-82.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
7
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 03:04:23 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 362b298821815168614ba932732916ea.cloudfront.net (CloudFront)
x-amz-cf-id
WRmZVR-WOdMYmAjhIhkJjQqyehzJd55c4OV593kIDaVc1dor0ebNcg==
x-amz-cf-pop
AMS1-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame 9527 		10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=xixwrtz&e=1524064857105
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=6652701670900663197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-82.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
7
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 03:04:23 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 362b298821815168614ba932732916ea.cloudfront.net (CloudFront)
x-amz-cf-id
XrZFWE05rzdVFaRmp3YUojW-MoU3Ab3_FlgpXNciS4PRWnh4uXXIKQ==
x-amz-cf-pop
AMS1-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame 55AF 		10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=kmjolxcm&e=1524064857105
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=6652701670900663197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-82.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
7
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 03:04:23 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 362b298821815168614ba932732916ea.cloudfront.net (CloudFront)
x-amz-cf-id
l1rQdJjGCD1qxONqK6OPVs0bP_lGTscehVziwzfY12E5jniR7inpNw==
x-amz-cf-pop
AMS1-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame D59B 		10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=ocmjq&e=1524064857105
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=6652701670900663197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-82.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
7
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 03:04:23 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 362b298821815168614ba932732916ea.cloudfront.net (CloudFront)
x-amz-cf-id
GLYsboqeLFSsTdISIGxLheno5ahxNL072L1yJEyWdztZaYpkc9olJA==
x-amz-cf-pop
AMS1-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame 6130 		10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=cddnzhbvb&e=1524064857105
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=6652701670900663197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-82.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
7
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 03:04:23 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 362b298821815168614ba932732916ea.cloudfront.net (CloudFront)
x-amz-cf-id
snKocF6KAuqOR_BK1RlzQFgMADGze8f55w0ZT_vOpPZQxzRw1_lGeQ==
x-amz-cf-pop
AMS1-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame D8F5 		10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=skiweek&e=1524064857105
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=6652701670900663197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-82.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
7
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 03:04:23 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 362b298821815168614ba932732916ea.cloudfront.net (CloudFront)
x-amz-cf-id
XUMtoDjdg1BUA_B8avkSyHa_ESkXNXLEvHP7SvZ_SSasffZTO0DP5A==
x-amz-cf-pop
AMS1-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame 483C 		10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=dgrhxzjqm&e=1524064857105
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=6652701670900663197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-82.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
7
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 03:04:23 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 362b298821815168614ba932732916ea.cloudfront.net (CloudFront)
x-amz-cf-id
fudeHUxvviyEQS4jxjWtQXBfa6wtMwsmLXtedOt8ZD8DQ-H1DVnvcA==
x-amz-cf-pop
AMS1-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame B38B 		10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=ikbysaw&e=1524064857105
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=6652701670900663197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-82.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
7
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 03:04:23 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 362b298821815168614ba932732916ea.cloudfront.net (CloudFront)
x-amz-cf-id
38brI01f565WmFUdHo67_VNcAMiypv1xmiEN8_OMUv_ynxbVYFxP0w==
x-amz-cf-pop
AMS1-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame A8F9 		10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=yqohrxgm&e=1524064857105
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=6652701670900663197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-82.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
7
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 03:04:23 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 362b298821815168614ba932732916ea.cloudfront.net (CloudFront)
x-amz-cf-id
jgGjMfNf1JLvRMAWJBZdMmIzhGvchiJFplHGkcABxwfLNr9RBBiCEg==
x-amz-cf-pop
AMS1-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame D4F3 		10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=plxhds&e=1524064857105
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=6652701670900663197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-82.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
7
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 03:04:23 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 362b298821815168614ba932732916ea.cloudfront.net (CloudFront)
x-amz-cf-id
MnYRzXxHMHIMqie71HLkrSMus2bVVNWXrpbCM1y5WqTV2AyL0vh_bQ==
x-amz-cf-pop
AMS1-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame 360C 		10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=ammlwb&e=1524064857105
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=6652701670900663197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-82.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
7
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 03:04:23 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 362b298821815168614ba932732916ea.cloudfront.net (CloudFront)
x-amz-cf-id
g-H08RA1yERnYHtxbcDs1a0-9KxSRE8E0BaLscdZMSnHVSwVomZ9oA==
x-amz-cf-pop
AMS1-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
b
mxtads.com/6238012052/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mxtads.com/6238012052/b
Requested by
Host: aurabom.ru
URL: https://aurabom.ru/player/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.196.39.165 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
9f98178c172ee2c1b0a3f4c38d2b1e2bd51ea772fcdaf16c23bf5556183fd030

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
private
Date
Tue, 13 Dec 2022 03:04:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Dec 2022 03:04:24 GMT
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=0
Connection
close
Expires
Tue, 13 Dec 2022 03:04:24 GMT
prebid7.19.0.js
hb.adpone.com/ Frame E345 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=knmkvkwmj&e=1524064857105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
50AKJCXZM2F502Y7
age
7000
x-amz-id-2
euwdJa3DlY8eRX9Q6EF+KI+xyX5blVJtrYbsz2Uz7/W+O0ZV7kuQuvgS0aTPY5Ra8xs1/4D25gM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OruY8ocQbMczuvwHNcWmeR70opYcoU0hqvoqBII3VhmpEDZRFyf4VDyV3%2B5hitkDd30T2POG1qrCaK12KeqJv5nfK2Gx1%2FeFLC%2B%2Beq4jc21UQc2xomVfQq6DrJjrhdu%2Fah6MeEHgZN5hAuI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778b78dd5a50888f-LHR
prebid7.19.0.js
hb.adpone.com/ Frame 12B0 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=itnvaapo&e=1524064857105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
50AKJCXZM2F502Y7
age
7000
x-amz-id-2
euwdJa3DlY8eRX9Q6EF+KI+xyX5blVJtrYbsz2Uz7/W+O0ZV7kuQuvgS0aTPY5Ra8xs1/4D25gM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JmQrbSWm19gwICkucYWTHpAsgEFMz2hgAeIHrLvVn1DrNaulqUpz2ryfCD0CO3N7v8f0yt7XNz6NyiBJaRbNbCJ43uR1%2F%2BRiiKZ5Sl7cmlmqxPH7dS5CVMHFBd7LtVfmi5%2FvYVIkunOjDE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778b78dd6a60888f-LHR
prebid7.19.0.js
hb.adpone.com/ Frame 0AB3 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=hfrveoza&e=1524064857105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
50AKJCXZM2F502Y7
age
7000
x-amz-id-2
euwdJa3DlY8eRX9Q6EF+KI+xyX5blVJtrYbsz2Uz7/W+O0ZV7kuQuvgS0aTPY5Ra8xs1/4D25gM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EANAvx0UAwt%2FKBf85bzry8RESDb8Zt9xNAYFXHm7p8TKAybFb3ftlTDtPJKrWHXktrMOkhDmC6R5Fk8Z5bBuqfDWoJcFexVtDCHEh7MHJ15VYJ7cLRp1DYbR3G0ihnSRGDXtf79QA8YMtJI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778b78dd7a6a888f-LHR
prebid7.19.0.js
hb.adpone.com/ Frame 4927 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=sutyqaxnfc&e=1524064857105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
50AKJCXZM2F502Y7
age
7000
x-amz-id-2
euwdJa3DlY8eRX9Q6EF+KI+xyX5blVJtrYbsz2Uz7/W+O0ZV7kuQuvgS0aTPY5Ra8xs1/4D25gM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvFNDQS%2FRPpUyLFLQPg3xNLNrs2gAVcVVF26T50GXZ0bph%2BnreMDFRycuXGE458zjYhRyLV2RzSgRJKYq040PObv%2BRZB1j%2FQSW7vRwP8iQrOEnFCCOq1dtH4RKuOZ4gd11kUTHHGhyX90UA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778b78dd8a72888f-LHR
prebid7.19.0.js
hb.adpone.com/ Frame 9527 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=xixwrtz&e=1524064857105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
50AKJCXZM2F502Y7
age
7000
x-amz-id-2
euwdJa3DlY8eRX9Q6EF+KI+xyX5blVJtrYbsz2Uz7/W+O0ZV7kuQuvgS0aTPY5Ra8xs1/4D25gM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkmOM986u3dx3czmM8CRV1N7aKP%2FWLr4%2BI3KLMnNZiYp%2BYsCwh%2FF8H%2B1X0Dm1MTV6nq5WDCt3mZEkz6iK3eDnozeYxaNyDdtOF%2B2r5dejDQZcv66l174wjZppPf%2BRw28er0cC3lCDNhANxI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778b78dd9a7c888f-LHR
prebid7.19.0.js
hb.adpone.com/ Frame 55AF 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=kmjolxcm&e=1524064857105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
50AKJCXZM2F502Y7
age
7000
x-amz-id-2
euwdJa3DlY8eRX9Q6EF+KI+xyX5blVJtrYbsz2Uz7/W+O0ZV7kuQuvgS0aTPY5Ra8xs1/4D25gM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0unOaUjNB6EWYqzaI0yAu966Qn6Lrk4OXxVU8aQksq%2B9009QlRni67uRVLv1ZKsuBx%2BRDwETIv5JQs9diDXWutTSbrnQOOuPHalnzheTo4rLzZjURRsjTEpIa%2FzFPmA9txkPtlKYo30ByU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778b78ddaa86888f-LHR
prebid7.19.0.js
hb.adpone.com/ Frame D59B 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=ocmjq&e=1524064857105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
50AKJCXZM2F502Y7
age
7000
x-amz-id-2
euwdJa3DlY8eRX9Q6EF+KI+xyX5blVJtrYbsz2Uz7/W+O0ZV7kuQuvgS0aTPY5Ra8xs1/4D25gM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5WG6IO8OVGZklGxb4md535NIfhClvLVAzB9sRNtSZ%2Fxp5cCPuNdMFIRlzxvj2MjNNpwW11vqNfMjrA%2BXLZKWxX%2BMeN2fOSN4Z5b0r9usR4TobuVH7V2vJFtX2RhEC4HCsK6ZDlswKbPX9E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778b78ddba95888f-LHR
prebid7.19.0.js
hb.adpone.com/ Frame 6130 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=cddnzhbvb&e=1524064857105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
50AKJCXZM2F502Y7
age
7000
x-amz-id-2
euwdJa3DlY8eRX9Q6EF+KI+xyX5blVJtrYbsz2Uz7/W+O0ZV7kuQuvgS0aTPY5Ra8xs1/4D25gM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBL7FwFWwhAqdO7%2F2Mg4PtL8NpF6saQvitiqwVMiNKElFWRg9moEA3ZauY%2BLYi6FLEciQOXHYEU%2B2RefBay4grRkfmjP6SjADtBU2%2B2BnyhUpLN3CsaMqudZylko0oZnEjREMriinla8xyw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778b78ddca9d888f-LHR
prebid7.19.0.js
hb.adpone.com/ Frame D8F5 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=skiweek&e=1524064857105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
50AKJCXZM2F502Y7
age
7000
x-amz-id-2
euwdJa3DlY8eRX9Q6EF+KI+xyX5blVJtrYbsz2Uz7/W+O0ZV7kuQuvgS0aTPY5Ra8xs1/4D25gM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWECAXSuxZPej4tLMrKo2QMYtZOEb0N38%2FVY7QfMDH0fxCblhp%2BMFbHuyakS8QenxKoSu%2BSh8anWfg5as1D%2BCMg6mHlfWFR54gg00kXL2OzeNECOqfZVO21hc1gwt2Xy1nzijd6elyFAkIo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778b78dddaa2888f-LHR
prebid7.19.0.js
hb.adpone.com/ Frame 483C 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=dgrhxzjqm&e=1524064857105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
50AKJCXZM2F502Y7
age
7000
x-amz-id-2
euwdJa3DlY8eRX9Q6EF+KI+xyX5blVJtrYbsz2Uz7/W+O0ZV7kuQuvgS0aTPY5Ra8xs1/4D25gM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCcoKQeKrpYdU0Zz%2Fn7M3wfZeoeYmr2k5C3I%2FQLTGC9Kf0cU7jOBwgORx3Sd4i6lXcSHc%2FPuV0%2BtvdWLk8GeMvcuAQadUcHg7Fs3lqUAMZjUGZeWD0V3kB3cJcfQhZq4Ms0QscKGLHH%2FY3E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778b78dddaa7888f-LHR
prebid7.19.0.js
hb.adpone.com/ Frame B38B 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=ikbysaw&e=1524064857105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:24 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
50AKJCXZM2F502Y7
age
7000
x-amz-id-2
euwdJa3DlY8eRX9Q6EF+KI+xyX5blVJtrYbsz2Uz7/W+O0ZV7kuQuvgS0aTPY5Ra8xs1/4D25gM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKRie6ViFc12PoMdRbByCBEMgSK3FCQ9ZEyMdr8wx4VPYutcSc5Fm1PbyO%2FpaA6L6yiwG%2F7DkTiJ3Hcy%2BKlWFNLWezOI8cQb%2B85DAE9JTA6K4X8Sz5wd3OrQ4qTXMDo3QpBoJmXFArtyGuk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778b78ddeaaf888f-LHR
prebid7.19.0.js
hb.adpone.com/ Frame A8F9 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=yqohrxgm&e=1524064857105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:24 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
50AKJCXZM2F502Y7
age
7000
x-amz-id-2
euwdJa3DlY8eRX9Q6EF+KI+xyX5blVJtrYbsz2Uz7/W+O0ZV7kuQuvgS0aTPY5Ra8xs1/4D25gM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82A9U7YsZPvmpTytTfMFcUIxkySxOscx4Bev3JcVKGTmXG8xrqac1qgTKdliQwhWWokdO%2FnxmB4w9VywOwWk6476Ttr8%2B74ehdoQbHsnpRQyPJn1wpf9HiG8VconbFquDSIZ%2F7dhIhNRrx8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778b78ddfab0888f-LHR
prebid7.19.0.js
hb.adpone.com/ Frame D4F3 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=plxhds&e=1524064857105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:24 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
50AKJCXZM2F502Y7
age
7001
x-amz-id-2
euwdJa3DlY8eRX9Q6EF+KI+xyX5blVJtrYbsz2Uz7/W+O0ZV7kuQuvgS0aTPY5Ra8xs1/4D25gM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6MRGTHwnj%2BVhMcKbB32nD7q72XeGJi66l4SKKAWyltVAeZgxWgMYYHBuynmb%2BVTkROq0AVQEeLy8cRvA%2BOKvedQLrqCEKxHllwmW%2BLsO9MIlfA%2BXBFMQrbwyiE7LK3pLP21f7QuD8Y%2B5%2Fj8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778b78ddfaba888f-LHR
prebid7.19.0.js
hb.adpone.com/ Frame 360C 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=ammlwb&e=1524064857105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:24 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
50AKJCXZM2F502Y7
age
7001
x-amz-id-2
euwdJa3DlY8eRX9Q6EF+KI+xyX5blVJtrYbsz2Uz7/W+O0ZV7kuQuvgS0aTPY5Ra8xs1/4D25gM=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbcyylB8jNhQCubpNoVLCuHGEySeDnh%2F47hfGQY68qoJUVbUP%2F1kvv9NBGL3YomCq0X3ZSxRgLfXr9CFY%2B7o9JMCwLUNOBcb6EzozEDydMGn17SG1i51uLR%2Fza5fZr5FlKNJ30%2B2gZu%2BQAw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778b78de0ac0888f-LHR
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ Frame 5BA3 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 13:29:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48870
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 12 Dec 2023 13:29:54 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 5BA3 		73 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=friends.in.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cee490fdb12f5a7b47e3c3cb6c07082dbb80d36bac565762799456fde264424d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59
x-xss-protection
0
expires
Tue, 13 Dec 2022 03:04:24 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=542884158&t=pageview&_s=1&dl=https%3A%2F%2Ffriends.in.ua%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=55663888&gjid=145538882&cid=845992931.1670900663&tid=UA-57015589-1&_gid=224874732.1670900663&_r=1&gtm=2oubu0&z=1097520939
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://friends.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://friends.in.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-57015589-1&l=viboomGa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Dec 2022 01:15:46 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6518
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 13 Dec 2022 03:15:46 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 5BA3 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://friends.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://friends.in.ua
date
Tue, 13 Dec 2022 03:04:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame 5BA3 		23 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
fd4bef1d430ec2e04e05f70e38251bfa98c5463186ca26d38ad960821e4a6291

Request headers

Referer
https://friends.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://friends.in.ua
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 5BA3 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7a4bf613acd76295b7bab6c3e7509c6ab855b23c1b9ab1d4702be8a3414279f2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://friends.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:24 GMT
AN-X-Request-Uuid
0bcaf843-4fd6-4e08-8c8f-6a6100ac1dc3
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://friends.in.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
shb.richaudience.com/hb/ Frame 5BA3 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://friends.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://friends.in.ua
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 5BA3 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=77471453121&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://friends.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://friends.in.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 5BA3 		171 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://friends.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://friends.in.ua
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pixel.js
x01.aidata.io/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=53ffcc7e4bba25670a61925f212d9a9d&v=1670900664091&url=https%3A%2F%2Ffriends.in.ua%2F&is_js_referrer=1&origin_referrer=
Requested by
Host: x01.aidata.io
URL: https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=53ffcc7e4bba25670a61925f212d9a9d&v=1670900663549
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51370.reg.regrucolo.ru
Software
nginx /
Resource Hash
9c307d5531d3e8bbcab4de8a7b943fb9ca9c5e173fde4556428af7ac85919a37

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
gzip
last-modified
Tue, 13 Dec 2022 03:04:23 GMT
server
nginx
access-control-allow-methods
GET, POST
content-type
application/javascript
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Tue, 13 Dec 2022 03:04:23 GMT
v1
prg.smartadserver.com/prebid/ Frame E345 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:23 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame E345 		21 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
0059262ac920a0176174d3aebbe7e62a9d309dd5d2812541f29c9636ce17eef7

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:23 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame E345 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6323ce3a3abae9510023e49dfb4da1ee396013f50579b80a57a14503c0605410
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:24 GMT
AN-X-Request-Uuid
6498b847-561f-4cb4-b4fa-b00a2d09f33b
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame E345 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=1380460567&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame E345 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sholke.com
date
Tue, 13 Dec 2022 03:04:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 12B0 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sholke.com
date
Tue, 13 Dec 2022 03:04:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame 12B0 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:23 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 12B0 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8bde2d6aaec90facc549711226805692394d1f414de6fba2807eb9ccc2a6727b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:24 GMT
AN-X-Request-Uuid
7667469c-8268-45c8-9227-d68f948597f1
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 12B0 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=26288231747&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 12B0 		22 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e93868d34d0a8d95f35f65b43b11ec1886536a0372c737d2232c94c90c9d934d

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:23 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 0AB3 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=13989560807&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 0AB3 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sholke.com
date
Tue, 13 Dec 2022 03:04:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame 0AB3 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2f896ed6900e7c4629741e3bde02b3b4845133ad762daa00e9b9ca5886d3d991
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:24 GMT
AN-X-Request-Uuid
c6206779-8efe-47f2-b4a2-e92a9e8cac27
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 0AB3 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 0AB3 		22 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
ce6f1e3f93949f85786777cc53e2a369dec66c29bd9dbb932422b6dbb28d983a

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:23 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9850.qXggePT6TwLnP06DmNlMakrpA2FG6CQQ-fupDVjuoQo7WEO4AI8S38qbLeb7rUn2.wsWfgACrgHfgjbhzNa4g8GzK_dg%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9850.Gp2DzH6myaY90aVyKKHMDSdUrkdo_eq8GK0-8jnFFzpiqpAmkKzv8GtAVI2aUh53HXopV_jMf63Z_b3Ygyk3OwDGeFZSBgaBaDloQ5lPiwY%2C.l0HFwvlD1UrIOXVkdr4BkAZTSwA%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9850.Gp2DzH6myaY90aVyKKHMDSdUrkdo_eq8GK0-8jnFFzpiqpAmkKzv8GtAVI2aUh53HXopV_jMf63Z_b3Ygyk3OwDGeFZSBgaBaDloQ5lPiwY%2C.l0HFwvlD1UrIOXVkdr4BkAZTSwA%2C
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:24 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9850.Gp2DzH6myaY90aVyKKHMDSdUrkdo_eq8GK0-8jnFFzpiqpAmkKzv8GtAVI2aUh53HXopV_jMf63Z_b3Ygyk3OwDGeFZSBgaBaDloQ5lPiwY%2C.l0HFwvlD1UrIOXVkdr4BkAZTSwA%2C
date
Tue, 13 Dec 2022 03:04:24 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
sync_cookie_image_check
mc.yandex.ua/ 		0
0
v1
prg.smartadserver.com/prebid/ Frame 4927 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 4927 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
48cf70c51fb57810672f04d514ec363a69f0993b6dfd933ff7f2e9904dc17652
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
decda911-98f9-4ede-a9d8-c74ce598681c
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 4927 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:23 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 4927 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=42569068029&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 4927 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sholke.com
date
Tue, 13 Dec 2022 03:04:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame 9527 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 9527 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=17668850403&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 9527 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:23 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 9527 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sholke.com
date
Tue, 13 Dec 2022 03:04:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame 9527 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d8ff91b81a252d2a146615b8ba9416ea060484d00ea0df0951a939fb5d75148e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7af85ade-1ab5-4f81-8a54-905caf127e58
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 55AF 		22 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
03344258fc32b471b8abb0400e3ba074e2b9a374f3ca98c5b9d48d9f1b2a37e5

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 55AF 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sholke.com
date
Tue, 13 Dec 2022 03:04:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 55AF 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=97774083274&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 55AF 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:23 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 55AF 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
041765d8e3609a52c0e201db0f61d4b94ce47fa715cf1cb9cbedf4e4d87eac87
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:24 GMT
AN-X-Request-Uuid
8ba38132-7131-468a-8132-2cd3b378fab3
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:24 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 09 Dec 2022 16:09:11 GMT
etag
"63933377-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 13 Dec 2022 04:04:24 GMT
v1
prg.smartadserver.com/prebid/ Frame D59B 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:23 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame D59B 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=25060666378&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 03:04:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame D59B 		22 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
8d7dcb7a9fcb5dea21038e276eb51a0f16ecd007a197d37f77a0a07279c1e7db

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame D59B 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c1e8e95c687117f453eb214b1e072e0d5e8d78aa6489c7ace60617a603da4597
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:24 GMT
AN-X-Request-Uuid
c93088c5-6e96-4c8c-96c7-8ec692977718
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame D59B 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sholke.com
date
Tue, 13 Dec 2022 03:04:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame 6130 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 6130 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
604ea1abc70968e6cc3ab0027cca1c5417c408b8f75451a28a6789a7b937e38c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:24 GMT
AN-X-Request-Uuid
fdf97609-b7df-4f54-974b-e5f986ba9e8c
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 6130 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sholke.com
date
Tue, 13 Dec 2022 03:04:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame 6130 		22 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
dea63e3333bf44542079e3bdc3662f9c960962bd6fc4baa422eb909e06b5c83c

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 6130 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=49643074916&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 03:04:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame D8F5 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sholke.com
date
Tue, 13 Dec 2022 03:04:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame D8F5 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=67847654838&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame D8F5 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame D8F5 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
005bf1b8ccbd08270fe0793012dc84464a26fd5122400c790ba72e35a0573c42
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:24 GMT
AN-X-Request-Uuid
b486bb59-c3f7-4461-a077-379ced84f551
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 483C 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3b89cc600f445b2c0d5c4b6f0704b28258f82c2d7927eaff9420459a18201c15
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:24 GMT
AN-X-Request-Uuid
b39dad46-2650-408c-ae9a-7678f1767648
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 483C 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 483C 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=53516935034&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 483C 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sholke.com
date
Tue, 13 Dec 2022 03:04:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame B38B 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sholke.com
date
Tue, 13 Dec 2022 03:04:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame B38B 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame B38B 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9d1d450caa10e5ed0a8cd9f44747e04fb4ad699da68f39abc15ba57ec2d8aeba
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:24 GMT
AN-X-Request-Uuid
9ff3f801-d2c3-4b4b-a2a1-adf8fab88798
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame B38B 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=69909520257&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame A8F9 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sholke.com
date
Tue, 13 Dec 2022 03:04:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame A8F9 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame A8F9 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9a820f57649f53d9e2479e5a18eeb57c5f23ddae1c343b50a3c17f3741df3a50
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:24 GMT
AN-X-Request-Uuid
175c9361-a2f9-4393-985e-67289a94330e
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame A8F9 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=54744227751&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame D4F3 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c20efd9f643246d2a0bccd53a83b1dc0a575a0cf40a4db4145650b9d743861b7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d18bf36b-09c7-41ae-8e63-aacdd102a85a
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame D4F3 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:23 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame D4F3 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=72793909689&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 03:04:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame D4F3 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sholke.com
date
Tue, 13 Dec 2022 03:04:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 360C 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://sholke.com
date
Tue, 13 Dec 2022 03:04:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 360C 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=33946463777&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 03:04:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 360C 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2a93931769b36603f167e96c38acf631944cbfba6aaf05de5791b851e6cf0292
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:24 GMT
AN-X-Request-Uuid
77beb9c2-0607-4b26-bed3-188cb2b6698f
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 360C 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
integrator.js
adservice.google.de/adsid/ Frame 5BA3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=friends.in.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5BA3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=friends.in.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5BA3 		587 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4054321052521098&correlator=1341207115206263&eid=31071093&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=21671350435%3A22643588514%2C300x600-friends.in.ua&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=651839845&sfv=1-0-40&prev_scp=hb_format_smartadser%3Dbanner%26hb_size_smartadserve%3D300x250%26hb_pb_smartadserverA%3D0.04%26hb_adid_smartadserve%3D13792f97812cfa2%26hb_bidder_smartadser%3DsmartadserverAlias%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.04%26hb_adid%3D13792f97812cfa2%26hb_bidder%3DsmartadserverAlias&eri=1&sc=1&cookie=ID%3D6572f49291d0d674-22d5403bfad900e2%3AT%3D1670900663%3ART%3D1670900663%3AS%3DALNI_MZ4Zth3LLePi367Lm8d5ZMj0yc1lw&gpic=UID%3D00000b919f63cad4%3AT%3D1670900663%3ART%3D1670900663%3AS%3DALNI_MaV7kNdmlrGlqNcH7z4t3MwWWWE4A&abxe=1&dt=1670900664407&lmt=1670900664&dlt=1670900663567&idt=787&adxs=1115&adys=100&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=i1nkkypva8c9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Ffriends.in.ua%2F&ref=https%3A%2F%2Ffriends.in.ua%2F&top=https%3A%2F%2Ffriends.in.ua%2F&frm=23&vis=1&psz=300x600&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=845992931.1670900663&ga_sid=1670900664&ga_hid=1739647889&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f005491925c778be395deb999d578725b8aea1560f0707b5227e3de06f32d0b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://friends.in.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5BA3 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98824bc49e191983468e97a22e6c0b8961d0374e59c6df90414869d50cd850f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11150
x-xss-protection
0
container.html
ac3bcb6729b00b4ccdfb92d35dc43719.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FDDE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ac3bcb6729b00b4ccdfb92d35dc43719.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 03:04:24 GMT
expires
Wed, 13 Dec 2023 03:04:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sas-banner-1.2.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame CC6B 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::5f64:9e19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Oct 2022 16:21:13 GMT
Server
AkamaiNetStorage
ETag
"afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11137
usync.html
eus.rubiconproject.com/ Frame B1B6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 13 Dec 2022 03:04:24 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 13 Dec 2022 03:04:24 GMT
location
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server
AkamaiGHost
sas-banner-1.2.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 8084 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::5f64:9e19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Oct 2022 16:21:13 GMT
Server
AkamaiNetStorage
ETag
"afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11137
usync.html
eus.rubiconproject.com/ Frame 983F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 13 Dec 2022 03:04:24 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 13 Dec 2022 03:04:24 GMT
location
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server
AkamaiGHost
sas-banner-1.2.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 161F 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::5f64:9e19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Oct 2022 16:21:13 GMT
Server
AkamaiNetStorage
ETag
"afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11137
qfqcwu936glt
hal9000.redintelligence.net/zone/ Frame C176 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/qfqcwu936glt?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=7519516833810243741&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7519516833810243741%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
1ed4d7d7a00440eaffdc5a033bc322f061d0775e87cda78901d6241649bb9058

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2801
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame C176
Redirect Chain
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTkdNeE1HWTVPR010TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1MTk1MTY4MzM4MTAyNDM3NDEvNjYyMjM5Ni80NTYyMzEyLzEzL1lBQU...
  • https://tags.mathtag.com/ck-confirm?bid_id=7519516833810243741&node_id=3747&exch_id=13
49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=7519516833810243741&node_id=3747&exch_id=13
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=sutyqaxnfc&e=1524064857105
Protocol
HTTP/1.1
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.373.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Server
MMBD/3.373.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x80, zrh-bidder-x133
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 13 Dec 2022 03:04:23 GMT

Redirect headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
x-mm-nodeid
3747
x-mm-bid-request-time
1670900664
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Content-Length
86
x-mm-handled-by-owner
true
Last-Modified
Tue, 13 Dec 2022 03:04:24 GMT
Server
MMBD/3.373.0
x-mm-latency
22 (0)
Content-Type
text/html; charset=utf-8
Location
https://tags.mathtag.com/ck-confirm?bid_id=7519516833810243741&node_id=3747&exch_id=13
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
cdg-router-x25, zrh-bidder-x133
Keep-Alive
timeout=360
x-mm-lag
0
Expires
Tue, 13 Dec 2022 03:04:23 GMT
analytics.js
s.update.mediamathtag.com/2/619621/ Frame C176 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//friends.in.ua/&ui=4c10f98c-0000-0000-0000-000000000000&ap=&ti=7519516833810243741&pv=dd4fffe3-fb15-4c80-abc8-8a004c0b636b&pp=10264&sr=13&de=43003&si=5626891&dm=300x600&ac=651871&cr=6622396&ai=216536&c1=4562312&r1=82.199.130.0&r2=&r3=
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d4694f07d3862d90d94ac9c1767e742e904ec10e96c078995e30b5a9a1ef29f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:24 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin
*
Content-Length
2955
Expires
0
img
pixel.mathtag.com/event/ Frame C176 		43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=7519516833810243741&v3=651871&v4=4562312&v5=6622396&mt_nsync=1&no_attr=1
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 180 1fd3e2d master ord-pixel-x8 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Server
MT3 180 1fd3e2d master ord-pixel-x8 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Tue, 13 Dec 2022 03:04:23 GMT
img
tags.mathtag.com/event/ Frame C176 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=7519516833810243741&st=4562312&time=[IMP_ATTR.time]&nodeid=3747
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.373.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Server
MMBD/3.373.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x40, zrh-bidder-x133
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 13 Dec 2022 03:04:23 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame C176 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-189.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27455
Expires
Wed, 13 Dec 2023 03:04:24 GMT
it
ams3-ib.adnxs.com/ Frame C176 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QLoCuhoBQAAAwDWAAUBCLjX35wGEPmZ4sOj45z7MRgAKjYJy7kUV5V9lz8RQhwM8R89kz8ZAAAAQDMzwz8hQg0SACkRJAAxARv0BQHheoQ_MIrYrwo4mFBAHUgIUKaQu7YBWIuylQFgAGj-4LABeOHxBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEvgAMAiAMBkAMAmAMXoAMBqgPTBgqKBmh0dHA6Ly90YWdzLm1hdGh0YWcuY29tL25vdGlmeS9pbWc_ZXhjaD1hcG4mc19leGNoPWFwbiZpZD01YVc5NXEyakx6SXpMeUF2VGtkTmVFMUhXVFZQUjAxMFRVUkJkMDFETUhkTlJFRjNURlJCZDAxRVFYUk5SARAMVVJCZAUQ8LZkTlJFRjNMemMxTVRrMU1UWTRNek00TVRBeU5ETTNOREV2TmpZeU1qTTVOaTgwTlRZeU16RXlMekV6TDFsQlFVUlJhRWQzUzE5NlpISk9ZMDlUTW0xbWRsSm9kSEZwTVY5MFVuTTFYelEwWWxaVGNqRkhjVUV2TVM4eE15OHdMekF2T1RVMk9EQXpMekV6T0RnNE1EWTNNREV2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlIyxAAAUgXEDFRVTXcN1ARNVhEgDEUxRVEN5Bn0FGN2TUM4dwF8CQhm_AAMZW5KbwUo8E96Z3ZNVFl2T1RrNUx6TXlNaTg0TWk0eE9Ua3VNVE13TGpBdk1DNHdNREF2TVRZM01Ea3dNRFkyTkM4eE5qY3dPVEV6TWpZMEx6RXpMekV3TQEM8Fh3L2NLTXlWUFMxTVV2M0FGTUZ6Q2dBLVpMT3RCOCZub2RlaWQ9Mzc0NyZncm91cD16cmgmYXVjdGlvbmlkPTc1MTk1MTY4MzM4MTAyNDM3NDEmcGJzX2F1Y2oiABxzaGFyZGtleVY_APB9cmljZT0ke0FVQ1RJT05fUFJJQ0V9JmJwPWFfYWNjamVhJm5meV9hY3Q9TEQ1d2YzVSZiZmlwPTE4NS4yOS4xMzIuOTgmc2lkPTQ1NjIzMTImY2lkPTY2MjIzOTYmc3JjPWFwaSZ0eXBlPW51cmwmY2xpZW50PXMycxITNzUxPs8AqBoTMzYwMDE5MTUwODU4MzA1ODY4MSIJMzgyNjUwNDA2KgYxMDE5MzY6BzYJY_BhwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA04Mi4xOTkuMTMwLjQ1qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASFMFiIBQGYBQCgBeny4OqsvaCrIsAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AG-asB2gYWChAJEhkBgBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBjY1MTg3MboHDwFSSBgAIAAwADi6BkAAyAfh8QXSBw0VgAFBCNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=a3a498075133b556cff670a0518183e1df1d9c4d
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:24 GMT
AN-X-Request-Uuid
955326a2-b973-4e81-be98-412b5aaf4108
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
qfqcwu936glt
hal9000.redintelligence.net/zone/ Frame 3428 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/qfqcwu936glt?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=6366595329203396825&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6366595329203396825%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
1f87332e03f112c9dc74bc545bf9a71279a74a1aa982943e9172b008722721c5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2798
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 3428
Redirect Chain
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTkdNeE1HWTVPR010TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzNjY1OTUzMjkyMDMzOTY4MjUvNjYyMjM5Ni80NTYyMzEyLzEzL1lBQU...
  • https://tags.mathtag.com/ck-confirm?bid_id=6366595329203396825&node_id=3747&exch_id=13
49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=6366595329203396825&node_id=3747&exch_id=13
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=xixwrtz&e=1524064857105
Protocol
HTTP/1.1
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.373.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Server
MMBD/3.373.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x93, zrh-bidder-x133
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 13 Dec 2022 03:04:23 GMT

Redirect headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
x-mm-nodeid
3747
x-mm-bid-request-time
1670900664
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Content-Length
86
x-mm-handled-by-owner
true
Last-Modified
Tue, 13 Dec 2022 03:04:24 GMT
Server
MMBD/3.373.0
x-mm-latency
11 (0)
Content-Type
text/html; charset=utf-8
Location
https://tags.mathtag.com/ck-confirm?bid_id=6366595329203396825&node_id=3747&exch_id=13
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
cdg-router-x83, zrh-bidder-x133
Keep-Alive
timeout=360
x-mm-lag
0
Expires
Tue, 13 Dec 2022 03:04:23 GMT
img
pixel.mathtag.com/event/ Frame 3428 		43 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=6366595329203396825&v3=651871&v4=4562312&v5=6622396&mt_nsync=1&no_attr=1
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 180 1fd3e2d master iad-pixel-x29 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Server
MT3 180 1fd3e2d master iad-pixel-x29 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Tue, 13 Dec 2022 03:04:23 GMT
img
tags.mathtag.com/event/ Frame 3428 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=6366595329203396825&st=4562312&time=[IMP_ATTR.time]&nodeid=3747
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.373.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Server
MMBD/3.373.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x84, zrh-bidder-x133
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 13 Dec 2022 03:04:23 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame 3428 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-189.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27455
Expires
Wed, 13 Dec 2023 03:04:24 GMT
it
ams3-ib.adnxs.com/ Frame 3428 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QLoCuhoBQAAAwDWAAUBCLjX35wGEOXj9q6q8Kn7TRgAKjYJy7kUV5V9lz8RQhwM8R89kz8ZAAAAQDMzwz8hQg0SACkRJAAxARv0BQHheoQ_MIrYrwo4mFBAHUgIUKaQu7YBWIuylQFgAGj-4LABeND2BYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEvgAMAiAMBkAMAmAMXoAMBqgPTBgqKBmh0dHA6Ly90YWdzLm1hdGh0YWcuY29tL25vdGlmeS9pbWc_ZXhjaD1hcG4mc19leGNoPWFwbiZpZD01YVc5NXEyakx6SXpMeUF2VGtkTmVFMUhXVFZQUjAxMFRVUkJkMDFETUhkTlJFRjNURlJCZDAxRVFYUk5SARAMVVJCZAUQ8LZkTlJFRjNMell6TmpZMU9UVXpNamt5TURNek9UWTRNalV2TmpZeU1qTTVOaTgwTlRZeU16RXlMekV6TDFsQlFVUlJhRWQzUzE5NlpISk9ZMDlUTW0xbWRscHBNelJzVm5BM1NtOTVOSHBtVEZSS1dFWjJiR3N2TVM4eE15OHdMekF2T1RVMk9EQXpMekV6T0RnNE1EWTNNREV2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlIyxAAAUgXEDFRVTXcN1ARNVhEgDEUxRVEN5Bn0FGN2TUM4dwF8CQhm_AAMZW5KbwUo8E96Z3ZNVFl2T1RrNUx6TXlNaTg0TWk0eE9Ua3VNVE13TGpBdk1DNHdNREF2TVRZM01Ea3dNRFkyTkM4eE5qY3dPVEV6TWpZMEx6RXpMekV3TQEM8Fh3L3ZxRnR4R29NTzBXVE12U292RGdVaFFWN3BCNCZub2RlaWQ9Mzc0NyZncm91cD16cmgmYXVjdGlvbmlkPTYzNjY1OTUzMjkyMDMzOTY4MjUmcGJzX2F1Y2oiABxzaGFyZGtleVY_APB9cmljZT0ke0FVQ1RJT05fUFJJQ0V9JmJwPWFfYWNjamVhJm5meV9hY3Q9TEQ1d2YzVSZiZmlwPTE4NS4yOS4xMzUuNjkmc2lkPTQ1NjIzMTImY2lkPTY2MjIzOTYmc3JjPWFwaSZ0eXBlPW51cmwmY2xpZW50PXMycxITNjM2Ps8AqBoTNTYxNzg2MTc2NDc2MTYyOTE1NyIJMzgyNjUwNDA2KgYxMDE5MzY6BzYJY_BhwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA04Mi4xOTkuMTMwLjQ1qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASFMFiIBQGYBQCgBe2YgNXM3OTHEMAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AG-asB2gYWChAJEhkBgBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBjY1MTg3MboHDwFSSBgAIAAwADi6BkAAyAfQ9gXSBw0VgAFBCNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=2e90f588b6df36e843abc5521b57ae288fec5ad0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:24 GMT
AN-X-Request-Uuid
e0236567-cd4c-4161-ad13-5137a60125f9
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame BCA4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 13 Dec 2022 03:04:24 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 13 Dec 2022 03:04:24 GMT
location
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server
AkamaiGHost
sas-banner-1.2.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 8056 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::5f64:9e19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Oct 2022 16:21:13 GMT
Server
AkamaiNetStorage
ETag
"afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11137
usync.html
eus.rubiconproject.com/ Frame DAFC
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 13 Dec 2022 03:04:24 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 13 Dec 2022 03:04:24 GMT
location
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server
AkamaiGHost
sas-banner-1.2.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame B9A1 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::5f64:9e19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Oct 2022 16:21:13 GMT
Server
AkamaiNetStorage
ETag
"afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11137
1
mc.yandex.com/watch/36124145/
Redirect Chain
  • https://mc.yandex.com/watch/36124145?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A776n41m7q3df66onruy8z%3Afp%3A1131%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3A...
  • https://mc.yandex.com/watch/36124145/1?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A776n41m7q3df66onruy8z%3Afp%3A1131%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%...
447 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/36124145/1?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A776n41m7q3df66onruy8z%3Afp%3A1131%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A1024263789046%3Ahid%3A238911461%3Az%3A0%3Ai%3A20221213030424%3Aet%3A1670900664%3Ac%3A1%3Arn%3A896622137%3Arqn%3A1%3Au%3A1670900664880591006%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C117%2C566%2C56%2C148%2C0%2C%2C669%2C14%2C%2C%2C%2C1556%3Aco%3A0%3Acpf%3A1%3Ans%3A1670900661486%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1670900665%3At%3A%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
2370614d9a7dd5896a8e51af64e891a11971ed48ceedeac99af204e3f77c99e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 13-Dec-2022 03:04:24 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://friends.in.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Tue, 13-Dec-2022 03:04:24 GMT

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 13-Dec-2022 03:04:24 GMT
location
/watch/36124145/1?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A776n41m7q3df66onruy8z%3Afp%3A1131%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A1024263789046%3Ahid%3A238911461%3Az%3A0%3Ai%3A20221213030424%3Aet%3A1670900664%3Ac%3A1%3Arn%3A896622137%3Arqn%3A1%3Au%3A1670900664880591006%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C117%2C566%2C56%2C148%2C0%2C%2C669%2C14%2C%2C%2C%2C1556%3Aco%3A0%3Acpf%3A1%3Ans%3A1670900661486%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1670900665%3At%3A%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://friends.in.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 13-Dec-2022 03:04:24 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5BA3 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 13 Dec 2022 03:04:24 GMT
usync.html
eus.rubiconproject.com/ Frame 5E6A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 13 Dec 2022 03:04:24 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 13 Dec 2022 03:04:24 GMT
location
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server
AkamaiGHost
sas-banner-1.2.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame D06A 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::5f64:9e19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Oct 2022 16:21:13 GMT
Server
AkamaiNetStorage
ETag
"afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11137
st.min.html
apps.sascdn.com/rtb/transparency/handler/ Frame 2A6C 		531 B
881 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%226054411e-56b9-4529-a5c7-0caf63bd1e04%22%2c%22adomain%22%3a%22rumpopn.com%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2258441608%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222819364%22%2c%22adid%22%3a%2258441608%22%2c%22hash%22%3a%22-7782229621295426521%22%7d
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:10::213:7e97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
531
Content-Type
text/html
Date
Tue, 13 Dec 2022 03:04:24 GMT
ETag
"cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires
Wed, 14 Dec 2022 03:04:24 GMT
Last-Modified
Thu, 18 Feb 2021 14:12:04 GMT
Server
AkamaiNetStorage
/
track.adform.net/adfscript/ Frame 3443 		963 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=58441608;rtbwp=fDlGELgw_LYpPWbcaRLTo71WBq8Wwe88HLYMgA;rtbdata=EgHIUscw8nuwzdRJYb7m9YozsmgFr4h66kkrem_n4pWYKyY27RLn2--7UQrQavP22hj6R4ZnCmZlEYXDnAyctXSPuRfwq2U-0tZ2gHoqt3dwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufbTxdNCFNgtsYy9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRvJX2KMh671V4KLMr5O4ZVNZPSVCRcBPzE1
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7b390a32282d4f92aedbeb2f0b3a07c7966b7227c8355de699fa905130634c8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
833
expires
-1
aip
euw1.smartadserver.com/h/ Frame 3443 		43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://euw1.smartadserver.com/h/aip?uii=6986706090582568881&tmstp=6100382174&ckid=3564216436759648384&systgt=%24qc%3d1313617845%3b%24ql%3dMedium%3b%24qpc%3de1w%3b%24qt%3d78_2531_71929t%3b%24dma%3d0%3b%24b%3d16990%3b%24o%3d11100%3b%24wpc%3d5679%3b%24wpc%3d1273%3b%24wpc%3d12274%3b%24wpc%3d11709%3b%24wpc%3d11710%3b%24wpc%3d8630%3b%24wpc%3d6159%3b%24wpc%3d6163%3b%24wpc%3d6166%3b%24wpc%3d6169%3b%24wpc%3d5890%3b%24wpc%3d5892%3b%24wpc%3d5893%3b%24wpc%3d5839%3b%24wpc%3d5841%3b%24wpc%3d5844%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5786%3b%24wpc%3d5788%3b%24wpc%3d5791%3b%24wpc%3d5757%3b%24wpc%3d5759%3b%24wpc%3d5762%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d5775%3b%24wpc%3d5739%3b%24wpc%3d5741%3b%24wpc%3d5744%3b%24wpc%3d6190%3b%24wpc%3d6192%3b%24wpc%3d6195%3b%24wpc%3d6197%3b%24wpc%3d6205%3b%24wpc%3d6207%3b%24wpc%3d6209%3b%24wpc%3d6211%3b%24wpc%3d6235%3b%24wpc%3d6237%3b%24wpc%3d6239%3b%24wpc%3d6241%3b%24wpc%3d6052%3b%24wpc%3d6054%3b%24wpc%3d6055%3b%24wpc%3d6057%3b%24wpc%3d6059%3b%24wpc%3d6060%3b%24wpc%3d6062%3b%24wpc%3d6001%3b%24wpc%3d6002%3b%24wpc%3d6005%3b%24wpc%3d6006%3b%24wpc%3d6007%3b%24wpc%3d6011%3b%24wpc%3d6012%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5997%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5973%3b%24wpc%3d5975%3b%24wpc%3d5947%3b%24wpc%3d5948%3b%24wpc%3d5951%3b%24wpc%3d5953%3b%24wpc%3d5955%3b%24wpc%3d5956%3b%24wpc%3d5960%3b%24wpc%3d5920%3b%24wpc%3d5921%3b%24wpc%3d5924%3b%24wpc%3d5925%3b%24wpc%3d5928%3b%24wpc%3d5929%3b%24wpc%3d5932%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5937%3b%24wpc%3d5939%3b%24wpc%3d5941%3b%24wpc%3d5943%3b%24wpc%3d5945%3b%24wpc%3d5904%3b%24wpc%3d5906%3b%24wpc%3d5907%3b%24wpc%3d5910%3b%24wpc%3d5912%3b%24wpc%3d5914%3b%24wpc%3d5915&acd=1670900664255&envtype=0&opid=317ec923-f9a6-4e6b-9816-63b0d40dc198&opdt=1670900664255&siteid=555020&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=3&imptype=0&intgtype=3&pgDomain=https%3a%2f%2ffriends.in.ua%2f&cappid=3564216436759648384&capp=0&mcrdbt=0&insid=9310545&imgid=0&pgid=1691712&fmtid=88200&isLazy=0&rtb=1&rtbnid=1999&rtbbid=5984865838759437502&rtbh=6c76e1b31d87a9f1b50e3d9f55e8ddc7f3f0f678&rtblt=638064974642583728&rtbet=0&rtbptnid=22&cftgid=440664fc3003
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
st.min.html
apps.sascdn.com/rtb/transparency/handler/ Frame 24CE 		531 B
881 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22cff4e43d-8fd9-4eff-8813-afc8b698dc06%22%2c%22adomain%22%3a%22beratung.de%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2258871330%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222821951%22%2c%22adid%22%3a%2258871330%22%2c%22hash%22%3a%229035198099596091152%22%7d
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:10::213:7e97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
531
Content-Type
text/html
Date
Tue, 13 Dec 2022 03:04:24 GMT
ETag
"cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires
Wed, 14 Dec 2022 03:04:24 GMT
Last-Modified
Thu, 18 Feb 2021 14:12:04 GMT
Server
AkamaiNetStorage
/
track.adform.net/adfscript/ Frame 2FF4 		963 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=58871330;rtbwp=awkkLAPbe_0lwkEx38vCJ4JzsA9WBZfr8M4wPg;rtbdata=xyM5PMf_e7HMNJiEZyaoh34DzZ_1c6RvttvmmmYAHQrjw8f5yuW2b98e2NGQNPpHo6lrrtXl9r10TwS1CH1FAv18cWo3qXfQQQj86ERciR9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufZ2yZ_uCUCXkYy9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRvJX2KMh671VyeheoegvN1zZPSVCRcBPzE1
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
29723249de5793762341c1df36b397b6353c43f239c399d04d441df0e0cfca5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
830
expires
-1
aip
euw1.smartadserver.com/h/ Frame 2FF4 		43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://euw1.smartadserver.com/h/aip?uii=6004221547368371787&tmstp=9562212768&ckid=8960771272848627746&systgt=%24qc%3d1313617845%3b%24ql%3dMedium%3b%24qpc%3de1w%3b%24qt%3d78_2531_71929t%3b%24dma%3d0%3b%24b%3d16990%3b%24o%3d11100%3b%24wpc%3d5679%3b%24wpc%3d1273%3b%24wpc%3d12274%3b%24wpc%3d11709%3b%24wpc%3d11710%3b%24wpc%3d8630%3b%24wpc%3d6159%3b%24wpc%3d6163%3b%24wpc%3d6166%3b%24wpc%3d6169%3b%24wpc%3d5890%3b%24wpc%3d5892%3b%24wpc%3d5893%3b%24wpc%3d5839%3b%24wpc%3d5841%3b%24wpc%3d5844%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5786%3b%24wpc%3d5788%3b%24wpc%3d5791%3b%24wpc%3d5757%3b%24wpc%3d5759%3b%24wpc%3d5762%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d5775%3b%24wpc%3d5739%3b%24wpc%3d5741%3b%24wpc%3d5744%3b%24wpc%3d6190%3b%24wpc%3d6192%3b%24wpc%3d6195%3b%24wpc%3d6197%3b%24wpc%3d6205%3b%24wpc%3d6207%3b%24wpc%3d6209%3b%24wpc%3d6211%3b%24wpc%3d6235%3b%24wpc%3d6237%3b%24wpc%3d6239%3b%24wpc%3d6241%3b%24wpc%3d6052%3b%24wpc%3d6054%3b%24wpc%3d6055%3b%24wpc%3d6057%3b%24wpc%3d6059%3b%24wpc%3d6060%3b%24wpc%3d6062%3b%24wpc%3d6001%3b%24wpc%3d6002%3b%24wpc%3d6005%3b%24wpc%3d6006%3b%24wpc%3d6007%3b%24wpc%3d6011%3b%24wpc%3d6012%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5997%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5973%3b%24wpc%3d5975%3b%24wpc%3d5947%3b%24wpc%3d5948%3b%24wpc%3d5951%3b%24wpc%3d5953%3b%24wpc%3d5955%3b%24wpc%3d5956%3b%24wpc%3d5960%3b%24wpc%3d5920%3b%24wpc%3d5921%3b%24wpc%3d5924%3b%24wpc%3d5925%3b%24wpc%3d5928%3b%24wpc%3d5929%3b%24wpc%3d5932%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5937%3b%24wpc%3d5939%3b%24wpc%3d5941%3b%24wpc%3d5943%3b%24wpc%3d5945%3b%24wpc%3d5904%3b%24wpc%3d5906%3b%24wpc%3d5907%3b%24wpc%3d5910%3b%24wpc%3d5912%3b%24wpc%3d5914%3b%24wpc%3d5915&acd=1670900664267&envtype=0&opid=011a2ae4-6efe-4248-9a84-ce068022fb08&opdt=1670900664267&siteid=555020&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=3&imptype=0&intgtype=3&pgDomain=https%3a%2f%2ffriends.in.ua%2f&cappid=8960771272848627746&capp=0&mcrdbt=0&insid=9310545&imgid=0&pgid=1691712&fmtid=88200&isLazy=0&rtb=1&rtbnid=1999&rtbbid=356589248344289426&rtbh=8d62b6c147404917b5dd6736e9f8a057a8c9994d&rtblt=638064974642695369&rtbet=0&rtbptnid=22&cftgid=b448e5b41b8e
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
st.min.html
apps.sascdn.com/rtb/transparency/handler/ Frame 42D8 		531 B
881 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%2258521dfa-fe3f-4f72-9d27-83fb3de0f721%22%2c%22adomain%22%3a%22wohntraum-weiden.de%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2256588294%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222744137%22%2c%22adid%22%3a%2256588294%22%2c%22hash%22%3a%22-4790844819760506036%22%7d
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:10::213:7e97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
531
Content-Type
text/html
Date
Tue, 13 Dec 2022 03:04:24 GMT
ETag
"cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires
Wed, 14 Dec 2022 03:04:24 GMT
Last-Modified
Thu, 18 Feb 2021 14:12:04 GMT
Server
AkamaiNetStorage
/
track.adform.net/adfscript/ Frame 84E2 		963 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=56588294;rtbwp=5gcch0fRL-fyzPOzRMHXEzR4Q1prnYd_Tc_oQQ;rtbdata=dVWYmnj-zflUAf1Txsqp5Ub7XDhUkMlG3XZz0AVMArHLfvca8RlJqeJP3jCI3qERBLOwN9YqiXvKc8PD78MKgOVRhDgrzx29I415sj83Pk1wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufYfohmA3MpgH4y9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRvJX2KMh671V6EuVBWCp8k1ZPSVCRcBPzE1
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b29e26594da77563de1b026a6824ba5f575047c6cb2aa08084e0950c8ac30bdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
838
expires
-1
aip
euw1.smartadserver.com/h/ Frame 84E2 		43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://euw1.smartadserver.com/h/aip?uii=6853156890469355377&tmstp=1774118482&ckid=5954940480917264440&systgt=%24qc%3d1313617845%3b%24ql%3dMedium%3b%24qpc%3de1w%3b%24qt%3d78_2531_71929t%3b%24dma%3d0%3b%24b%3d16990%3b%24o%3d11100%3b%24wpc%3d5679%3b%24wpc%3d1273%3b%24wpc%3d12274%3b%24wpc%3d11709%3b%24wpc%3d11710%3b%24wpc%3d8630%3b%24wpc%3d6159%3b%24wpc%3d6163%3b%24wpc%3d6166%3b%24wpc%3d6169%3b%24wpc%3d5890%3b%24wpc%3d5892%3b%24wpc%3d5893%3b%24wpc%3d5839%3b%24wpc%3d5841%3b%24wpc%3d5844%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5786%3b%24wpc%3d5788%3b%24wpc%3d5791%3b%24wpc%3d5757%3b%24wpc%3d5759%3b%24wpc%3d5762%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d5775%3b%24wpc%3d5739%3b%24wpc%3d5741%3b%24wpc%3d5744%3b%24wpc%3d6190%3b%24wpc%3d6192%3b%24wpc%3d6195%3b%24wpc%3d6197%3b%24wpc%3d6205%3b%24wpc%3d6207%3b%24wpc%3d6209%3b%24wpc%3d6211%3b%24wpc%3d6235%3b%24wpc%3d6237%3b%24wpc%3d6239%3b%24wpc%3d6241%3b%24wpc%3d6052%3b%24wpc%3d6054%3b%24wpc%3d6055%3b%24wpc%3d6057%3b%24wpc%3d6059%3b%24wpc%3d6060%3b%24wpc%3d6062%3b%24wpc%3d6001%3b%24wpc%3d6002%3b%24wpc%3d6005%3b%24wpc%3d6006%3b%24wpc%3d6007%3b%24wpc%3d6011%3b%24wpc%3d6012%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5997%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5973%3b%24wpc%3d5975%3b%24wpc%3d5947%3b%24wpc%3d5948%3b%24wpc%3d5951%3b%24wpc%3d5953%3b%24wpc%3d5955%3b%24wpc%3d5956%3b%24wpc%3d5960%3b%24wpc%3d5920%3b%24wpc%3d5921%3b%24wpc%3d5924%3b%24wpc%3d5925%3b%24wpc%3d5928%3b%24wpc%3d5929%3b%24wpc%3d5932%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5937%3b%24wpc%3d5939%3b%24wpc%3d5941%3b%24wpc%3d5943%3b%24wpc%3d5945%3b%24wpc%3d5904%3b%24wpc%3d5906%3b%24wpc%3d5907%3b%24wpc%3d5910%3b%24wpc%3d5912%3b%24wpc%3d5914%3b%24wpc%3d5915&acd=1670900664334&envtype=0&opid=c4091c46-a0e4-4b91-8f98-6013a6dd6c21&opdt=1670900664334&siteid=555020&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=3&imptype=0&intgtype=3&pgDomain=https%3a%2f%2ffriends.in.ua%2f&cappid=5954940480917264440&capp=0&mcrdbt=0&insid=9310545&imgid=0&pgid=1691712&fmtid=88200&isLazy=0&rtb=1&rtbnid=1999&rtbbid=4903908897400365019&rtbh=0d5fe7185bcbf8eaf5efc7d619c9fac4241b7869&rtblt=638064974643483052&rtbet=0&rtbptnid=22&cftgid=-1
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
request.php
hal90006.redintelligence.net/ Frame C176
Redirect Chain
  • https://hal90006.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=78aec0932c&subid=&uid=ef3f315eae9a66bd&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90006.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=78aec0932c&subid=&uid=ef3f315eae9a66bd&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90006.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=78aec0932c&subid=&uid=ef3f315eae9a66bd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7519516833810243741%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dsutyqaxnfc%26e%3D1524064857105&ancestorOrigins=https%3A%2F%2Fsholke.com%2Chttps%3A%2F%2Ffriends.in.ua&random=5908056464903&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=sutyqaxnfc&e=1524064857105
Protocol
HTTP/1.1
Server
138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
80811c546d2d0740dd3c67e2e4c5ea2364ae23fe5f532ea63e0ff1079e8b4611

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:25 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
29815100008565000951433012172006
Connection
close
Content-Length
865
Expires
Tue, 13 Dec 2022 03:04:25 +0100

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:24 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=78aec0932c&subid=&uid=ef3f315eae9a66bd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7519516833810243741%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dsutyqaxnfc%26e%3D1524064857105&ancestorOrigins=https%3A%2F%2Fsholke.com%2Chttps%3A%2F%2Ffriends.in.ua&random=5908056464903&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Tue, 13 Dec 2022 03:04:24 +0100
qfqcwu936glt
hal9000.redintelligence.net/zone/ Frame 0CFC 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/qfqcwu936glt?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=1754909309698679023&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1754909309698679023%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
de3f52a617f73e40d6a3b5722e7aa293fc8581464420f43d8d480eb087af893d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2800
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
img
tags.mathtag.com/notify/ Frame 0CFC 		49 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTWpKa05EZGlOV1l0WlRBME1DMWhaV0ZoTFRBd01EQXRNREF3TURBd01EQXdNREF3LzE3NTQ5MDkzMDk2OTg2NzkwMjMvNjYyMjM5Ni80NTYyMzEyLzEzL1lBQURRaEd3S196ZHJOY09TMm1mdlQ5LTU4WTlRMFB3azZ0TGx1bmdObmcvMS8xMy8wLzAvOTU2ODAzLzEzODg4MDY3MDEvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzE3NTQ5MDkzMDk2OTg2NzkwMjMvYW1zLzAvMzgvMTYvOTk5LzMyMi84Mi4xOTkuMTMwLjAvMC4wMDAvMTY3MDkwMDY2NC8xNjcwOTEzMjY0LzEzLzEwMjY0Lw/X51ruZwkI9_tNeVBBLhUKhPCStY&nodeid=3309&group=cdg&auctionid=1754909309698679023&pbs_auctionid=1754909309698679023&shardkey=1754909309698679023&sid=4562312&cid=6622396&bp=a_accjea&min_bid_win=${AUCTION_MIN_TO_WIN}&nfy_act=LD5wew&bfip=185.29.135.62&type=imp&client=c2s
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.373.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
x-mm-nodeid
3309
x-mm-bid-request-time
1670900664
Connection
keep-alive
Content-Length
49
x-mm-handled-by-owner
true
Last-Modified
Tue, 13 Dec 2022 03:04:24 GMT
Server
MMBD/3.373.0
x-mm-latency
2 (0)
Content-Type
image/gif
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
cdg-router-x94, cdg-bidder-x63
Keep-Alive
timeout=360
x-mm-lag
0
Expires
Tue, 13 Dec 2022 03:04:23 GMT
img
pixel.mathtag.com/event/ Frame 0CFC 		43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=1754909309698679023&v3=651871&v4=4562312&v5=6622396&mt_nsync=1&no_attr=1
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 180 1fd3e2d master iad-pixel-x21 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Server
MT3 180 1fd3e2d master iad-pixel-x21 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Tue, 13 Dec 2022 03:04:23 GMT
img
tags.mathtag.com/event/ Frame 0CFC 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=1754909309698679023&st=4562312&time=[IMP_ATTR.time]&nodeid=3309
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.373.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Server
MMBD/3.373.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x101, cdg-bidder-x63
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 13 Dec 2022 03:04:23 GMT
trk.js
cdn.adnxs.com/v/s/231/ Frame 0CFC 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/231/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-189.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27455
Expires
Wed, 13 Dec 2023 03:04:24 GMT
it
ams3-ib.adnxs.com/ Frame 0CFC 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QLwCvBMcAUAAAMA1gAFAQi419-cBhCBsJfr8ua1vikYvI6Ztpziz4BuKjYJy7kUV5V9lz8RQhwM8R89kz8ZAAAAQDMzwz8hQhwM8R89kz8py7kJJAAxARv04gHheoQ_MIrYrwo4mFBAHUgIUKaQu7YBWIuylQFgAGj-4LABeJvzBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEvgAMAiAMBkAMAmAMXoAMBqgPTBgqKBmh0dHA6Ly90YWdzLm1hdGh0YWcuY29tL25vdGlmeS9pbWc_ZXhjaD1hcG4mc19leGNoPWFwbiZpZD01YVc5NXEyakx6SXpMeUF2VFdwS2EwNUVaR2xPVjFsMFdsUkJNRTFETVdoYVYwWm9URlJCZDAxRVFYUk5SRUYzVFVSQmQwMUVRWGROUkVGM0x6RTNOVFE1TURrek1EazJPVGcyTnprd01qTXZOall5TWpNNU5pODBOVFl5TXpFeUx6RXpMMWxCUVVSUmFFZDNTMTk2WkhKT1kwOVRNbTFtZGxFelMyZ3pjbDlGVDB4YVlXNUhNM2xZU2pkRGRXOHZNUzh4TXk4d0x6QXZPVFUyT0RBekx6RXpPRGc0TURZM01ERXZNakUyTlRNMkx6WTFNVGczTVM4eEx6QXZNQzlOUkVGM1RVUkJkMDFFUVhSTlJFRjNUVU13ZDAF1ARNVhHkAEUFEAROUhEQJQQMY3ZNQwl8CQgURTNOVFE1TvwAyFlXMXpMekF2TXpndk1UWXZPVGs1THpNeU1pODRNaTR4T1RrdU1UTXdMakF2TUM0d01EQQEoYDNNRGt3TURZMk5DOHhOamN3T1RFek1qWTAlOAh6RXcFDPBYdy9IY1RJZ04xV1VpQzB2STlaNGhmYWFjZmpLTDgmbm9kZWlkPTMzMDkmZ3JvdXA9Y2RnJmF1Y3Rpb25pZD0xNzU0OTA5MzA5Njk4Njc5MDIzJnBic19hdWNqIgAcc2hhcmRrZXlWPwDwfXJpY2U9JHtBVUNUSU9OX1BSSUNFfSZicD1hX2FjY2plYSZuZnlfYWN0PUxENXdmM1UmYmZpcD0xODUuMjkuMTM1LjYyJnNpZD00NTYyMzEyJmNpZD02NjIyMzk2JnNyYz1hcGkmdHlwZT1udXJsJmNsaWVudD1zMnMSEzE3NT7PAKgaEzI5ODk1MDA4ODQ2NTE5ODg5OTMiCTM4MjY1MDQwNioGMTAxOTM2Ogc2CWPwYcADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNODIuMTk5LjEzMC40NagEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAEhTBYiAUBmAUAoAW8_5XdmsjNwzzABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBYvrS_oFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBvmrAdoGFgoQCRIZAYAQABgA4AYB8gYCCACABwGIBwCgBwGqBwY2NTE4NzG6Bw8BUkgYACAAMAA4ugZAAMgHm_MF0gcNFYABQQjaBwYJJ2jgBwDqBwIIAPAH7vYDiggCEACVCAAAgD-YCAE.&s=8c3c0f59e2ca9883f077cfc6961856fd99f76b34
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:24 GMT
AN-X-Request-Uuid
a0f16815-32d7-4524-9b8b-6de01709ed36
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
request.php
hal90009.redintelligence.net/ Frame 3428
Redirect Chain
  • https://hal90009.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=3f91bafc21&subid=&uid=5d765cb73672b556&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90009.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=3f91bafc21&subid=&uid=5d765cb73672b556&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=3f91bafc21&subid=&uid=5d765cb73672b556&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6366595329203396825%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dxixwrtz%26e%3D1524064857105&ancestorOrigins=https%3A%2F%2Fsholke.com%2Chttps%3A%2F%2Ffriends.in.ua&random=6099865048724&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=xixwrtz&e=1524064857105
Protocol
HTTP/1.1
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
1acf63a647bcc2f7373a93a4b4d38bfb99bf27a13ddd3bff55c54b103be71077

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:25 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
62272200006256900951433012172009
Connection
close
Content-Length
863
Expires
Tue, 13 Dec 2022 03:04:25 +0100

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:24 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=3f91bafc21&subid=&uid=5d765cb73672b556&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6366595329203396825%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dxixwrtz%26e%3D1524064857105&ancestorOrigins=https%3A%2F%2Fsholke.com%2Chttps%3A%2F%2Ffriends.in.ua&random=6099865048724&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Tue, 13 Dec 2022 03:04:24 +0100
st.min.html
apps.sascdn.com/rtb/transparency/handler/ Frame 2772 		531 B
881 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%2266fcc7da-bad5-4f11-91f4-c869224d2ddf%22%2c%22adomain%22%3a%22firmen.tv%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2257837237%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222791744%22%2c%22adid%22%3a%2257837237%22%2c%22hash%22%3a%228972679532373123456%22%7d
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:10::213:7e97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
531
Content-Type
text/html
Date
Tue, 13 Dec 2022 03:04:24 GMT
ETag
"cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires
Wed, 14 Dec 2022 03:04:24 GMT
Last-Modified
Thu, 18 Feb 2021 14:12:04 GMT
Server
AkamaiNetStorage
/
track.adform.net/adfscript/ Frame D238 		963 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=57837237;rtbwp=OKUyPh807jSpmgUKHWyEtdCzZce2ZXAhmC4kkA;rtbdata=NNFYuMWAQnPtYeQBp6e04dSs5SUnb2g2AkyxuufZQ5Odtdw1azOZnBj85PPOzRRFVyT7TpbVGOI6SIahnz3ghiwtjqI06TEx9DrP2HGGHdFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufZjZDel7w-fQoy9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRuru07Cw_7F_aEuVBWCp8k1ZPSVCRcBPzE1
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6afadb5481488be9241475816177e2be5d53201c93b9e25378b44cea94202839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
827
expires
-1
aip
euw1.smartadserver.com/h/ Frame D238 		43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://euw1.smartadserver.com/h/aip?uii=2713381624016470398&tmstp=8592806122&ckid=7926223035469322271&systgt=%24qc%3d1313617845%3b%24ql%3dMedium%3b%24qpc%3de1w%3b%24qt%3d78_2531_71929t%3b%24dma%3d0%3b%24b%3d16990%3b%24o%3d11100%3b%24wpc%3d5679%3b%24wpc%3d1273%3b%24wpc%3d12274%3b%24wpc%3d11709%3b%24wpc%3d11710%3b%24wpc%3d8630%3b%24wpc%3d6159%3b%24wpc%3d6163%3b%24wpc%3d6166%3b%24wpc%3d6169%3b%24wpc%3d5890%3b%24wpc%3d5892%3b%24wpc%3d5893%3b%24wpc%3d5839%3b%24wpc%3d5841%3b%24wpc%3d5844%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5786%3b%24wpc%3d5788%3b%24wpc%3d5791%3b%24wpc%3d5757%3b%24wpc%3d5759%3b%24wpc%3d5762%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d5775%3b%24wpc%3d5739%3b%24wpc%3d5741%3b%24wpc%3d5744%3b%24wpc%3d6190%3b%24wpc%3d6192%3b%24wpc%3d6195%3b%24wpc%3d6197%3b%24wpc%3d6205%3b%24wpc%3d6207%3b%24wpc%3d6209%3b%24wpc%3d6211%3b%24wpc%3d6235%3b%24wpc%3d6237%3b%24wpc%3d6239%3b%24wpc%3d6241%3b%24wpc%3d6052%3b%24wpc%3d6054%3b%24wpc%3d6055%3b%24wpc%3d6057%3b%24wpc%3d6059%3b%24wpc%3d6060%3b%24wpc%3d6062%3b%24wpc%3d6001%3b%24wpc%3d6002%3b%24wpc%3d6005%3b%24wpc%3d6006%3b%24wpc%3d6007%3b%24wpc%3d6011%3b%24wpc%3d6012%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5997%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5973%3b%24wpc%3d5975%3b%24wpc%3d5947%3b%24wpc%3d5948%3b%24wpc%3d5951%3b%24wpc%3d5953%3b%24wpc%3d5955%3b%24wpc%3d5956%3b%24wpc%3d5960%3b%24wpc%3d5920%3b%24wpc%3d5921%3b%24wpc%3d5924%3b%24wpc%3d5925%3b%24wpc%3d5928%3b%24wpc%3d5929%3b%24wpc%3d5932%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5937%3b%24wpc%3d5939%3b%24wpc%3d5941%3b%24wpc%3d5943%3b%24wpc%3d5945%3b%24wpc%3d5904%3b%24wpc%3d5906%3b%24wpc%3d5907%3b%24wpc%3d5910%3b%24wpc%3d5912%3b%24wpc%3d5914%3b%24wpc%3d5915&acd=1670900664434&envtype=0&opid=0af22037-27a0-427f-bd1c-5baf97002516&opdt=1670900664434&siteid=555020&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=3&imptype=0&intgtype=3&pgDomain=https%3a%2f%2ffriends.in.ua%2f&cappid=7926223035469322271&capp=0&mcrdbt=0&insid=9310545&imgid=0&pgid=1691712&fmtid=88200&isLazy=0&rtb=1&rtbnid=1999&rtbbid=3180657416585930360&rtbh=45fb2f6026a292175ead300b57a79e0c8b517656&rtblt=638064974644381692&rtbet=0&rtbptnid=22&cftgid=901a6eb98e69
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
st.min.html
apps.sascdn.com/rtb/transparency/handler/ Frame 7BE4 		531 B
881 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22ce4af49e-0ad4-4e3f-8f96-0662149ff991%22%2c%22adomain%22%3a%22firmen.tv%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2257837237%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222791744%22%2c%22adid%22%3a%2257837237%22%2c%22hash%22%3a%228972679532373123456%22%7d
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:10::213:7e97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
531
Content-Type
text/html
Date
Tue, 13 Dec 2022 03:04:24 GMT
ETag
"cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires
Wed, 14 Dec 2022 03:04:24 GMT
Last-Modified
Thu, 18 Feb 2021 14:12:04 GMT
Server
AkamaiNetStorage
/
track.adform.net/adfscript/ Frame C5EF 		963 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=57837237;rtbwp=OlbxoM4ZynxiPucwEpyFw0J3LY6zy__IX4olQQ;rtbdata=3XPskYh16vZAUWZvSzSZLSx2mumz4b3pnxOBaxOs8ORSUNHAL37Y06Q-fy_RuKbl2l5BmovERcqYjHBVjaY4p6BKed6m-K1obc5MbjISijVwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufaKYl9twExy74y9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRuru07Cw_7F_YKLMr5O4ZVNZPSVCRcBPzE1
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a4401df717440e483f675fd4753e7be229d7a6a13366f2084f90654275965541
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
837
expires
-1
aip
euw1.smartadserver.com/h/ Frame C5EF 		43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://euw1.smartadserver.com/h/aip?uii=7262501629775089436&tmstp=7584818619&ckid=5632010625894504563&systgt=%24qc%3d1313617845%3b%24ql%3dMedium%3b%24qpc%3de1w%3b%24qt%3d78_2531_71929t%3b%24dma%3d0%3b%24b%3d16990%3b%24o%3d11100%3b%24wpc%3d5679%3b%24wpc%3d1273%3b%24wpc%3d12274%3b%24wpc%3d11709%3b%24wpc%3d11710%3b%24wpc%3d8630%3b%24wpc%3d6159%3b%24wpc%3d6163%3b%24wpc%3d6166%3b%24wpc%3d6169%3b%24wpc%3d5890%3b%24wpc%3d5892%3b%24wpc%3d5893%3b%24wpc%3d5839%3b%24wpc%3d5841%3b%24wpc%3d5844%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5786%3b%24wpc%3d5788%3b%24wpc%3d5791%3b%24wpc%3d5757%3b%24wpc%3d5759%3b%24wpc%3d5762%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d5775%3b%24wpc%3d5739%3b%24wpc%3d5741%3b%24wpc%3d5744%3b%24wpc%3d6190%3b%24wpc%3d6192%3b%24wpc%3d6195%3b%24wpc%3d6197%3b%24wpc%3d6205%3b%24wpc%3d6207%3b%24wpc%3d6209%3b%24wpc%3d6211%3b%24wpc%3d6235%3b%24wpc%3d6237%3b%24wpc%3d6239%3b%24wpc%3d6241%3b%24wpc%3d6052%3b%24wpc%3d6054%3b%24wpc%3d6055%3b%24wpc%3d6057%3b%24wpc%3d6059%3b%24wpc%3d6060%3b%24wpc%3d6062%3b%24wpc%3d6001%3b%24wpc%3d6002%3b%24wpc%3d6005%3b%24wpc%3d6006%3b%24wpc%3d6007%3b%24wpc%3d6011%3b%24wpc%3d6012%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5997%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5973%3b%24wpc%3d5975%3b%24wpc%3d5947%3b%24wpc%3d5948%3b%24wpc%3d5951%3b%24wpc%3d5953%3b%24wpc%3d5955%3b%24wpc%3d5956%3b%24wpc%3d5960%3b%24wpc%3d5920%3b%24wpc%3d5921%3b%24wpc%3d5924%3b%24wpc%3d5925%3b%24wpc%3d5928%3b%24wpc%3d5929%3b%24wpc%3d5932%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5937%3b%24wpc%3d5939%3b%24wpc%3d5941%3b%24wpc%3d5943%3b%24wpc%3d5945%3b%24wpc%3d5904%3b%24wpc%3d5906%3b%24wpc%3d5907%3b%24wpc%3d5910%3b%24wpc%3d5912%3b%24wpc%3d5914%3b%24wpc%3d5915&acd=1670900664519&envtype=0&opid=827dc5b8-c446-472d-b3b3-d972ca9d3a3d&opdt=1670900664519&siteid=555020&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=3&imptype=0&intgtype=3&pgDomain=https%3a%2f%2ffriends.in.ua%2f&cappid=5632010625894504563&capp=0&mcrdbt=0&insid=9310545&imgid=0&pgid=1691712&fmtid=88200&isLazy=0&rtb=1&rtbnid=1999&rtbbid=9222696962472462426&rtbh=b8b7775a4eb2aa8bfe4b83efb810a8c5ad5d988f&rtblt=638064974645225223&rtbet=0&rtbptnid=22&cftgid=3c6ae5a8d61e
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
st.min.html
apps.sascdn.com/rtb/transparency/handler/ Frame 5A4A 		531 B
881 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22d6b4cc05-ca2a-4d9b-809a-30b2f6e7ee22%22%2c%22adomain%22%3a%22firmen.tv%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2257894125%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222791953%22%2c%22adid%22%3a%2257894125%22%2c%22hash%22%3a%22-2638847429860618896%22%7d
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:10::213:7e97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
531
Content-Type
text/html
Date
Tue, 13 Dec 2022 03:04:24 GMT
ETag
"cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires
Wed, 14 Dec 2022 03:04:24 GMT
Last-Modified
Thu, 18 Feb 2021 14:12:04 GMT
Server
AkamaiNetStorage
/
track.adform.net/adfscript/ Frame D412 		963 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=57894125;rtbwp=soOWlH_GRzEhG-lZ9sNIVtsf1mAa9AEH6gpAbg;rtbdata=kOehyWS82X-DhlkeCd3s0lcsotEki1H2s1GwlNU0x3zUjXYRxN4kjsaVYKlH7quXcD7RnWuKfmsDrig4-qo_N9l_KU8WH-XRSwmGgMrdL3twGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufaxTtEYB4XzvIy9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRvJX2KMh671V4KLMr5O4ZVNZPSVCRcBPzE1
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ed86779a00ea50ddd9ed1ab2876497cdc202ea58109dae5a363751410e2057e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
831
expires
-1
aip
euw1.smartadserver.com/h/ Frame D412 		43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://euw1.smartadserver.com/h/aip?uii=6030023453809902901&tmstp=9792953287&ckid=6372488297967180030&systgt=%24qc%3d1313617845%3b%24ql%3dMedium%3b%24qpc%3de1w%3b%24qt%3d78_2531_71929t%3b%24dma%3d0%3b%24b%3d16990%3b%24o%3d11100%3b%24wpc%3d5679%3b%24wpc%3d1273%3b%24wpc%3d12274%3b%24wpc%3d11709%3b%24wpc%3d11710%3b%24wpc%3d8630%3b%24wpc%3d6159%3b%24wpc%3d6163%3b%24wpc%3d6166%3b%24wpc%3d6169%3b%24wpc%3d5890%3b%24wpc%3d5892%3b%24wpc%3d5893%3b%24wpc%3d5839%3b%24wpc%3d5841%3b%24wpc%3d5844%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5786%3b%24wpc%3d5788%3b%24wpc%3d5791%3b%24wpc%3d5757%3b%24wpc%3d5759%3b%24wpc%3d5762%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d5775%3b%24wpc%3d5739%3b%24wpc%3d5741%3b%24wpc%3d5744%3b%24wpc%3d6190%3b%24wpc%3d6192%3b%24wpc%3d6195%3b%24wpc%3d6197%3b%24wpc%3d6205%3b%24wpc%3d6207%3b%24wpc%3d6209%3b%24wpc%3d6211%3b%24wpc%3d6235%3b%24wpc%3d6237%3b%24wpc%3d6239%3b%24wpc%3d6241%3b%24wpc%3d6052%3b%24wpc%3d6054%3b%24wpc%3d6055%3b%24wpc%3d6057%3b%24wpc%3d6059%3b%24wpc%3d6060%3b%24wpc%3d6062%3b%24wpc%3d6001%3b%24wpc%3d6002%3b%24wpc%3d6005%3b%24wpc%3d6006%3b%24wpc%3d6007%3b%24wpc%3d6011%3b%24wpc%3d6012%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5997%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5973%3b%24wpc%3d5975%3b%24wpc%3d5947%3b%24wpc%3d5948%3b%24wpc%3d5951%3b%24wpc%3d5953%3b%24wpc%3d5955%3b%24wpc%3d5956%3b%24wpc%3d5960%3b%24wpc%3d5920%3b%24wpc%3d5921%3b%24wpc%3d5924%3b%24wpc%3d5925%3b%24wpc%3d5928%3b%24wpc%3d5929%3b%24wpc%3d5932%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5937%3b%24wpc%3d5939%3b%24wpc%3d5941%3b%24wpc%3d5943%3b%24wpc%3d5945%3b%24wpc%3d5904%3b%24wpc%3d5906%3b%24wpc%3d5907%3b%24wpc%3d5910%3b%24wpc%3d5912%3b%24wpc%3d5914%3b%24wpc%3d5915&acd=1670900664472&envtype=0&opid=3ce0a4c2-a37c-46e7-b5e9-a1ff53a54b69&opdt=1670900664472&siteid=555020&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=3&imptype=0&intgtype=3&pgDomain=https%3a%2f%2ffriends.in.ua%2f&cappid=6372488297967180030&capp=0&mcrdbt=0&insid=9310545&imgid=0&pgid=1691712&fmtid=88200&isLazy=0&rtb=1&rtbnid=1999&rtbbid=3928367797869161337&rtbh=2b8b9241e452464d58f0244d5054577e1e0765bf&rtblt=638064974644761450&rtbet=0&rtbptnid=22&cftgid=3c6ae5a8d61e
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 03:04:24 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9850.IBXKeyAqLaekDh6g_nRKptFIO9o4Mmep7wkG48F6FIbLr_wJRxxbJ5tK9S7BU8mU.2r4od9XfU9faYQ89UDuI3phRaq0%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9850.DnApnOwPwgoszESo4KyneY1zt2cGGKXDZNf2TnAJKvMqxotUnzqvzKY-7PwbKah547_IhNSs1GvA5eN6th9YaT5aTQfJeF6rR4UBgfBbVao%2C.Rzr_h2yRN4nZR2edJi...
43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9850.DnApnOwPwgoszESo4KyneY1zt2cGGKXDZNf2TnAJKvMqxotUnzqvzKY-7PwbKah547_IhNSs1GvA5eN6th9YaT5aTQfJeF6rR4UBgfBbVao%2C.Rzr_h2yRN4nZR2edJiJYMyCEJxs%2C
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9850.DnApnOwPwgoszESo4KyneY1zt2cGGKXDZNf2TnAJKvMqxotUnzqvzKY-7PwbKah547_IhNSs1GvA5eN6th9YaT5aTQfJeF6rR4UBgfBbVao%2C.Rzr_h2yRN4nZR2edJiJYMyCEJxs%2C
date
Tue, 13 Dec 2022 03:04:24 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
sync_cookie_image_check_secondary
mc.yandex.ua/ 		0
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5F1B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
12541
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 23:35:23 GMT
expires
Tue, 12 Dec 2023 23:35:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9840 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3c048340fc859bbe32ab61389aa748cd687eb9177424311f28d3c819542157e7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZmokVclUBL_B-Y3VJbrY0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-ZmokVclUBL_B-Y3VJbrY0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 03:04:24 GMT
expires
Tue, 13 Dec 2022 03:04:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.js
eus.rubiconproject.com/ Frame B1B6 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Dec 2022 18:02:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=53862
Connection
keep-alive
Content-Length
10064
Expires
Tue, 13 Dec 2022 18:02:06 GMT
usync.js
eus.rubiconproject.com/ Frame 983F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Dec 2022 18:02:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=53862
Connection
keep-alive
Content-Length
10064
Expires
Tue, 13 Dec 2022 18:02:06 GMT
usync.js
eus.rubiconproject.com/ Frame BCA4 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Dec 2022 18:02:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=53862
Connection
keep-alive
Content-Length
10064
Expires
Tue, 13 Dec 2022 18:02:06 GMT
usync.js
eus.rubiconproject.com/ Frame DAFC 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Dec 2022 18:02:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=53862
Connection
keep-alive
Content-Length
10064
Expires
Tue, 13 Dec 2022 18:02:06 GMT
usync.js
eus.rubiconproject.com/ Frame 5E6A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Dec 2022 18:02:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=53862
Connection
keep-alive
Content-Length
10064
Expires
Tue, 13 Dec 2022 18:02:06 GMT
request.php
hal900026.redintelligence.net/ Frame 0CFC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=09ea3cec90&subid=&uid=472f7a5e393663d6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1754909309698679023%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dplxhds%26e%3D1524064857105&ancestorOrigins=https%3A%2F%2Fsholke.com%2Chttps%3A%2F%2Ffriends.in.ua&random=7750747787462&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/qfqcwu936glt?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=1754909309698679023&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1754909309698679023%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
29ec7a8cb3094008113317cb4b2da233fde8382e37c22b7c6990dfff4fa1785c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:25 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
41535200007297500951433012172026
Connection
close
Content-Length
865
Expires
Tue, 13 Dec 2022 03:04:25 +0100
khaos.jpg
token.rubiconproject.com/ Frame B1B6 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame 983F 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame BCA4 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 2FF4 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=58871330;rtbwp=awkkLAPbe_0lwkEx38vCJ4JzsA9WBZfr8M4wPg;rtbdata=xyM5PMf_e7HMNJiEZyaoh34DzZ_1c6RvttvmmmYAHQrjw8f5yuW2b98e2NGQNPpHo6lrrtXl9r10TwS1CH1FAv18cWo3qXfQQQj86ERciR9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufZ2yZ_uCUCXkYy9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRvJX2KMh671VyeheoegvN1zZPSVCRcBPzE1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 08:06:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 14 Dec 2022 06:20:12 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 3443 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=58441608;rtbwp=fDlGELgw_LYpPWbcaRLTo71WBq8Wwe88HLYMgA;rtbdata=EgHIUscw8nuwzdRJYb7m9YozsmgFr4h66kkrem_n4pWYKyY27RLn2--7UQrQavP22hj6R4ZnCmZlEYXDnAyctXSPuRfwq2U-0tZ2gHoqt3dwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufbTxdNCFNgtsYy9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRvJX2KMh671V4KLMr5O4ZVNZPSVCRcBPzE1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 08:06:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 14 Dec 2022 06:20:12 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame D238 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=57837237;rtbwp=OKUyPh807jSpmgUKHWyEtdCzZce2ZXAhmC4kkA;rtbdata=NNFYuMWAQnPtYeQBp6e04dSs5SUnb2g2AkyxuufZQ5Odtdw1azOZnBj85PPOzRRFVyT7TpbVGOI6SIahnz3ghiwtjqI06TEx9DrP2HGGHdFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufZjZDel7w-fQoy9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRuru07Cw_7F_aEuVBWCp8k1ZPSVCRcBPzE1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 08:06:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 14 Dec 2022 06:20:12 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame C5EF 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=57837237;rtbwp=OlbxoM4ZynxiPucwEpyFw0J3LY6zy__IX4olQQ;rtbdata=3XPskYh16vZAUWZvSzSZLSx2mumz4b3pnxOBaxOs8ORSUNHAL37Y06Q-fy_RuKbl2l5BmovERcqYjHBVjaY4p6BKed6m-K1obc5MbjISijVwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufaKYl9twExy74y9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRuru07Cw_7F_YKLMr5O4ZVNZPSVCRcBPzE1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 08:06:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 14 Dec 2022 06:20:12 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame D412 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=57894125;rtbwp=soOWlH_GRzEhG-lZ9sNIVtsf1mAa9AEH6gpAbg;rtbdata=kOehyWS82X-DhlkeCd3s0lcsotEki1H2s1GwlNU0x3zUjXYRxN4kjsaVYKlH7quXcD7RnWuKfmsDrig4-qo_N9l_KU8WH-XRSwmGgMrdL3twGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufaxTtEYB4XzvIy9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRvJX2KMh671V4KLMr5O4ZVNZPSVCRcBPzE1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 08:06:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 14 Dec 2022 06:20:12 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 84E2 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=56588294;rtbwp=5gcch0fRL-fyzPOzRMHXEzR4Q1prnYd_Tc_oQQ;rtbdata=dVWYmnj-zflUAf1Txsqp5Ub7XDhUkMlG3XZz0AVMArHLfvca8RlJqeJP3jCI3qERBLOwN9YqiXvKc8PD78MKgOVRhDgrzx29I415sj83Pk1wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufYfohmA3MpgH4y9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRvJX2KMh671V6EuVBWCp8k1ZPSVCRcBPzE1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 08:06:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 14 Dec 2022 06:20:12 GMT
khaos.jpg
token.rubiconproject.com/ Frame DAFC 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame 5E6A 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame 5F1B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 22:38:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15959
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 22:38:25 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9840 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=4054321052521098&rc=
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 5F1B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?TDmX8w
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 983F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=smartadserver
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
view.aspx
pb.media01.eu/ Frame C13C
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=41535200007297500951433012172026&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=41535200007297500951433012172026&actionid=981741&produktid=&dt_url=
0
629 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=41535200007297500951433012172026&actionid=981741&produktid=&dt_url=
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=09ea3cec90&subid=&uid=472f7a5e393663d6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1754909309698679023%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dplxhds%26e%3D1524064857105&ancestorOrigins=https%3A%2F%2Fsholke.com%2Chttps%3A%2F%2Ffriends.in.ua&random=7750747787462&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 03:04:25 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Tue, 13 Dec 2022 04:04:25 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

Content-Length
0
Content-Type
application/javascript
Date
Tue, 13 Dec 2022 03:04:25 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=41535200007297500951433012172026&actionid=981741&produktid=&dt_url=
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40028
X-IPLB-Request-ID
52C7822D:E3AC_91EFC182:01BB_6397EBB9_679DBD1:4673
index.html
www.parship.de/wplp/htlp/de/ Frame 756E
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=41535200007297500951433012172026&pv=1
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
  • https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c49c6e-7a92-11ed-9804-00155def0803ID
558 B
588 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c49c6e-7a92-11ed-9804-00155def0803ID
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=09ea3cec90&subid=&uid=472f7a5e393663d6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1754909309698679023%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dplxhds%26e%3D1524064857105&ancestorOrigins=https%3A%2F%2Fsholke.com%2Chttps%3A%2F%2Ffriends.in.ua&random=7750747787462&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17456f8db64aa1850fded220ab227c27b308fa5197c09e35cdf108b91a688bcd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
cdn-cache-control
max-age=30, stale-if-error=432000
cf-cache-status
HIT
cf-ray
778b78e8fd6b23c3-LHR
content-encoding
gzip
content-length
325
content-type
text/html; charset=utf-8
date
Tue, 13 Dec 2022 03:04:25 GMT
last-modified
Mon, 28 Feb 2022 14:30:12 GMT
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept-Encoding
x-content-type-options
nosniff
x-ua-compatible
IE=edge

Redirect headers

access-control-allow-origin
*
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 03:04:25 GMT
location
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c49c6e-7a92-11ed-9804-00155def0803ID
p3p
policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server
nginx
server-id
13
x-robots-tag
noindex, nofollow
request_content.php
hal900026.redintelligence.net/ Frame 7F93 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/request_content.php?s=41535200007297500951433012172026&a=2347597a
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=09ea3cec90&subid=&uid=472f7a5e393663d6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1754909309698679023%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dplxhds%26e%3D1524064857105&ancestorOrigins=https%3A%2F%2Fsholke.com%2Chttps%3A%2F%2Ffriends.in.ua&random=7750747787462&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
d811ae19b628a3b6de9262854c488d508c5c4c8d1dd265fdbaad5e21376c22e0

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2047
Content-Type
text/html; charset=utf-8
Date
Tue, 13 Dec 2022 03:04:25 GMT
Expires
Tue, 13 Dec 2022 03:04:25 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame 0CFC 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=41535200007297500951433012172026&pv=1
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=plxhds&e=1524064857105
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.67.134.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-134-223.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:25 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
native.png
ad-server.eu/wm/pb/ Frame 0CFC
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=41535200007297500951433012172026
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=41535200007297500951433012172026
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=plxhds&e=1524064857105
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:07:44 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Tue, 13 Dec 2022 03:04:25 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
52C7822D:E3C6_91EFC182:01BB_6397EBB9_67959EF:4674
X-IPLB-Instance
40028
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
async_usersync.html
acdn.adnxs.com/dmp/ Frame 32F1 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=plxhds&e=1524064857105
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-189.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 13 Dec 2022 03:04:25 GMT
ETag
"623de86a-cf34"
Expires
Wed, 14 Dec 2022 03:04:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rd_log
ams3-ib.adnxs.com/ Frame 0CFC 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QKeEvBMHgkAAAMA1gAFAQi419-cBhCBsJfr8ua1vikYvI6Ztpziz4BuKjYJy7kUV5V9lz8RQhwM8R89kz8ZAAAAQDMzwz8hQhwM8R89kz8py7kJJAAxARv0NAHheoQ_MIrYrwo4mFBAHUgIUKaQu7YBWIuylQFgAGj-4LABeJvzBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEv8gIaChNbQklEX0FUVFIuZXhjaGFuZ2VdEgNhcG7yAiYKD1tSQU5ET01fTlVNQkVSXRITMTc1NDkwOTMwOTY5ODY3OTAyM_ICzQEKGltVTkVOQ09ERURfQ0xJQ0tfUkVESVJFQ1RdEq4BaHR0cHM6Ly9waXhlbC5tYXRodGFnLmNvbS9jbGljay9pbWc_ZXhjaF9haWQ9NDM2MTUxNDQxOTgxMjEzODk0MCZtdF9haWQ9MTc1NDkwOTMwOTYRfjQmbXRfaWQ9NjYyMjM5NgEOJGFkaWQ9MjE2NTMFDyhzaWQ9NDU2MjMxMgEeFGV4aWQ9MQk3EG5hcHA9BV1Eb3M9JnJlZGlyZWN0PfICFwoTORc8Z2Rwcl9zdHJdEgDyAhkKFDoaADxmbGFnXRIBMPICHgoUW0FEKUwwYWR2ZXJ0aXNlcl0SBgmNEPICHQoSFSEsY3JlYXRpdmVdEgc2CbwQ8gIoChEZXRxiaWRfaWRdElZzAZDFCgoSW05PVElGSUNBVElPTl9VUkldEq4KPGltZyBzcmM9aHR0JfModGFncy5tYXRodGEpcyhub3RpZnkvaW1nPyF0GD1hcG4mc18VC_BGaWQ9NWFXOTVxMmpMekl6THlBdlRXcEthMDVFWkdsT1YxbDBXbFJCTUUxRE1XaGFWMFpvVEZSQmQwMUVRWFJOUkVGM1RVUkIJEARkTgEQ8MlMekUzTlRRNU1Ea3pNRGsyT1RnMk56a3dNak12TmpZeU1qTTVOaTgwTlRZeU16RXlMekV6TDFsQlFVUlJhRWQzUzE5NlpISk9ZMDlUTW0xbWRsUTVMVFU0V1RsUk1GQjNhelowVEd4MWJtZE9ibWN2TVM4eE15OHdMekF2T1RVMk9EQXpMekV6T0RnNE1EWTNNREV2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlJFRjNUVVJCZDAxRVFYUk5SRUYzVFVNd2QwAeQIZE1WESAARQUQBeQAVBX0DGN2TUMJfAkIZvwAyFlXMXpMekF2TXpndk1UWXZPVGs1THpNeU1pODRNaTR4T1RrdU1UTXdMakF2TUM0d01EQQEoZDNNRGt3TURZMk5DOHhOamN3T1RFek1qWTBMITgIekV3BQzody9YNTFydVp3a0k5X3ROZVZCQkxoVUtoUENTdFkmbm9kZWlkPTMzMDkmZ3JvdXA9Y2RnJmF1Y3Rpb25hIkpqAxBwYnNfYXIiACBzaGFyZGtleT1OPwAuiQMAY32zPGJwPWFfYWNjamVhJm1pbl9B-SB3aW49JHtBVUNF2_CVTUlOX1RPX1dJTn0mbmZ5X2FjdD1MRDV3ZXcmYmZpcD0xODUuMjkuMTM1LjYyJnR5cGU9aW1wJmNsaWVudD1jMnMgd2lkdGg9MSBoZWlnaHQ9MT5ceDNDZGl2IHdpZHRoPScxJyBoZWlnaHQ9JzEnIHN0eWxlPSdkaXNwbGF5Om5vbmU7IG92ZXJmbG93OmhpZGRlbic-AUNlbQB0BS40bGVmdDotMTBweDt0b3ANChAgcG9zaSFTJDphYnNvbHV0ZSdlnQwnaHR0ZZ4McGl4ZTYSBRRldmVudC9hnonaGDEzNjg4NzWBvJHaFDc2NCZ2MYHGBHYyUmsBLHYzPTY1MTg3MSZ2NJX9BHY1LiYFRG5zeW5jPTEmbm9fYXR0cj0xJy0lACc2DAEELz5S6AAAORHnAQmC5gBChAQZ5QB0Ia4obW1JbXBUcmFjayaViABiWoYCBHN0FdI4dGltZT1bSU1QX0FUVFIuAQ8AXS7aAnLTAPB5L2Rpdj6AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuNDWoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKbh3liIBQGYBQCgBbz_ld2ayM3DPMAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AG-asB2gYWChAJEhkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBkkgCLoHDwFSSBgAIAAwADi6BkAAyAeb8wXSBw0VgAFBCNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=baa391f27c3a3558cbecef3d525bddc0ffbab506&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dplxhds%26e%3D1524064857105,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dplxhds%26e%3D1524064857105&
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=plxhds&e=1524064857105
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:25 GMT
AN-X-Request-Uuid
cfb97e71-df2d-4023-bd52-9cf3fb150b0f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view.aspx
pb.media01.eu/ Frame 2C12
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=29815100008565000951433012172006&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=29815100008565000951433012172006&actionid=981741&produktid=&dt_url=
0
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=29815100008565000951433012172006&actionid=981741&produktid=&dt_url=
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=78aec0932c&subid=&uid=ef3f315eae9a66bd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7519516833810243741%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dsutyqaxnfc%26e%3D1524064857105&ancestorOrigins=https%3A%2F%2Fsholke.com%2Chttps%3A%2F%2Ffriends.in.ua&random=5908056464903&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 03:04:25 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Tue, 13 Dec 2022 04:04:25 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

Content-Length
0
Content-Type
application/javascript
Date
Tue, 13 Dec 2022 03:04:25 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=29815100008565000951433012172006&actionid=981741&produktid=&dt_url=
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40028
X-IPLB-Request-ID
52C7822D:E3A2_91EFC182:01BB_6397EBB9_67959EE:4674
index.html
www.parship.de/wplp/htlp/de/ Frame A0CE
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=29815100008565000951433012172006&pv=1
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
  • https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e4d0-7a92-11ed-a9e4-00155def0803ID
558 B
586 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e4d0-7a92-11ed-a9e4-00155def0803ID
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=78aec0932c&subid=&uid=ef3f315eae9a66bd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7519516833810243741%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dsutyqaxnfc%26e%3D1524064857105&ancestorOrigins=https%3A%2F%2Fsholke.com%2Chttps%3A%2F%2Ffriends.in.ua&random=5908056464903&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17456f8db64aa1850fded220ab227c27b308fa5197c09e35cdf108b91a688bcd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
cdn-cache-control
max-age=30, stale-if-error=432000
cf-cache-status
HIT
cf-ray
778b78e8fd6d23c3-LHR
content-encoding
gzip
content-length
325
content-type
text/html; charset=utf-8
date
Tue, 13 Dec 2022 03:04:25 GMT
last-modified
Mon, 28 Feb 2022 14:30:12 GMT
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept-Encoding
x-content-type-options
nosniff
x-ua-compatible
IE=edge

Redirect headers

access-control-allow-origin
*
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 03:04:25 GMT
location
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e4d0-7a92-11ed-a9e4-00155def0803ID
p3p
policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server
nginx
server-id
13
x-robots-tag
noindex, nofollow
request_content.php
hal90006.redintelligence.net/ Frame 1A9C 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90006.redintelligence.net/request_content.php?s=29815100008565000951433012172006&a=79596e9a
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=78aec0932c&subid=&uid=ef3f315eae9a66bd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7519516833810243741%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dsutyqaxnfc%26e%3D1524064857105&ancestorOrigins=https%3A%2F%2Fsholke.com%2Chttps%3A%2F%2Ffriends.in.ua&random=5908056464903&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
046cbfa5a2f211d1b0d39749ec436ffb30424d3aa9ccab4a3f8aaa6e033fecc3

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2049
Content-Type
text/html; charset=utf-8
Date
Tue, 13 Dec 2022 03:04:25 GMT
Expires
Tue, 13 Dec 2022 03:04:25 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame C176 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=29815100008565000951433012172006&pv=1
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=sutyqaxnfc&e=1524064857105
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.67.134.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-134-223.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:25 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
native.png
ad-server.eu/wm/pb/ Frame C176
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29815100008565000951433012172006
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=29815100008565000951433012172006
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=sutyqaxnfc&e=1524064857105
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:07:44 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Tue, 13 Dec 2022 03:04:25 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
52C7822D:E3AC_91EFC182:01BB_6397EBB9_679DBD7:4673
X-IPLB-Instance
40028
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
rd_log
ams3-ib.adnxs.com/ Frame C176 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QKQFeiQCgAAAwDWAAUBCLjX35wGEPmZ4sOj45z7MRgAKjYJy7kUV5V9lz8RQhwM8R89kz8ZAAAAQDMzwz8hQg0SACkRJAAxARv0NAHheoQ_MIrYrwo4mFBAHUgIUKaQu7YBWIuylQFgAGj-4LABeOHxBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEv8gIaChNbQklEX0FUVFIuZXhjaGFuZ2VdEgNhcG7yAiYKD1tSQU5ET01fTlVNQkVSXRITNzUxOTUxNjgzMzgxMDI0Mzc0MfICzQEKGltVTkVOQ09ERURfQ0xJQ0tfUkVESVJFQ1RdEq4BaHR0cHM6Ly9waXhlbC5tYXRodGFnLmNvbS9jbGljay9pbWc_ZXhjaF9haWQ9MjQ3NDMwNzg5MDc1NDEwNzc1MyZtdF9haWQ9NzUxOTUxNjgzMzgRfjQmbXRfaWQ9NjYyMjM5NgEOJGFkaWQ9MjE2NTMFDyhzaWQ9NDU2MjMxMgEeFGV4aWQ9MQVSGGluYXBwPTABFkRvcz0mcmVkaXJlY3Q98gIXChM5FzxnZHByX3N0cl0SAPICGQoUOhoAPGZsYWddEgEw8gIeChRbQUQpTDBhZHZlcnRpc2VyXRIGCY0Q8gIdChIVISxjcmVhdGl2ZV0SBzYJvBDyAigKERldHGJpZF9pZF0SVnMBkL8NChJbTk9USUZJQ0FUSU9OX1VSSV0SqA08aW1nIHNyYz1odHQl8yh0YWdzLm1hdGh0YSlzKG5vdGlmeS9pbWc_IXQYPWFwbiZzXxUL0GlkPTVhVzk1cTJqTHpJekx5QXZUa2ROZUUxSFdUVlBSMDEwVFVSQmQwMURNSGROUkVGM1RGBRAQRVFYUk4FEABVERAJIPC8THpjMU1UazFNVFk0TXpNNE1UQXlORE0zTkRFdk5qWXlNak01Tmk4ME5UWXlNekV5THpFekwxbEJRVVJSYUVkM1MxOTZaSEpPWTA5VE1tMW1kbE5DTUZSVFFuaFlhekprVFRVMGFWRTJVMUY0Y1RBdk1TOHhNeTh3THpBdk9UVTJPREF6THpFek9EZzRNRFkzTURFdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRFdQMTXdkMAHkCGRNVhEgAEUFEDr0AAxjdk1DCXwJCGb8AMhlbkpvTHpBdk16Z3ZNVFl2T1RrNUx6TXlNaTg0TWk0eE9Ua3VNVE13TGpBdk1DNHdNREEBKGQzTURrd01EWTJOQzh4Tmpjd09URXpNalkwTCE4CHpFdwUM8D53L1MyZGYydGtMaU1yYTRmNzMxMmpzbUxfUE9TRSZub2RlaWQ9Mzc0NyZncm91cD16cmgmYXVjdGlvbmlkPTdKagMQcGJzX2FyIgAcc2hhcmRrZXlSPwAuiQMAY32zPGJwPWFfYWNjamVhJm1pbl9B-SR3aW49JHtBVUNUQdvwZU1JTl9UT19XSU59Jm5meV9hY3Q9TEQ1d2V3JmJmaXA9MTg1LjI5LjEzMi45OCZ0eXBlPWltcCZjbGllbnQ9YzJzIHdpZHRoPTEgaGVpZ2h0PTE-XHgzQ3NjcmlwdCBzcmM9J2h0dGUuNHMudXBkYXRlLm1lZGlhLjcDYDIvNjE5NjIxL2FuYWx5dGljcy5qcz9kdD0JF2QxNTU2MTQwMjQ2NzQwMDAwJnBkPWF2dCZkaWmKDCUzQS86fwUwJnVpPTRjMTBmOThjLQE0OgUAEQEYJmFwPSZ0aVJVAchwdj1kZDRmZmZlMy1mYjE1LTRjODAtYWJjOC04YTAwNGMwYjYzNmImcHA9MTAyNjQmc3KB_qhkZT00MzAwMyZzaT01NjI2ODkxJmRtPTMwMHg2MDAmYWM9NjUxODcxJmNytVsEYWmxVgRjMbVSHHIxPTgyLjE5IX5kMC4wJnIyPSZyMz0nIGFzeW5jPSd0cnVlJz4hbggvc2MhbwUMCGRpdi2TDCcxJyAtlQELkHN0eWxlPSdkaXNwbGF5Om5vbmU7IG92ZXJmbG93OmhpZGRlbicFQ4XnCS40bGVmdDotMTBweDt0b3ANChAgcG9zaUHNJDphYnNvbHV0ZSelFzXqDHBpeGU2jAYUZXZlbnQvoRjJVBgxMzY4ODc1wSDRVBQ3NjQmdjEhQgR2MlKQAQR2MzE6BHY0NSUEdjU1RQxtdF9uJRosMSZub19hdHRyPTEnVgwBAC9W6AAAORHnAQmC5gAAdD7-BRnlAHRhKChtbUltcFRyYWNrJtUCAGJaAAQEc3QV0jh0aW1lPVtJTVBfQVRUUi4BDwBdLlQEctMA8EMvZGl2PoADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNOFl08FI0NagEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAEppC7tgGIBQGYBQCgBeny4OqsvaCrIsAFAMkFAAAAAAAA8D_SBQkJAAUMeAAA2AUB4AUB8AWL60v6BQQIABAAkAYAmAYAuAYAwQYJJCzwP9AG-asB2gYWChAJEhkBYBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBjZlWgi6Bw8BUggYACABrjC6BkAAyAfh8QXSBw0JEUMBQQjaBwYJJ2jgBwDqBwIIAPAH7vYDiggCEACVCAAAgD-YCAE.&s=7cbdab6ac58010c74bb34f9e19f353668a60176c&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dsutyqaxnfc%26e%3D1524064857105,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dsutyqaxnfc%26e%3D1524064857105&
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=sutyqaxnfc&e=1524064857105
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:25 GMT
AN-X-Request-Uuid
4f1ca5b2-8717-41f5-b2ac-77d2d9d8b431
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
postback
s.update.mediamathtag.com/2/2.86.0/619621/AbEq6EsHEPJOBfH7/ Frame C176 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.86.0/619621/AbEq6EsHEPJOBfH7/postback?oz_pl=1&ap=&ti=7519516833810243741&c1=4562312&ci=619621&ai=216536&dt=6196211556140246740000&sr=13&si=5626891&dm=300x600&ac=651871&cr=6622396&di=https%3A%2F%2Ffriends.in.ua%2F&ui=4c10f98c-0000-0000-0000-000000000000&pp=10264&r1=82.199.130.0&r2=&pd=avt&pv=dd4fffe3-fb15-4c80-abc8-8a004c0b636b&de=43003&r3=&_x=1
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//friends.in.ua/&ui=4c10f98c-0000-0000-0000-000000000000&ap=&ti=7519516833810243741&pv=dd4fffe3-fb15-4c80-abc8-8a004c0b636b&pp=10264&sr=13&de=43003&si=5626891&dm=300x600&ac=651871&cr=6622396&ai=216536&c1=4562312&r1=82.199.130.0&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 13 Dec 2022 03:04:24 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.update.mediamathtag.com/2/2.86.0/ Frame C176 		171 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.86.0/main.js
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//friends.in.ua/&ui=4c10f98c-0000-0000-0000-000000000000&ap=&ti=7519516833810243741&pv=dd4fffe3-fb15-4c80-abc8-8a004c0b636b&pp=10264&sr=13&de=43003&si=5626891&dm=300x600&ac=651871&cr=6622396&ai=216536&c1=4562312&r1=82.199.130.0&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4cf8b51ee99974fc1dcbb68bf4cf750c294a98ff687ca27a391151974145f4cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:24 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin
*
Content-Length
54882
Expires
Thu, 20 Aug 2054 19:13:25 GMT
view.aspx
pb.media01.eu/ Frame 1AA4
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=62272200006256900951433012172009&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=62272200006256900951433012172009&actionid=981741&produktid=&dt_url=
0
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=62272200006256900951433012172009&actionid=981741&produktid=&dt_url=
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=3f91bafc21&subid=&uid=5d765cb73672b556&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6366595329203396825%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dxixwrtz%26e%3D1524064857105&ancestorOrigins=https%3A%2F%2Fsholke.com%2Chttps%3A%2F%2Ffriends.in.ua&random=6099865048724&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 03:04:25 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Tue, 13 Dec 2022 04:04:25 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

Content-Length
0
Content-Type
application/javascript
Date
Tue, 13 Dec 2022 03:04:25 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=62272200006256900951433012172009&actionid=981741&produktid=&dt_url=
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40028
X-IPLB-Request-ID
52C7822D:E3A0_91EFC182:01BB_6397EBB9_67A5E98:4678
index.html
www.parship.de/wplp/htlp/de/ Frame 1E8B
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=62272200006256900951433012172009&pv=1
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
  • https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e336-7a92-11ed-b554-00155def0803ID
558 B
892 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e336-7a92-11ed-b554-00155def0803ID
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=3f91bafc21&subid=&uid=5d765cb73672b556&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6366595329203396825%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dxixwrtz%26e%3D1524064857105&ancestorOrigins=https%3A%2F%2Fsholke.com%2Chttps%3A%2F%2Ffriends.in.ua&random=6099865048724&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17456f8db64aa1850fded220ab227c27b308fa5197c09e35cdf108b91a688bcd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
cdn-cache-control
max-age=30, stale-if-error=432000
cf-cache-status
HIT
cf-ray
778b78e8fd6c23c3-LHR
content-encoding
gzip
content-length
325
content-type
text/html; charset=utf-8
date
Tue, 13 Dec 2022 03:04:25 GMT
last-modified
Mon, 28 Feb 2022 14:30:12 GMT
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept-Encoding
x-content-type-options
nosniff
x-ua-compatible
IE=edge

Redirect headers

access-control-allow-origin
*
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 03:04:25 GMT
location
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e336-7a92-11ed-b554-00155def0803ID
p3p
policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server
nginx
server-id
13
x-robots-tag
noindex, nofollow
request_content.php
hal90009.redintelligence.net/ Frame 5B6E 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/request_content.php?s=62272200006256900951433012172009&a=39f35660
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=qfqcwu936glt&nw=20&renderingType=javascript&namespace=3f91bafc21&subid=&uid=5d765cb73672b556&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6366595329203396825%26mt_id%3D6622396%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dxixwrtz%26e%3D1524064857105&ancestorOrigins=https%3A%2F%2Fsholke.com%2Chttps%3A%2F%2Ffriends.in.ua&random=6099865048724&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
a0184fae46bbb8cf85853992e0511bfbc9287e982165f7b43db574a956990b48

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2049
Content-Type
text/html; charset=utf-8
Date
Tue, 13 Dec 2022 03:04:25 GMT
Expires
Tue, 13 Dec 2022 03:04:25 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame 3428 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=62272200006256900951433012172009&pv=1
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=xixwrtz&e=1524064857105
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.67.134.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-134-223.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:25 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
native.png
ad-server.eu/wm/pb/ Frame 3428
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=62272200006256900951433012172009
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=62272200006256900951433012172009
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=xixwrtz&e=1524064857105
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:07:44 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Tue, 13 Dec 2022 03:04:25 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
52C7822D:E3C8_91EFC182:01BB_6397EBB9_67A5E99:4678
X-IPLB-Instance
40028
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
rd_log
ams3-ib.adnxs.com/ Frame 3428 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QKWEugWCQAAAwDWAAUBCLjX35wGEOXj9q6q8Kn7TRgAKjYJy7kUV5V9lz8RQhwM8R89kz8ZAAAAQDMzwz8hQg0SACkRJAAxARv0NAHheoQ_MIrYrwo4mFBAHUgIUKaQu7YBWIuylQFgAGj-4LABeND2BYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEv8gIaChNbQklEX0FUVFIuZXhjaGFuZ2VdEgNhcG7yAiYKD1tSQU5ET01fTlVNQkVSXRITNjM2NjU5NTMyOTIwMzM5NjgyNfICzQEKGltVTkVOQ09ERURfQ0xJQ0tfUkVESVJFQ1RdEq4BaHR0cHM6Ly9waXhlbC5tYXRodGFnLmNvbS9jbGljay9pbWc_ZXhjaF9haWQ9MTE5MzMzMzkzNzYyNjE1NjE0MSZtdF9haWQ9NjM2NjU5NTMyOTIRfjQmbXRfaWQ9NjYyMjM5NgEOJGFkaWQ9MjE2NTMFDyhzaWQ9NDU2MjMxMgEeGGV4aWQ9MTMBCxhpbmFwcD0wAQtEb3M9JnJlZGlyZWN0PfICFwoTORc8Z2Rwcl9zdHJdEgDyAhkKFDoaADxmbGFnXRIBMPICHgoUW0FEKUwwYWR2ZXJ0aXNlcl0SBgmNEPICHQoSFSEsY3JlYXRpdmVdEgc2CbwQ8gIoChEZXRxiaWRfaWRdElZzAZDFCgoSW05PVElGSUNBVElPTl9VUkldEq4KPGltZyBzcmM9aHR0JfModGFncy5tYXRodGEpcyhub3RpZnkvaW1nPyF0GD1hcG4mc18VC9BpZD01YVc5NXEyakx6SXpMeUF2VGtkTmVFMUhXVFZQUjAxMFRVUkJkMDFETUhkTlJFRjNURgUQEEVRWFJOBRAAVREQCSDwvEx6WXpOalkxT1RVek1qa3lNRE16T1RZNE1qVXZOall5TWpNNU5pODBOVFl5TXpFeUx6RXpMMWxCUVVSUmFFZDNTMTk2WkhKT1kwOVRNbTFtZG1VNGExaEVNMk01YURObVJub3lUbE5JTlVZMFgzTXZNUzh4TXk4d0x6QXZPVFUyT0RBekx6RXpPRGc0TURZM01ERXZNakUyTlRNMkx6WTFNVGczTVM4eEx6QXZNQzlOUkVGM1RVUkJkMDFFURXUDE13ZDAB5AhkTVYRIABFBRA69AAMY3ZNQwl8CQhm_ADIZW5Kb0x6QXZNemd2TVRZdk9UazVMek15TWk4NE1pNHhPVGt1TVRNd0xqQXZNQzR3TURBAShkM01Ea3dNRFkyTkM4eE5qY3dPVEV6TWpZMEwhOAh6RXcFDOh3L09TRDRrZEM1NTJjNFZEdWY1ZWVzNHU0VlM3VSZub2RlaWQ9Mzc0NyZncm91cD16cmgmYXVjdGlvbmFQSmoDEHBic19hciIAIHNoYXJka2V5PU4_AC6JAwBjAWNJ90AmYnA9YV9hY2NqZWEmbWluX0H5IHdpbj0ke0FVQ0Xb8JVNSU5fVE9fV0lOfSZuZnlfYWN0PUxENXdldyZiZmlwPTE4NS4yOS4xMzUuNjkmdHlwZT1pbXAmY2xpZW50PWMycyB3aWR0aD0xIGhlaWdodD0xPlx4M0NkaXYgd2lkdGg9JzEnIGhlaWdodD0nMScgc3R5bGU9J2Rpc3BsYXk6bm9uZTsgb3ZlcmZsb3c6aGlkZGVuJz4BQ2VtAHQFLjRsZWZ0Oi0xMHB4O3RvcA0KECBwb3NpIVMkOmFic29sdXRlJ2WdDCdodHRlngxwaXhlNhIFEGV2ZW50ZZ6J2hgxMzY4ODc1gaaR2hQ3NjQmdjGBxgR2MlJrASx2Mz02NTE4NzEmdjSV_QR2NS4mBURuc3luYz0xJm5vX2F0dHI9MSctJQAnNgwBBC8-UugAADkR5wEJguYAAHQ-hAQZ5QB0Ia4obW1JbXBUcmFjayaViABiQSNKhgIEc3QV0jh0aW1lPVtJTVBfQVRUUi4BDwBdLtoCctMA8HkvZGl2PoADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNODIuMTk5LjEzMC40NagEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAEpuHeWIgFAZgFAKAF7ZiA1czc5McQwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWL60v6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0Ab5qwHaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcGSSAIugcPAVJIGAAgADAAOLoGQADIB9D2BdIHDRWAAUEI2gcGCSdo4AcA6gcCCADwB-72A4oIAhAAlQgAAIA_mAgB&s=21a8c165c6a7fd14f87135d37cb8a3f289ebe4f8&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dxixwrtz%26e%3D1524064857105,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dxixwrtz%26e%3D1524064857105&
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=xixwrtz&e=1524064857105
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:25 GMT
AN-X-Request-Uuid
4b0d24cb-d66b-4f9c-b8c5-1c23767887f8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame 0CFC 		0
832 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLwCvBMcAUAAAMA1gAFAQi419-cBhCBsJfr8ua1vikYvI6Ztpziz4BuKjYJy7kUV5V9lz8RQhwM8R89kz8ZAAAAQDMzwz8hQhwM8R89kz8py7kJJAAxARv04gHheoQ_MIrYrwo4mFBAHUgIUKaQu7YBWIuylQFgAGj-4LABeJvzBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEvgAMAiAMBkAMAmAMXoAMBqgPTBgqKBmh0dHA6Ly90YWdzLm1hdGh0YWcuY29tL25vdGlmeS9pbWc_ZXhjaD1hcG4mc19leGNoPWFwbiZpZD01YVc5NXEyakx6SXpMeUF2VFdwS2EwNUVaR2xPVjFsMFdsUkJNRTFETVdoYVYwWm9URlJCZDAxRVFYUk5SRUYzVFVSQmQwMUVRWGROUkVGM0x6RTNOVFE1TURrek1EazJPVGcyTnprd01qTXZOall5TWpNNU5pODBOVFl5TXpFeUx6RXpMMWxCUVVSUmFFZDNTMTk2WkhKT1kwOVRNbTFtZGxFelMyZ3pjbDlGVDB4YVlXNUhNM2xZU2pkRGRXOHZNUzh4TXk4d0x6QXZPVFUyT0RBekx6RXpPRGc0TURZM01ERXZNakUyTlRNMkx6WTFNVGczTVM4eEx6QXZNQzlOUkVGM1RVUkJkMDFFUVhSTlJFRjNUVU13ZDAF1ARNVhHkAEUFEAROUhEQJQQMY3ZNQwl8CQgURTNOVFE1TvwAyFlXMXpMekF2TXpndk1UWXZPVGs1THpNeU1pODRNaTR4T1RrdU1UTXdMakF2TUM0d01EQQEoYDNNRGt3TURZMk5DOHhOamN3T1RFek1qWTAlOAh6RXcFDPBYdy9IY1RJZ04xV1VpQzB2STlaNGhmYWFjZmpLTDgmbm9kZWlkPTMzMDkmZ3JvdXA9Y2RnJmF1Y3Rpb25pZD0xNzU0OTA5MzA5Njk4Njc5MDIzJnBic19hdWNqIgAcc2hhcmRrZXlWPwDwfXJpY2U9JHtBVUNUSU9OX1BSSUNFfSZicD1hX2FjY2plYSZuZnlfYWN0PUxENXdmM1UmYmZpcD0xODUuMjkuMTM1LjYyJnNpZD00NTYyMzEyJmNpZD02NjIyMzk2JnNyYz1hcGkmdHlwZT1udXJsJmNsaWVudD1zMnMSEzE3NT7PAKgaEzI5ODk1MDA4ODQ2NTE5ODg5OTMiCTM4MjY1MDQwNioGMTAxOTM2Ogc2CWPwYcADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNODIuMTk5LjEzMC40NagEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAEhTBYiAUBmAUAoAW8_5XdmsjNwzzABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBYvrS_oFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBvmrAdoGFgoQCRIZAYAQABgA4AYB8gYCCACABwGIBwCgBwGqBwY2NTE4NzG6Bw8BUkgYACAAMAA4ugZAAMgHm_MF0gcNFYABQQjaBwYJJ2jgBwDqBwIIAPAH7vYDiggCEACVCAAAgD-YCAE.&s=8c3c0f59e2ca9883f077cfc6961856fd99f76b34&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=8161336941620652340&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:25 GMT
AN-X-Request-Uuid
1d9cc815-1ddf-41bc-8b71-2ccc490e0906
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame C176 		0
832 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLoCuhoBQAAAwDWAAUBCLjX35wGEPmZ4sOj45z7MRgAKjYJy7kUV5V9lz8RQhwM8R89kz8ZAAAAQDMzwz8hQg0SACkRJAAxARv0BQHheoQ_MIrYrwo4mFBAHUgIUKaQu7YBWIuylQFgAGj-4LABeOHxBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEvgAMAiAMBkAMAmAMXoAMBqgPTBgqKBmh0dHA6Ly90YWdzLm1hdGh0YWcuY29tL25vdGlmeS9pbWc_ZXhjaD1hcG4mc19leGNoPWFwbiZpZD01YVc5NXEyakx6SXpMeUF2VGtkTmVFMUhXVFZQUjAxMFRVUkJkMDFETUhkTlJFRjNURlJCZDAxRVFYUk5SARAMVVJCZAUQ8LZkTlJFRjNMemMxTVRrMU1UWTRNek00TVRBeU5ETTNOREV2TmpZeU1qTTVOaTgwTlRZeU16RXlMekV6TDFsQlFVUlJhRWQzUzE5NlpISk9ZMDlUTW0xbWRsSm9kSEZwTVY5MFVuTTFYelEwWWxaVGNqRkhjVUV2TVM4eE15OHdMekF2T1RVMk9EQXpMekV6T0RnNE1EWTNNREV2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlIyxAAAUgXEDFRVTXcN1ARNVhEgDEUxRVEN5Bn0FGN2TUM4dwF8CQhm_AAMZW5KbwUo8E96Z3ZNVFl2T1RrNUx6TXlNaTg0TWk0eE9Ua3VNVE13TGpBdk1DNHdNREF2TVRZM01Ea3dNRFkyTkM4eE5qY3dPVEV6TWpZMEx6RXpMekV3TQEM8Fh3L2NLTXlWUFMxTVV2M0FGTUZ6Q2dBLVpMT3RCOCZub2RlaWQ9Mzc0NyZncm91cD16cmgmYXVjdGlvbmlkPTc1MTk1MTY4MzM4MTAyNDM3NDEmcGJzX2F1Y2oiABxzaGFyZGtleVY_APB9cmljZT0ke0FVQ1RJT05fUFJJQ0V9JmJwPWFfYWNjamVhJm5meV9hY3Q9TEQ1d2YzVSZiZmlwPTE4NS4yOS4xMzIuOTgmc2lkPTQ1NjIzMTImY2lkPTY2MjIzOTYmc3JjPWFwaSZ0eXBlPW51cmwmY2xpZW50PXMycxITNzUxPs8AqBoTMzYwMDE5MTUwODU4MzA1ODY4MSIJMzgyNjUwNDA2KgYxMDE5MzY6BzYJY_BhwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA04Mi4xOTkuMTMwLjQ1qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASFMFiIBQGYBQCgBeny4OqsvaCrIsAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AG-asB2gYWChAJEhkBgBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBjY1MTg3MboHDwFSSBgAIAAwADi6BkAAyAfh8QXSBw0VgAFBCNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=a3a498075133b556cff670a0518183e1df1d9c4d&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=8161336941620652340&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:25 GMT
AN-X-Request-Uuid
e5a8d317-78e7-45ff-8eaf-970613ac66d7
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame 3428 		0
832 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLoCuhoBQAAAwDWAAUBCLjX35wGEOXj9q6q8Kn7TRgAKjYJy7kUV5V9lz8RQhwM8R89kz8ZAAAAQDMzwz8hQg0SACkRJAAxARv0BQHheoQ_MIrYrwo4mFBAHUgIUKaQu7YBWIuylQFgAGj-4LABeND2BYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEvgAMAiAMBkAMAmAMXoAMBqgPTBgqKBmh0dHA6Ly90YWdzLm1hdGh0YWcuY29tL25vdGlmeS9pbWc_ZXhjaD1hcG4mc19leGNoPWFwbiZpZD01YVc5NXEyakx6SXpMeUF2VGtkTmVFMUhXVFZQUjAxMFRVUkJkMDFETUhkTlJFRjNURlJCZDAxRVFYUk5SARAMVVJCZAUQ8LZkTlJFRjNMell6TmpZMU9UVXpNamt5TURNek9UWTRNalV2TmpZeU1qTTVOaTgwTlRZeU16RXlMekV6TDFsQlFVUlJhRWQzUzE5NlpISk9ZMDlUTW0xbWRscHBNelJzVm5BM1NtOTVOSHBtVEZSS1dFWjJiR3N2TVM4eE15OHdMekF2T1RVMk9EQXpMekV6T0RnNE1EWTNNREV2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlIyxAAAUgXEDFRVTXcN1ARNVhEgDEUxRVEN5Bn0FGN2TUM4dwF8CQhm_AAMZW5KbwUo8E96Z3ZNVFl2T1RrNUx6TXlNaTg0TWk0eE9Ua3VNVE13TGpBdk1DNHdNREF2TVRZM01Ea3dNRFkyTkM4eE5qY3dPVEV6TWpZMEx6RXpMekV3TQEM8Fh3L3ZxRnR4R29NTzBXVE12U292RGdVaFFWN3BCNCZub2RlaWQ9Mzc0NyZncm91cD16cmgmYXVjdGlvbmlkPTYzNjY1OTUzMjkyMDMzOTY4MjUmcGJzX2F1Y2oiABxzaGFyZGtleVY_APB9cmljZT0ke0FVQ1RJT05fUFJJQ0V9JmJwPWFfYWNjamVhJm5meV9hY3Q9TEQ1d2YzVSZiZmlwPTE4NS4yOS4xMzUuNjkmc2lkPTQ1NjIzMTImY2lkPTY2MjIzOTYmc3JjPWFwaSZ0eXBlPW51cmwmY2xpZW50PXMycxITNjM2Ps8AqBoTNTYxNzg2MTc2NDc2MTYyOTE1NyIJMzgyNjUwNDA2KgYxMDE5MzY6BzYJY_BhwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA04Mi4xOTkuMTMwLjQ1qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASFMFiIBQGYBQCgBe2YgNXM3OTHEMAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AG-asB2gYWChAJEhkBgBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBjY1MTg3MboHDwFSSBgAIAAwADi6BkAAyAfQ9gXSBw0VgAFBCNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=2e90f588b6df36e843abc5521b57ae288fec5ad0&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=8161336941620652340&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:25 GMT
AN-X-Request-Uuid
7a5a3e4b-a3c0-498d-a4fc-ce43830d9f34
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/adfserve/ Frame 2FF4 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=58871330;rtbwp=awkkLAPbe_0lwkEx38vCJ4JzsA9WBZfr8M4wPg;rtbdata=xyM5PMf_e7HMNJiEZyaoh34DzZ_1c6RvttvmmmYAHQrjw8f5yuW2b98e2NGQNPpHo6lrrtXl9r10TwS1CH1FAv18cWo3qXfQQQj86ERciR9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufZ2yZ_uCUCXkYy9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRvJX2KMh671VyeheoegvN1zZPSVCRcBPzE1;js=1;adfxid=1x;7973;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ffriends.in.ua
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9ad687807321452b0610d488442ff3d2985aea4d8ea47c042bc1fee01d5c6fe0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2217
expires
-1
/
track.adform.net/adfserve/ Frame 3443 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=58441608;rtbwp=fDlGELgw_LYpPWbcaRLTo71WBq8Wwe88HLYMgA;rtbdata=EgHIUscw8nuwzdRJYb7m9YozsmgFr4h66kkrem_n4pWYKyY27RLn2--7UQrQavP22hj6R4ZnCmZlEYXDnAyctXSPuRfwq2U-0tZ2gHoqt3dwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufbTxdNCFNgtsYy9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRvJX2KMh671V4KLMr5O4ZVNZPSVCRcBPzE1;js=1;adfxid=2x;2474;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ffriends.in.ua
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
71cf32b72e7ba3d86950ab7ba544e2744b53d885b3230272a9c70e732ef3f9ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2229
expires
-1
css
fonts.googleapis.com/ Frame 7F93 		4 KB
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=41535200007297500951433012172026&a=2347597a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Dec 2022 03:04:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 02:03:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Dec 2022 03:04:25 GMT
/
hal9000.redintelligence.net/scale/ Frame 7F93 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=41535200007297500951433012172026&a=2347597a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
ccc060ff9befb6e531d0c1eb0131436c3aca774c1e166f38460d5da86116a902

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:25 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
51128
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 7F93 		93 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=41535200007297500951433012172026&a=2347597a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
751bf52105d41100531cfd0879ade4c5af4ad8062af7a4e98c2de400379b7240

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:25 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 7F93 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_1200x627.jpg
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=41535200007297500951433012172026&a=2347597a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
8d3e0a03224a6b4337ccb2119188643951d7fb506bba41a9e32188b16be8c922

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:25 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
34970
Vary
Accept-Encoding
Content-Type
image/png
postback
s.update.mediamathtag.com/2/2.86.0/619621/AbEq6EsHEPJOBfH7/ Frame C176 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.86.0/619621/AbEq6EsHEPJOBfH7/postback?oz_pl=1&ap=&ti=7519516833810243741&c1=4562312&ci=619621&ai=216536&dt=6196211556140246740000&sr=13&si=5626891&dm=300x600&ac=651871&cr=6622396&di=https%3A%2F%2Ffriends.in.ua%2F&ui=4c10f98c-0000-0000-0000-000000000000&pp=10264&r1=82.199.130.0&r2=&pd=avt&pv=dd4fffe3-fb15-4c80-abc8-8a004c0b636b&de=43003&r3=&_x=1
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//friends.in.ua/&ui=4c10f98c-0000-0000-0000-000000000000&ap=&ti=7519516833810243741&pv=dd4fffe3-fb15-4c80-abc8-8a004c0b636b&pp=10264&sr=13&de=43003&si=5626891&dm=300x600&ac=651871&cr=6622396&ai=216536&c1=4562312&r1=82.199.130.0&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 13 Dec 2022 03:04:24 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
css
fonts.googleapis.com/ Frame 1A9C 		4 KB
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=29815100008565000951433012172006&a=79596e9a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Dec 2022 03:04:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 02:14:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Dec 2022 03:04:25 GMT
/
hal9000.redintelligence.net/scale/ Frame 1A9C 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=29815100008565000951433012172006&a=79596e9a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
ccc060ff9befb6e531d0c1eb0131436c3aca774c1e166f38460d5da86116a902

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:25 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
51128
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 1A9C 		93 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=29815100008565000951433012172006&a=79596e9a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
751bf52105d41100531cfd0879ade4c5af4ad8062af7a4e98c2de400379b7240

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:25 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 1A9C 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_1200x627.jpg
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=29815100008565000951433012172006&a=79596e9a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
8d3e0a03224a6b4337ccb2119188643951d7fb506bba41a9e32188b16be8c922

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:25 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
34970
Vary
Accept-Encoding
Content-Type
image/png
css
fonts.googleapis.com/ Frame 5B6E 		4 KB
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=62272200006256900951433012172009&a=39f35660
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Dec 2022 03:04:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 03:04:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Dec 2022 03:04:25 GMT
/
hal9000.redintelligence.net/scale/ Frame 5B6E 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=62272200006256900951433012172009&a=39f35660
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
ccc060ff9befb6e531d0c1eb0131436c3aca774c1e166f38460d5da86116a902

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:25 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
51128
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 5B6E 		93 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=62272200006256900951433012172009&a=39f35660
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
751bf52105d41100531cfd0879ade4c5af4ad8062af7a4e98c2de400379b7240

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:25 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 5B6E 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_1200x627.jpg
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=62272200006256900951433012172009&a=39f35660
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
8d3e0a03224a6b4337ccb2119188643951d7fb506bba41a9e32188b16be8c922

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:25 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
34970
Vary
Accept-Encoding
Content-Type
image/png
/
track.adform.net/adfserve/ Frame 84E2 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=56588294;rtbwp=5gcch0fRL-fyzPOzRMHXEzR4Q1prnYd_Tc_oQQ;rtbdata=dVWYmnj-zflUAf1Txsqp5Ub7XDhUkMlG3XZz0AVMArHLfvca8RlJqeJP3jCI3qERBLOwN9YqiXvKc8PD78MKgOVRhDgrzx29I415sj83Pk1wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufYfohmA3MpgH4y9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRvJX2KMh671V6EuVBWCp8k1ZPSVCRcBPzE1;js=1;adfxid=3x;7207;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ffriends.in.ua
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f1f61b10a0645c5356fceeefc138dff4a4625d75d9cea1b09cad48b86dc37b32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2228
expires
-1
postback
s.update.mediamathtag.com/2/2.86.0/619621/AbEq6EsHEPJOBfH7/ Frame C176 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.86.0/619621/AbEq6EsHEPJOBfH7/postback?ap=&ti=7519516833810243741&c1=4562312&ci=619621&ai=216536&dt=6196211556140246740000&sr=13&si=5626891&dm=300x600&ac=651871&cr=6622396&di=https%3A%2F%2Ffriends.in.ua%2F&ui=4c10f98c-0000-0000-0000-000000000000&pp=10264&r1=82.199.130.0&r2=&pd=avt&pv=dd4fffe3-fb15-4c80-abc8-8a004c0b636b&de=43003&r3=&sid=AbEq6EsHEPJOBfH7&oz_sc=bcd85f1d2af917c22593c7bf&oz_df=1670900665398&oz_l=217&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.86.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 13 Dec 2022 03:04:24 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
async_usersync
ib.adnxs.com/ Frame 32F1 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:25 GMT
AN-X-Request-Uuid
db05d8eb-878c-4e10-b323-1c40ec3d7615
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/adfserve/ Frame C5EF 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=57837237;rtbwp=OlbxoM4ZynxiPucwEpyFw0J3LY6zy__IX4olQQ;rtbdata=3XPskYh16vZAUWZvSzSZLSx2mumz4b3pnxOBaxOs8ORSUNHAL37Y06Q-fy_RuKbl2l5BmovERcqYjHBVjaY4p6BKed6m-K1obc5MbjISijVwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufaKYl9twExy74y9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRuru07Cw_7F_YKLMr5O4ZVNZPSVCRcBPzE1;js=1;adfxid=4x;2619;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ffriends.in.ua
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3f97196abc05431efe376e2576d7fe7acd76cce8644b62a0c38bb5ab8dd714d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2224
expires
-1
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 2FF4 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 08:06:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 14 Dec 2022 06:25:15 GMT
/
track.adform.net/adfserve/ Frame D238 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=57837237;rtbwp=OKUyPh807jSpmgUKHWyEtdCzZce2ZXAhmC4kkA;rtbdata=NNFYuMWAQnPtYeQBp6e04dSs5SUnb2g2AkyxuufZQ5Odtdw1azOZnBj85PPOzRRFVyT7TpbVGOI6SIahnz3ghiwtjqI06TEx9DrP2HGGHdFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufZjZDel7w-fQoy9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRuru07Cw_7F_aEuVBWCp8k1ZPSVCRcBPzE1;js=1;adfxid=5x;8061;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ffriends.in.ua
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0f8e985d5a1ae9dc83e399713db9778b284256e4b88f0ac10e9ee55727fa86eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2219
expires
-1
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 3443 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 08:06:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 14 Dec 2022 06:25:15 GMT
/
track.adform.net/adfserve/ Frame D412 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=57894125;rtbwp=soOWlH_GRzEhG-lZ9sNIVtsf1mAa9AEH6gpAbg;rtbdata=kOehyWS82X-DhlkeCd3s0lcsotEki1H2s1GwlNU0x3zUjXYRxN4kjsaVYKlH7quXcD7RnWuKfmsDrig4-qo_N9l_KU8WH-XRSwmGgMrdL3twGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufaxTtEYB4XzvIy9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRvJX2KMh671V4KLMr5O4ZVNZPSVCRcBPzE1;js=1;adfxid=6x;8989;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ffriends.in.ua
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1563d03e3be2260354796af9aaf4526a96a6ac554badbd372183a4214308ce5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2220
expires
-1
c72c7803-0d45-4093-a063-61684222e8d0
https://sholke.com/ Frame 5BCC 		185 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://sholke.com/c72c7803-0d45-4093-a063-61684222e8d0
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=sutyqaxnfc&e=1524064857105
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c5a61134a6532a5623e5055442e4b88e247c0a5c8b0f8c1a9c6e2bfba6bf422c

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
185
Content-Type
application/javascript
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 84E2 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 08:06:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 14 Dec 2022 06:25:15 GMT
/
track.adform.net/csimpr/ Frame 2FF4 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=58871330&csi=tP5mOb0EusAx72B6yzCxSa-1iTFbtf52paXKYiRP-77ZKGWOLEEutt6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
55972220.png
s1.adform.net/Banners/55972220/ Frame 2FF4 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/55972220/55972220.png?bv=2
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b2d284602d2d27bad157f100cbf68798f37236b4597cfcded6c62f2e54e6240e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
last-modified
Thu, 20 Oct 2022 10:43:53 GMT
server
nginx
x-amz-request-id
tx0000001e81197ce15dfe5-006397b329-329373d4-default
etag
"d43a8a69285b7bc975e99d5980378c81"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
34944
viewability
hal90006.redintelligence.net/ Frame 1A9C 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90006.redintelligence.net/viewability?s=29815100008565000951433012172006&a=2a84c89b&vb=m
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=29815100008565000951433012172006&a=79596e9a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hal90006.redintelligence.net/request_content.php?s=29815100008565000951433012172006&a=79596e9a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:25 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
viewability
hal900026.redintelligence.net/ Frame 7F93 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/viewability?s=41535200007297500951433012172026&a=5f45373a&vb=m
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=41535200007297500951433012172026&a=2347597a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hal900026.redintelligence.net/request_content.php?s=41535200007297500951433012172026&a=2347597a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:25 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame C5EF 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 08:06:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 14 Dec 2022 06:25:15 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame D238 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 08:06:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 14 Dec 2022 06:25:15 GMT
viewability
hal90009.redintelligence.net/ Frame 5B6E 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/viewability?s=62272200006256900951433012172009&a=f02eabeb&vb=m
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=62272200006256900951433012172009&a=39f35660
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hal90009.redintelligence.net/request_content.php?s=62272200006256900951433012172009&a=39f35660
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:25 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame D412 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 08:06:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 14 Dec 2022 06:25:15 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 1A9C 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90006.redintelligence.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:24:52 GMT
x-content-type-options
nosniff
age
459573
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Dec 2023 19:24:52 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 1A9C 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90006.redintelligence.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 13:30:55 GMT
x-content-type-options
nosniff
age
221610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 13:30:55 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 7F93 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900026.redintelligence.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:24:52 GMT
x-content-type-options
nosniff
age
459573
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Dec 2023 19:24:52 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 7F93 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900026.redintelligence.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 13:30:55 GMT
x-content-type-options
nosniff
age
221610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 13:30:55 GMT
/
track.adform.net/csimpr/ Frame 3443 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=58441608&csi=U0b7f4RuLYFX3HqYaM-cxCVt8nVU1Y_XUfmJnywTCffZKGWOLEEutt6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
55765898.png
s1.adform.net/Banners/55765898/ Frame 3443 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/55765898/55765898.png?bv=1
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3efab841da903d70479c8bdf811f5b0c78b6495ae24cf3865269cbd9ca8bc747

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
last-modified
Tue, 04 Oct 2022 10:18:47 GMT
server
nginx
x-amz-request-id
tx00000703f9030792a3ae6-006397b32f-32941e2b-default
etag
"a52f03fac7cd5ab678e51b019f239ef8"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
34822
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 5B6E 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90009.redintelligence.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 19:24:52 GMT
x-content-type-options
nosniff
age
459573
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Dec 2023 19:24:52 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 5B6E 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90009.redintelligence.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 13:30:55 GMT
x-content-type-options
nosniff
age
221610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 13:30:55 GMT
/
track.adform.net/csimpr/ Frame 84E2 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=56588294&csi=VXYdwi9f5tiYQhv-iKqLuxbjWuAJ8_4iZ1RukAKDBRDZKGWOLEEutt6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
54496767.png
s1.adform.net/Banners/54496767/ Frame 84E2 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/54496767/54496767.png?bv=1
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
578772ec6fa8a6583f97b0c4a7592279c79a9217a588000b6cd82d05ec71931b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
last-modified
Mon, 11 Jul 2022 09:51:03 GMT
server
nginx
x-amz-request-id
tx00000ead4ab6eb536dc73-006397b393-32940f80-default
etag
"99025ed88202f6fc87aab4e0be863fee"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
86160
postback
s.update.mediamathtag.com/2/2.86.0/619621/AbEq6EsHEPJOBfH7/ Frame C176 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.86.0/619621/AbEq6EsHEPJOBfH7/postback?ap=&ti=7519516833810243741&c1=4562312&ci=619621&ai=216536&dt=6196211556140246740000&sr=13&si=5626891&dm=300x600&ac=651871&cr=6622396&di=https%3A%2F%2Ffriends.in.ua%2F&ui=4c10f98c-0000-0000-0000-000000000000&pp=10264&r1=82.199.130.0&r2=&pd=avt&pv=dd4fffe3-fb15-4c80-abc8-8a004c0b636b&de=43003&r3=&sid=AbEq6EsHEPJOBfH7&oz_sc=bcd85f1d2af917c22593c7bf&oz_df=1670900665640&oz_l=4701&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.86.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 13 Dec 2022 03:04:24 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
sodar
pagead2.googlesyndication.com/pagead/ Frame 5BA3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=4054321052521098&bg=!e3ileDzNAAYgquz3AKo7ACkAdvg8WnvwHKV7XDeYBQKmlZUq6ERAQROVDtjo91eFiZQQBcpTbWsR5AIAAABrUgAAAARoAQeZAtIx6wVMHy54WnZaQCByvsCMGR-u4HxDs1eEYskN7g-2BhnDNEVfJs3iM7_FguTZ2j5P1QC66atimwEJmfRkKEyhxv_c6nQN1z0V3xbWXyiI4sAenP40rdSqd0W-XEdYJNBx1VR1yt3asnEle4b56a4bv736160iS9RJvfnPHMemniMuo0EDdv6MvdYAzIUuFz6vxX5S_UVZDSCqgtKrCKFjgRMPHKtg9ooAe8oM_PMx8XTfxUf2SQEbQHa6PTolOBraWSzeG2n4Z9nDaVALXYKj4Dl9UzQKqwrLw4_pWoL9RNCkAN1kN-QSbd8I_adczwlOy4R_BcKLicp5Q0kWRqWsRgyHZcwDkeQ7Nqyvh58Z9buG0e89Fmr191dDtKhgil9T8vTdb1tJv2S0n7RijzD34wdohu4mBTPQQov_76fUmmt-mrJnxqJeuWjIhrm1W_j1WjKIt105Byqf8q32VAauhUyBAiQGhAg2GuhBq_KS2fdGPHzBY2bT-zkW4dyFlFZYZ0a_gcDATgT2aYKM6L20lpwpV8-LIDoaPxUWwgvq5BJYunZvwB5oriabbfdhJZJALCMg7aj4yfvCuvLYq31YWUnPQT90K-hL-b0F9-Tmt7ZyEiA65Xv_h7K4S4wxZKE7AmyzsFATBup0EBkc2wAyy0zHx3ytzh88V_0mshSToJiUUjEMzzUpwaPemtvHqmkQjsIX_9HnoR-s_IiQsHdEoRdzXl4mTnrEapsO4XCgVr1ZvsUPGpSBZMfpqwCCo-07WcYIHRVx9FvfOpIc8dZYyqWox7z6g2gb_JEPiTNN0uDUaqRmx_85whJi6mO9R_qHOIapufw5pt1fh81qClm9DOjdycCgOd-MtT3NWK43m3hXxf7hAlCOxSqxLZooJkP3wIy0TV9TOQWeol0pdlgnB9jkkgdfkhpOAOQj6d-ul0jAfxgj7hOWcn_a0gX20to1Mw
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
/
track.adform.net/csimpr/ Frame C5EF 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=57837237&csi=tu4jfLk2dTMmVQJbPkWwDtcMM88d2zKyIFKk6AqcwXHZKGWOLEEutt6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
55404626.png
s1.adform.net/Banners/55404626/ Frame C5EF 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/55404626/55404626.png?bv=1
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bf96081284956723e8c96dc1cb4f3cd6a0beb99f0eec0d75d5a6695110dd5222

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
last-modified
Thu, 08 Sep 2022 08:11:15 GMT
server
nginx
x-amz-request-id
tx00000fb099eb27d010abb-006397b311-32940f80-default
etag
"6c65645477686501238b625a039bb902"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
16655
55404626.png
s1.adform.net/Banners/55404626/ Frame D238 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/55404626/55404626.png?bv=1
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bf96081284956723e8c96dc1cb4f3cd6a0beb99f0eec0d75d5a6695110dd5222

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
last-modified
Thu, 08 Sep 2022 08:11:15 GMT
server
nginx
x-amz-request-id
tx00000fb099eb27d010abb-006397b311-32940f80-default
etag
"6c65645477686501238b625a039bb902"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
16655
/
track.adform.net/csimpr/ Frame D238 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=57837237&csi=PN2mha_IwnTIGtQ4YxuY7zgIVnvHntY8IFKk6AqcwXHZKGWOLEEutt6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
action
www8.smartadserver.com/track/ Frame CC6B 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www8.smartadserver.com/track/action?sid=1670900664426&pid=1691712&iid=9310545&fmtid=88200&cid=0&key=viewcount&rtb=1&rtbbid=5984865838759437502&rtbet=0&rtblt=638064974642583728&rtbnid=1999&rtbh=6c76e1b31d87a9f1b50e3d9f55e8ddc7f3f0f678&ts=1670900664426
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
transfer-encoding
chunked
content-type
image/gif
action
www8.smartadserver.com/track/ Frame 8084 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www8.smartadserver.com/track/action?sid=1670900664458&pid=1691712&iid=9310545&fmtid=88200&cid=0&key=viewcount&rtb=1&rtbbid=356589248344289426&rtbet=0&rtblt=638064974642695369&rtbnid=1999&rtbh=8d62b6c147404917b5dd6736e9f8a057a8c9994d&ts=1670900664458
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
transfer-encoding
chunked
content-type
image/gif
/
track.adform.net/csimpr/ Frame D412 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=57894125&csi=PN2mha_IwnQGPbYj7ct_aOV-9w6Oe6-9hhDLEPauob3ZKGWOLEEutt6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
55461688.png
s1.adform.net/Banners/55461688/ Frame D412 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/55461688/55461688.png?bv=1
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c424e173beea5acb5e7c66ee66f9af4fff6aa67a45ca8dcbaae2e28d183e7023

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
last-modified
Mon, 12 Sep 2022 11:05:33 GMT
server
nginx
x-amz-request-id
tx000001495275d4642904a-006397b313-329373d4-default
etag
"fb578c80357dbc7854450196ad5410ba"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
28088
action
www8.smartadserver.com/track/ Frame 161F 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www8.smartadserver.com/track/action?sid=1670900664469&pid=1691712&iid=9310545&fmtid=88200&cid=0&key=viewcount&rtb=1&rtbbid=4903908897400365019&rtbet=0&rtblt=638064974643483052&rtbnid=1999&rtbh=0d5fe7185bcbf8eaf5efc7d619c9fac4241b7869&ts=1670900664469
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
transfer-encoding
chunked
content-type
image/gif
action
www8.smartadserver.com/track/ Frame 8056 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www8.smartadserver.com/track/action?sid=1670900664536&pid=1691712&iid=9310545&fmtid=88200&cid=0&key=viewcount&rtb=1&rtbbid=3180657416585930360&rtbet=0&rtblt=638064974644381692&rtbnid=1999&rtbh=45fb2f6026a292175ead300b57a79e0c8b517656&ts=1670900664536
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
transfer-encoding
chunked
content-type
image/gif
action
www8.smartadserver.com/track/ Frame B9A1 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www8.smartadserver.com/track/action?sid=1670900664564&pid=1691712&iid=9310545&fmtid=88200&cid=0&key=viewcount&rtb=1&rtbbid=3928367797869161337&rtbet=0&rtblt=638064974644761450&rtbnid=1999&rtbh=2b8b9241e452464d58f0244d5054577e1e0765bf&ts=1670900664564
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
transfer-encoding
chunked
content-type
image/gif
action
www8.smartadserver.com/track/ Frame D06A 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www8.smartadserver.com/track/action?sid=1670900664629&pid=1691712&iid=9310545&fmtid=88200&cid=0&key=viewcount&rtb=1&rtbbid=9222696962472462426&rtbet=0&rtblt=638064974645225223&rtbnid=1999&rtbh=b8b7775a4eb2aa8bfe4b83efb810a8c5ad5d988f&ts=1670900664629
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
transfer-encoding
chunked
content-type
image/gif
peg_logger.js
www.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame 1E8B 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Requested by
Host: www.parship.de
URL: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e336-7a92-11ed-b554-00155def0803ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70be16b9dc61f64b3bdd8f879f8dcaaa114c52d8d22229f34605d75477555105
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e336-7a92-11ed-b554-00155def0803ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Wed, 30 Nov 2022 12:34:09 GMT
x-content-type-options
nosniff
server
cloudflare
age
56703
etag
W/"63874dc1-2fc0"
vary
Accept-Encoding
content-type
application/x-javascript
content-encoding
br
cache-control
max-age=86400
cf-ray
778b78e98dbf23c3-LHR
expires
Mon, 12 Dec 2022 12:57:51 GMT
pegtracking_combined.js
www.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame 1E8B 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Requested by
Host: www.parship.de
URL: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e336-7a92-11ed-b554-00155def0803ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b4ad4c7e9f95aa3f37f4f71e91eb0def0f2d8f5d9936eb8739718c151268fbb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e336-7a92-11ed-b554-00155def0803ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 07:17:58 GMT
x-content-type-options
nosniff
server
cloudflare
age
56703
etag
W/"633d2fa6-77ae"
vary
Accept-Encoding
content-type
application/x-javascript
content-encoding
br
cache-control
max-age=86400
cf-ray
778b78e98dc023c3-LHR
expires
Tue, 13 Dec 2022 07:29:55 GMT
peg_logger.js
www.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame 756E 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Requested by
Host: www.parship.de
URL: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c49c6e-7a92-11ed-9804-00155def0803ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70be16b9dc61f64b3bdd8f879f8dcaaa114c52d8d22229f34605d75477555105
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c49c6e-7a92-11ed-9804-00155def0803ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Wed, 30 Nov 2022 12:34:09 GMT
x-content-type-options
nosniff
server
cloudflare
age
56703
etag
W/"63874dc1-2fc0"
vary
Accept-Encoding
content-type
application/x-javascript
content-encoding
br
cache-control
max-age=86400
cf-ray
778b78e99dc623c3-LHR
expires
Mon, 12 Dec 2022 12:57:51 GMT
pegtracking_combined.js
www.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame 756E 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Requested by
Host: www.parship.de
URL: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c49c6e-7a92-11ed-9804-00155def0803ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b4ad4c7e9f95aa3f37f4f71e91eb0def0f2d8f5d9936eb8739718c151268fbb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c49c6e-7a92-11ed-9804-00155def0803ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 07:17:58 GMT
x-content-type-options
nosniff
server
cloudflare
age
56703
etag
W/"633d2fa6-77ae"
vary
Accept-Encoding
content-type
application/x-javascript
content-encoding
br
cache-control
max-age=86400
cf-ray
778b78e99dc723c3-LHR
expires
Tue, 13 Dec 2022 07:29:55 GMT
peg_logger.js
www.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame A0CE 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Requested by
Host: www.parship.de
URL: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e4d0-7a92-11ed-a9e4-00155def0803ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70be16b9dc61f64b3bdd8f879f8dcaaa114c52d8d22229f34605d75477555105
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e4d0-7a92-11ed-a9e4-00155def0803ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Wed, 30 Nov 2022 12:34:09 GMT
x-content-type-options
nosniff
server
cloudflare
age
56703
etag
W/"63874dc1-2fc0"
vary
Accept-Encoding
content-type
application/x-javascript
content-encoding
br
cache-control
max-age=86400
cf-ray
778b78e9add023c3-LHR
expires
Mon, 12 Dec 2022 12:57:51 GMT
pegtracking_combined.js
www.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame A0CE 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Requested by
Host: www.parship.de
URL: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e4d0-7a92-11ed-a9e4-00155def0803ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b4ad4c7e9f95aa3f37f4f71e91eb0def0f2d8f5d9936eb8739718c151268fbb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e4d0-7a92-11ed-a9e4-00155def0803ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:25 GMT
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 07:17:58 GMT
x-content-type-options
nosniff
server
cloudflare
age
56703
etag
W/"633d2fa6-77ae"
vary
Accept-Encoding
content-type
application/x-javascript
content-encoding
br
cache-control
max-age=86400
cf-ray
778b78e9add123c3-LHR
expires
Tue, 13 Dec 2022 07:29:55 GMT
postback
s.update.mediamathtag.com/2/2.86.0/619621/AbEq6EsHEPJOBfH7/ Frame C176 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.86.0/619621/AbEq6EsHEPJOBfH7/postback?ap=&ti=7519516833810243741&c1=4562312&ci=619621&ai=216536&dt=6196211556140246740000&sr=13&si=5626891&dm=300x600&ac=651871&cr=6622396&di=https%3A%2F%2Ffriends.in.ua%2F&ui=4c10f98c-0000-0000-0000-000000000000&pp=10264&r1=82.199.130.0&r2=&pd=avt&pv=dd4fffe3-fb15-4c80-abc8-8a004c0b636b&de=43003&r3=&sid=AbEq6EsHEPJOBfH7&oz_sc=bcd85f1d2af917c22593c7bf&oz_df=1670900665818&oz_l=3861&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.86.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 13 Dec 2022 03:04:24 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
eum.min.js
eum.instana.io/ Frame 1E8B 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: www.parship.de
URL: https://www.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1b901586d2dba4cbb94e0ebd2edc28366164be66b6c5c6ca365f2b1cbc6d309

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e336-7a92-11ed-b554-00155def0803ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:26 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 1 Jan 1970 00:00:01 GMT
server
cloudflare
age
535002
etag
1562908762--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
timing-allow-origin
*
cf-ray
778b78eaddf74058-LHR
nvi
www.parship.de/nocache/ Frame 1E8B 		15 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/nocache/nvi?url_path=%2Fwplp%2Fhtlp%2Fde%2Findex.html&pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e336-7a92-11ed-b554-00155def0803ID&ref=https%3A%2F%2Fsholke.com%2F
Requested by
Host: www.parship.de
URL: https://www.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e336-7a92-11ed-b554-00155def0803ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:26 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cf-ray
778b78ea0e0223c3-LHR
content-length
15
eum.min.js
eum.instana.io/ Frame 756E 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: www.parship.de
URL: https://www.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1b901586d2dba4cbb94e0ebd2edc28366164be66b6c5c6ca365f2b1cbc6d309

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c49c6e-7a92-11ed-9804-00155def0803ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:26 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 1 Jan 1970 00:00:01 GMT
server
cloudflare
age
535002
etag
1562908762--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
timing-allow-origin
*
cf-ray
778b78eaddf84058-LHR
nvi
www.parship.de/nocache/ Frame 756E 		15 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/nocache/nvi?url_path=%2Fwplp%2Fhtlp%2Fde%2Findex.html&pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c49c6e-7a92-11ed-9804-00155def0803ID&ref=https%3A%2F%2Fsholke.com%2F
Requested by
Host: www.parship.de
URL: https://www.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c49c6e-7a92-11ed-9804-00155def0803ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:26 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cf-ray
778b78ea1e0923c3-LHR
content-length
15
eum.min.js
eum.instana.io/ Frame A0CE 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: www.parship.de
URL: https://www.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1b901586d2dba4cbb94e0ebd2edc28366164be66b6c5c6ca365f2b1cbc6d309

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e4d0-7a92-11ed-a9e4-00155def0803ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:26 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 1 Jan 1970 00:00:01 GMT
server
cloudflare
age
535002
etag
1562908762--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
timing-allow-origin
*
cf-ray
778b78eaddf94058-LHR
nvi
www.parship.de/nocache/ Frame A0CE 		15 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/nocache/nvi?url_path=%2Fwplp%2Fhtlp%2Fde%2Findex.html&pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e4d0-7a92-11ed-a9e4-00155def0803ID&ref=https%3A%2F%2Fsholke.com%2F
Requested by
Host: www.parship.de
URL: https://www.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e4d0-7a92-11ed-a9e4-00155def0803ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:26 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cf-ray
778b78ea1e0e23c3-LHR
content-length
15
postback
s.update.mediamathtag.com/2/2.86.0/619621/AbEq6EsHEPJOBfH7/ Frame C176 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.86.0/619621/AbEq6EsHEPJOBfH7/postback?ap=&ti=7519516833810243741&c1=4562312&ci=619621&ai=216536&dt=6196211556140246740000&sr=13&si=5626891&dm=300x600&ac=651871&cr=6622396&di=https%3A%2F%2Ffriends.in.ua%2F&ui=4c10f98c-0000-0000-0000-000000000000&pp=10264&r1=82.199.130.0&r2=&pd=avt&pv=dd4fffe3-fb15-4c80-abc8-8a004c0b636b&de=43003&r3=&sid=AbEq6EsHEPJOBfH7&oz_sc=bcd85f1d2af917c22593c7bf&oz_df=1670900665972&oz_l=379&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.86.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 13 Dec 2022 03:04:25 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
3de6f20e-4caf-46e2-9280-faa65ad06aa4
https://sholke.com/ Frame C176 		802 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://sholke.com/3de6f20e-4caf-46e2-9280-faa65ad06aa4
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0359b74bdc8a9ce5cf1f38a364b781b7169fe7892d7247cb4dbb2acc3cb07463

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
802
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1034840951493578&plah=friends.in.ua&bust=31071277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c303ec3d579d216cb0f4d3f4752cba0479af240eded51d94e487022e1f055447
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10966
x-xss-protection
0
stats
x01.aidata.io/ Frame FCF5 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/stats?pixel=VIBOOM&v=1670900664091&url=https%3A%2F%2Ffriends.in.ua%2F&is_js_referrer=1&origin_referrer=&pid=VIBOOM&js=1&sid=31be860044fa4dd8b3a2b93bc144f09b&__upin=dbLQMgBOPT9o3yyhTHDDVQ&id=53ffcc7e4bba25670a61925f212d9a9d&url=https%3A%2F%2Ffriends.in.ua%2F&payload=%7B%22event%22%3A%22referrer%22%2C%22type%22%3A%22referrer%22%2C%22data%22%3A%7B%22value%22%3A%22%22%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51370.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:26 GMT
server
nginx
0.gif
x01.aidata.io/ Frame FCF5
Redirect Chain
  • https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
  • https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Protocol
H2
Server
89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51370.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:26 GMT
last-modified
Tue, 13 Dec 2022 03:04:25 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Tue, 13 Dec 2022 03:04:25 GMT

Redirect headers

Location
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Date
Tue, 13 Dec 2022 03:04:26 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Connection
keep-alive
Content-Length
324
Content-Type
text/html; charset=iso-8859-1
pixel.js
x01.aidata.io/ Frame FCF5 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=53ffcc7e4bba25670a61925f212d9a9d&url=https%3A%2F%2Ffriends.in.ua%2F&v=1670900666140&is_js_referrer=1&es_name=GA&es_uid=845992931.1670900663
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51370.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:26 GMT
content-encoding
gzip
last-modified
Tue, 13 Dec 2022 03:04:25 GMT
server
nginx
access-control-allow-methods
GET, POST
content-type
application/javascript
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Tue, 13 Dec 2022 03:04:25 GMT
pixel.js
x01.aidata.io/ Frame FCF5 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=53ffcc7e4bba25670a61925f212d9a9d&url=https%3A%2F%2Ffriends.in.ua%2F&v=1670900666140&is_js_referrer=1&es_name=YM&es_uid=1670900664880591006
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51370.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:26 GMT
content-encoding
gzip
last-modified
Tue, 13 Dec 2022 03:04:25 GMT
server
nginx
access-control-allow-methods
GET, POST
content-type
application/javascript
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Tue, 13 Dec 2022 03:04:25 GMT
postback
s.update.mediamathtag.com/2/2.86.0/619621/AbEq6EsHEPJOBfH7/ Frame C176 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.86.0/619621/AbEq6EsHEPJOBfH7/postback?ap=&ti=7519516833810243741&c1=4562312&ci=619621&ai=216536&dt=6196211556140246740000&sr=13&si=5626891&dm=300x600&ac=651871&cr=6622396&di=https%3A%2F%2Ffriends.in.ua%2F&ui=4c10f98c-0000-0000-0000-000000000000&pp=10264&r1=82.199.130.0&r2=&pd=avt&pv=dd4fffe3-fb15-4c80-abc8-8a004c0b636b&de=43003&r3=&sid=AbEq6EsHEPJOBfH7&oz_sc=bcd85f1d2af917c22593c7bf&oz_df=1670900666122&oz_l=628&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.86.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 13 Dec 2022 03:04:25 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1034840951493578&plah=friends.in.ua&bust=31071277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 13 Dec 2022 03:04:26 GMT
vevent
ams3-ib.adnxs.com/ Frame C176 		0
832 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLoCuhoBQAAAwDWAAUBCLjX35wGEPmZ4sOj45z7MRgAKjYJy7kUV5V9lz8RQhwM8R89kz8ZAAAAQDMzwz8hQg0SACkRJAAxARv0BQHheoQ_MIrYrwo4mFBAHUgIUKaQu7YBWIuylQFgAGj-4LABeOHxBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEvgAMAiAMBkAMAmAMXoAMBqgPTBgqKBmh0dHA6Ly90YWdzLm1hdGh0YWcuY29tL25vdGlmeS9pbWc_ZXhjaD1hcG4mc19leGNoPWFwbiZpZD01YVc5NXEyakx6SXpMeUF2VGtkTmVFMUhXVFZQUjAxMFRVUkJkMDFETUhkTlJFRjNURlJCZDAxRVFYUk5SARAMVVJCZAUQ8LZkTlJFRjNMemMxTVRrMU1UWTRNek00TVRBeU5ETTNOREV2TmpZeU1qTTVOaTgwTlRZeU16RXlMekV6TDFsQlFVUlJhRWQzUzE5NlpISk9ZMDlUTW0xbWRsSm9kSEZwTVY5MFVuTTFYelEwWWxaVGNqRkhjVUV2TVM4eE15OHdMekF2T1RVMk9EQXpMekV6T0RnNE1EWTNNREV2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlIyxAAAUgXEDFRVTXcN1ARNVhEgDEUxRVEN5Bn0FGN2TUM4dwF8CQhm_AAMZW5KbwUo8E96Z3ZNVFl2T1RrNUx6TXlNaTg0TWk0eE9Ua3VNVE13TGpBdk1DNHdNREF2TVRZM01Ea3dNRFkyTkM4eE5qY3dPVEV6TWpZMEx6RXpMekV3TQEM8Fh3L2NLTXlWUFMxTVV2M0FGTUZ6Q2dBLVpMT3RCOCZub2RlaWQ9Mzc0NyZncm91cD16cmgmYXVjdGlvbmlkPTc1MTk1MTY4MzM4MTAyNDM3NDEmcGJzX2F1Y2oiABxzaGFyZGtleVY_APB9cmljZT0ke0FVQ1RJT05fUFJJQ0V9JmJwPWFfYWNjamVhJm5meV9hY3Q9TEQ1d2YzVSZiZmlwPTE4NS4yOS4xMzIuOTgmc2lkPTQ1NjIzMTImY2lkPTY2MjIzOTYmc3JjPWFwaSZ0eXBlPW51cmwmY2xpZW50PXMycxITNzUxPs8AqBoTMzYwMDE5MTUwODU4MzA1ODY4MSIJMzgyNjUwNDA2KgYxMDE5MzY6BzYJY_BhwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA04Mi4xOTkuMTMwLjQ1qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASFMFiIBQGYBQCgBeny4OqsvaCrIsAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AG-asB2gYWChAJEhkBgBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBjY1MTg3MboHDwFSSBgAIAAwADi6BkAAyAfh8QXSBw0VgAFBCNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=a3a498075133b556cff670a0518183e1df1d9c4d&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=1&sid=8161336941620652340&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:26 GMT
AN-X-Request-Uuid
10760cdf-07b4-45a6-b134-16600741adeb
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
postback
s.update.mediamathtag.com/2/2.86.0/619621/AbEq6EsHEPJOBfH7/ Frame C176 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.86.0/619621/AbEq6EsHEPJOBfH7/postback?ap=&ti=7519516833810243741&c1=4562312&ci=619621&ai=216536&dt=6196211556140246740000&sr=13&si=5626891&dm=300x600&ac=651871&cr=6622396&di=https%3A%2F%2Ffriends.in.ua%2F&ui=4c10f98c-0000-0000-0000-000000000000&pp=10264&r1=82.199.130.0&r2=&pd=avt&pv=dd4fffe3-fb15-4c80-abc8-8a004c0b636b&de=43003&r3=&sid=AbEq6EsHEPJOBfH7&oz_sc=bcd85f1d2af917c22593c7bf&oz_df=1670900666275&oz_l=10582&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.86.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 13 Dec 2022 03:04:25 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
vevent
ams3-ib.adnxs.com/ Frame 3428 		0
832 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLoCuhoBQAAAwDWAAUBCLjX35wGEOXj9q6q8Kn7TRgAKjYJy7kUV5V9lz8RQhwM8R89kz8ZAAAAQDMzwz8hQg0SACkRJAAxARv0BQHheoQ_MIrYrwo4mFBAHUgIUKaQu7YBWIuylQFgAGj-4LABeND2BYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEvgAMAiAMBkAMAmAMXoAMBqgPTBgqKBmh0dHA6Ly90YWdzLm1hdGh0YWcuY29tL25vdGlmeS9pbWc_ZXhjaD1hcG4mc19leGNoPWFwbiZpZD01YVc5NXEyakx6SXpMeUF2VGtkTmVFMUhXVFZQUjAxMFRVUkJkMDFETUhkTlJFRjNURlJCZDAxRVFYUk5SARAMVVJCZAUQ8LZkTlJFRjNMell6TmpZMU9UVXpNamt5TURNek9UWTRNalV2TmpZeU1qTTVOaTgwTlRZeU16RXlMekV6TDFsQlFVUlJhRWQzUzE5NlpISk9ZMDlUTW0xbWRscHBNelJzVm5BM1NtOTVOSHBtVEZSS1dFWjJiR3N2TVM4eE15OHdMekF2T1RVMk9EQXpMekV6T0RnNE1EWTNNREV2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlIyxAAAUgXEDFRVTXcN1ARNVhEgDEUxRVEN5Bn0FGN2TUM4dwF8CQhm_AAMZW5KbwUo8E96Z3ZNVFl2T1RrNUx6TXlNaTg0TWk0eE9Ua3VNVE13TGpBdk1DNHdNREF2TVRZM01Ea3dNRFkyTkM4eE5qY3dPVEV6TWpZMEx6RXpMekV3TQEM8Fh3L3ZxRnR4R29NTzBXVE12U292RGdVaFFWN3BCNCZub2RlaWQ9Mzc0NyZncm91cD16cmgmYXVjdGlvbmlkPTYzNjY1OTUzMjkyMDMzOTY4MjUmcGJzX2F1Y2oiABxzaGFyZGtleVY_APB9cmljZT0ke0FVQ1RJT05fUFJJQ0V9JmJwPWFfYWNjamVhJm5meV9hY3Q9TEQ1d2YzVSZiZmlwPTE4NS4yOS4xMzUuNjkmc2lkPTQ1NjIzMTImY2lkPTY2MjIzOTYmc3JjPWFwaSZ0eXBlPW51cmwmY2xpZW50PXMycxITNjM2Ps8AqBoTNTYxNzg2MTc2NDc2MTYyOTE1NyIJMzgyNjUwNDA2KgYxMDE5MzY6BzYJY_BhwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA04Mi4xOTkuMTMwLjQ1qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASFMFiIBQGYBQCgBe2YgNXM3OTHEMAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AG-asB2gYWChAJEhkBgBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBjY1MTg3MboHDwFSSBgAIAAwADi6BkAAyAfQ9gXSBw0VgAFBCNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=2e90f588b6df36e843abc5521b57ae288fec5ad0&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=1&sid=8161336941620652340&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:26 GMT
AN-X-Request-Uuid
5ab75642-8e47-4a39-a70c-69929e5082fe
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 72C7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
12543
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 23:35:23 GMT
expires
Tue, 12 Dec 2023 23:35:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B8EE 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1a1fab3243cc3f837b3e77a415c4745f0c73373d42990637e607961d24abbd39
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gXBcvWQQgMC43bmIFN58rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-gXBcvWQQgMC43bmIFN58rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 03:04:26 GMT
expires
Tue, 13 Dec 2022 03:04:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame 72C7 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 22:38:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 22:38:25 GMT
async_usersync
ib.adnxs.com/ Frame 32F1 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:26 GMT
AN-X-Request-Uuid
1001fc89-eb2e-4a7c-9caa-3524f866c514
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
postback
s.update.mediamathtag.com/2/2.86.0/619621/AbEq6EsHEPJOBfH7/ Frame C176 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.86.0/619621/AbEq6EsHEPJOBfH7/postback?ap=&ti=7519516833810243741&c1=4562312&ci=619621&ai=216536&dt=6196211556140246740000&sr=13&si=5626891&dm=300x600&ac=651871&cr=6622396&di=https%3A%2F%2Ffriends.in.ua%2F&ui=4c10f98c-0000-0000-0000-000000000000&pp=10264&r1=82.199.130.0&r2=&pd=avt&pv=dd4fffe3-fb15-4c80-abc8-8a004c0b636b&de=43003&r3=&sid=AbEq6EsHEPJOBfH7&oz_sc=bcd85f1d2af917c22593c7bf&oz_df=1670900666471&oz_l=141&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.86.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 13 Dec 2022 03:04:25 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
generate_204
tpc.googlesyndication.com/ Frame 72C7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?g6bqew
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame B8EE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=3278526591422257&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
viewability
hal90006.redintelligence.net/ Frame 1A9C 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90006.redintelligence.net/viewability?s=29815100008565000951433012172006&a=2a84c89b&vb=v
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=29815100008565000951433012172006&a=79596e9a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hal90006.redintelligence.net/request_content.php?s=29815100008565000951433012172006&a=79596e9a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:26 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
viewability
hal90009.redintelligence.net/ Frame 5B6E 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/viewability?s=62272200006256900951433012172009&a=f02eabeb&vb=v
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=62272200006256900951433012172009&a=39f35660
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hal90009.redintelligence.net/request_content.php?s=62272200006256900951433012172009&a=39f35660
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 03:04:26 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
/
track.adform.net/Serving/Event/ Frame 2FF4 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=58871330&event=178&time=2&baid=55972220&name=Viewable%20impressions&imprid=8196369333080461211&icid=0&eData=tP5mOb0EusD3xxi2AEEycjUyXTFuQeaqumjmAI-8sjxo4kOyoBiwbg2&rtbdata=xyM5PMf_e7HMNJiEZyaoh34DzZ_1c6RvttvmmmYAHQrjw8f5yuW2b98e2NGQNPpHo6lrrtXl9r10TwS1CH1FAv18cWo3qXfQQQj86ERciR9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufZ2yZ_uCUCXkYy9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRvJX2KMh671VyeheoegvN1zZPSVCRcBPzE1&rtbwp=awkkLAPbe_0lwkEx38vCJ4JzsA9WBZfr8M4wPg&rnd=704846009
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 2FF4 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@58871330,8196369333080461211,100|1090|0|0|0|0|0|0|0||43|1|||||1|0|0|IFnaS8MEIS7i5nP9TebYOumn3tQYot-A0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 84E2 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=56588294&event=178&time=2&baid=54496767&name=Viewable%20impressions&imprid=3755240812814964720&icid=0&eData=VXYdwi9f5tjgioOkT9LL8N9HfaTuwoEkumjmAI-8sjxo4kOyoBiwbg2&rtbdata=dVWYmnj-zflUAf1Txsqp5Ub7XDhUkMlG3XZz0AVMArHLfvca8RlJqeJP3jCI3qERBLOwN9YqiXvKc8PD78MKgOVRhDgrzx29I415sj83Pk1wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufYfohmA3MpgH4y9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRvJX2KMh671V6EuVBWCp8k1ZPSVCRcBPzE1&rtbwp=5gcch0fRL-fyzPOzRMHXEzR4Q1prnYd_Tc_oQQ&rnd=628835059
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 84E2 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@56588294,3755240812814964720,100|1100|0|0|0|0|0|0|0||43|1|||||1|0|0|DX6-qzbEjIPi5nP9TebYOumn3tQYot-A0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=3278526591422257&bg=!yMuly4_NAAYgquz3AKo7ACkAdvg8WqdLjj1Z9_O9Xhd3GdpkRuN-gRUWZfPLj8w_ud9q_ULgZWLingIAAABcUgAAAANoAQeZAqFdfeLfeX-brlcGXD9aMHiu-13mTAG3q1Q_PmHDX9JRPX4kvUu_iSjGlxvgLHwIoHU9zyZMFlq6-Wy2i7U1B_W_LWaSUjc_xbRh-AtfFcisAD_XOpLSGG-qK8Kf3SyaD8tc1qX0dDQwN1RxAiHHEqyrI_7AF3JM2M_A3no3Uf_YdLc6V1j356hg6PbFJDITN52IKV-1_3sQQgghJ4XlLWFDZQZcS9wQWPanmcI0qupUgopDzUvSBMX-e-wHia3SXs8WGckgGaKDbRMHVfZB1BEn7YYjBQatv-xdSiMsX-_Zfj5qGmOqWgt3Mep-HfT9dFo-a8esQ-KMD8gi64GWlCcLLSf-n97iUeYne5ztNVN0IUw-22Lcathv0YSbZi4sfbmiggq1VA3UOCeIPNplvGZ0ETGrEXq91ogg_QYycDwGdsmvaXmPDIDxO4rPAV7mcKTbHEkzh-3RAnZXiuCTd9OOsvCdDkDbKBLU2aeEcXJbZ96k0-moGZQz45BAuwkYWBHtyPuXUyoiBmfCIoQRx0I2c58yhdZZkiSV5ApkFR-n3B4y1TD2N35y65HZjVEt4Sw_aSKcKd1CmjR0usUT48kvcin0XTFQPC_hyiM20VaSZBJCITvpvgwIGQ1qtLhBud1nb9HV3bdoNVEfnjqjVY5W7Teu8JyrQwuayF-KvcV1ApkvTE2lmR-OQK6JbwStNSwYMS5qnng3ixQ8UR0K2ltP5DxX6yruU6F2ksY1zkzwB9OtwkSocK9k6m0nJL08WO3KvnEMfm1Rc0wopivpojn4rCJqZ33l9JH_hnf8xfukNXqQzW0ltcyd439EmYgnaBOd3TdL8uNH_mBaMUe7B9OQBg1fYqLQqQN8hZGGeCe-lE_PCJ7-ntw3VeAIaQ8_sg9R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
/
track.adform.net/Serving/Event/ Frame 3443 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=58441608&event=178&time=2&baid=55765898&name=Viewable%20impressions&imprid=8995820055123155826&icid=0&eData=U0b7f4RuLYEwi7T9xyyHujUyXTFuQeaqumjmAI-8sjxo4kOyoBiwbg2&rtbdata=EgHIUscw8nuwzdRJYb7m9YozsmgFr4h66kkrem_n4pWYKyY27RLn2--7UQrQavP22hj6R4ZnCmZlEYXDnAyctXSPuRfwq2U-0tZ2gHoqt3dwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufbTxdNCFNgtsYy9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRvJX2KMh671V4KLMr5O4ZVNZPSVCRcBPzE1&rtbwp=fDlGELgw_LYpPWbcaRLTo71WBq8Wwe88HLYMgA&rnd=337344184
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 3443 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@58441608,8995820055123155826,100|1200|0|0|0|0|0|0|0||47|1|||||1|0|0|OH2Ui1mbFLPi5nP9TebYOumn3tQYot-A0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 5BA3 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 14 Dec 2022 03:04:27 GMT
/
track.adform.net/Serving/Event/ Frame D412 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=57894125&event=178&time=2&baid=55461688&name=Viewable%20impressions&imprid=1749323147481730378&icid=0&eData=PN2mha_IwnSTc59eIVGuOjUyXTFuQeaqumjmAI-8sjxo4kOyoBiwbg2&rtbdata=kOehyWS82X-DhlkeCd3s0lcsotEki1H2s1GwlNU0x3zUjXYRxN4kjsaVYKlH7quXcD7RnWuKfmsDrig4-qo_N9l_KU8WH-XRSwmGgMrdL3twGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufaxTtEYB4XzvIy9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRvJX2KMh671V4KLMr5O4ZVNZPSVCRcBPzE1&rtbwp=soOWlH_GRzEhG-lZ9sNIVtsf1mAa9AEH6gpAbg&rnd=556518045
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame D412 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@57894125,1749323147481730378,100|1101|0|0|0|0|0|0|0||43|1|||||1|0|0|egdrGA4Q5nbi5nP9TebYOumn3tQYot-A0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame C5EF 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=57837237&event=178&time=2&baid=55404626&name=Viewable%20impressions&imprid=540027060710738076&icid=0&eData=tu4jfLk2dTMoRemrbqmFfjUyXTFuQeaqumjmAI-8sjxo4kOyoBiwbg2&rtbdata=3XPskYh16vZAUWZvSzSZLSx2mumz4b3pnxOBaxOs8ORSUNHAL37Y06Q-fy_RuKbl2l5BmovERcqYjHBVjaY4p6BKed6m-K1obc5MbjISijVwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufaKYl9twExy74y9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRuru07Cw_7F_YKLMr5O4ZVNZPSVCRcBPzE1&rtbwp=OlbxoM4ZynxiPucwEpyFw0J3LY6zy__IX4olQQ&rnd=56193985
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame C5EF 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@57837237,540027060710738076,100|1199|0|0|0|0|0|0|0||47|1|||||1|0|0|vHyO5yCp89Di5nP9TebYOumn3tQYot-A0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame D238 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=57837237&event=178&time=2&baid=55404626&name=Viewable%20impressions&imprid=3943823998769662183&icid=0&eData=PN2mha_IwnQoRemrbqmFfjUyXTFuQeaqumjmAI-8sjxo4kOyoBiwbg2&rtbdata=NNFYuMWAQnPtYeQBp6e04dSs5SUnb2g2AkyxuufZQ5Odtdw1azOZnBj85PPOzRRFVyT7TpbVGOI6SIahnz3ghiwtjqI06TEx9DrP2HGGHdFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UE_zPUmgUC3vXXvtKZ7_yOr674wUPb7ufZjZDel7w-fQoy9-ubT-M5mPr2Xep2zXvD7wMyBMS7Omx1AtbEWfFsAkVfkHBOOTRuru07Cw_7F_aEuVBWCp8k1ZPSVCRcBPzE1&rtbwp=OKUyPh807jSpmgUKHWyEtdCzZce2ZXAhmC4kkA&rnd=18916567
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame D238 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@57837237,3943823998769662183,100|1200|0|0|0|0|0|0|0||47|1|||||1|0|0|vHyO5yCp89Di5nP9TebYOumn3tQYot-A0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
syncframe
gum.criteo.com/ Frame 33E6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 03:04:27 GMT
server
Kestrel
server-processing-duration-in-ticks
493393
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 5BA3 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 03:04:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 14 Dec 2022 03:04:27 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 5BA3 		95 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Ffriends.in.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.149.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/png
date
Tue, 13 Dec 2022 03:04:27 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
async_usersync.html
acdn.adnxs.com/dmp/ Frame 11C6 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-189.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 13 Dec 2022 03:04:27 GMT
ETag
"623de86a-cf34"
Expires
Wed, 14 Dec 2022 03:04:29 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame CD3A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-189.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 13 Dec 2022 03:04:27 GMT
ETag
"623de86a-cf34"
Expires
Wed, 14 Dec 2022 03:04:29 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9EC3 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-189.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 13 Dec 2022 03:04:27 GMT
ETag
"623de86a-cf34"
Expires
Wed, 14 Dec 2022 03:04:29 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame A2F7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-189.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 13 Dec 2022 03:04:27 GMT
ETag
"623de86a-cf34"
Expires
Wed, 14 Dec 2022 03:04:29 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 11C6 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:27 GMT
AN-X-Request-Uuid
c4a37468-67af-4095-b352-6f85848a0776
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame CF5F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-189.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 13 Dec 2022 03:04:27 GMT
ETag
"623de86a-cf34"
Expires
Wed, 14 Dec 2022 03:04:29 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
sid
mug.criteo.com/ Frame 33E6
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=friends.in.ua&sn=ChromeSyncframe&so=0&topUrl=friends.in.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=pdcJjnxqZnpSNkl2bUZZQTBvNXlaN1ZMTzU5bFRIVzNMYTRDbUdGVkJNWmVhRmMvNDlCS0hRVE93aFFkYmRqR0IwN1JrZDllcTE1WWtIc3p3ZVcxcXVVOGxJcWhTVnpmZktYRmUzQ1lmUDR0Vlp3aSs1TUkyZUUzMlE4dF...
433 B
673 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pdcJjnxqZnpSNkl2bUZZQTBvNXlaN1ZMTzU5bFRIVzNMYTRDbUdGVkJNWmVhRmMvNDlCS0hRVE93aFFkYmRqR0IwN1JrZDllcTE1WWtIc3p3ZVcxcXVVOGxJcWhTVnpmZktYRmUzQ1lmUDR0Vlp3aSs1TUkyZUUzMlE4dFd4UEprb0dCTXBRdVZzNVh5Q2dHNGw4bVQ1amZsNUdwSnV5cnZpYm1CdTZ3RkdnS3NmU3Bkb3RpajgwYjFCWE9WdHdXRi9jZVJ6V2dLQmYwVjdvcjdleVNYR0R0UER6RjJVSnp3ekVWeWNQMnduZjdoc0RRWjVLVlN4aG5xTXFDcjlhTG9EeFZSNkMwaVZ3QnVRUWJqZjd0dkM5R21jdz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e7520fdc3fd23bbf8da0c32bf828269b342719970f70ba1ea2e909eb66ef8eef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2603453
expires
0

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=pdcJjnxqZnpSNkl2bUZZQTBvNXlaN1ZMTzU5bFRIVzNMYTRDbUdGVkJNWmVhRmMvNDlCS0hRVE93aFFkYmRqR0IwN1JrZDllcTE1WWtIc3p3ZVcxcXVVOGxJcWhTVnpmZktYRmUzQ1lmUDR0Vlp3aSs1TUkyZUUzMlE4dFd4UEprb0dCTXBRdVZzNVh5Q2dHNGw4bVQ1amZsNUdwSnV5cnZpYm1CdTZ3RkdnS3NmU3Bkb3RpajgwYjFCWE9WdHdXRi9jZVJ6V2dLQmYwVjdvcjdleVNYR0R0UER6RjJVSnp3ekVWeWNQMnduZjdoc0RRWjVLVlN4aG5xTXFDcjlhTG9EeFZSNkMwaVZ3QnVRUWJqZjd0dkM5R21jdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
521515
content-length
0
expires
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 09C5 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-189.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 13 Dec 2022 03:04:27 GMT
ETag
"623de86a-cf34"
Expires
Wed, 14 Dec 2022 03:04:29 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 71F1 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-189.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 13 Dec 2022 03:04:27 GMT
ETag
"623de86a-cf34"
Expires
Wed, 14 Dec 2022 03:04:29 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame CD3A 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:27 GMT
AN-X-Request-Uuid
1b04d05f-26d1-4fb6-b7c8-cda7019626cf
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5BEF 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-189.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 13 Dec 2022 03:04:27 GMT
ETag
"623de86a-cf34"
Expires
Wed, 14 Dec 2022 03:04:29 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 9EC3 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:27 GMT
AN-X-Request-Uuid
2644725b-bf79-4fdf-8738-977ca646d613
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A2F7 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:27 GMT
AN-X-Request-Uuid
7435b948-a4ff-4162-a964-8c69f3b85913
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 09C5 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:27 GMT
AN-X-Request-Uuid
33418b32-d2ea-41af-aeb8-11f25e883e27
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame CF5F 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:27 GMT
AN-X-Request-Uuid
aa90aee2-621b-4eeb-b380-4717ca11ca4b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 71F1 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:27 GMT
AN-X-Request-Uuid
7da69221-e911-4858-ab4f-e2ba8533ac3a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame F432 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-189.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 13 Dec 2022 03:04:27 GMT
ETag
"623de86a-cf34"
Expires
Wed, 14 Dec 2022 03:04:29 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 5BEF 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:27 GMT
AN-X-Request-Uuid
330adf51-dfd3-4002-80f9-fe09230abb6b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F432 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:28 GMT
AN-X-Request-Uuid
4bd27064-4367-4bad-b0d5-01d9fe47645a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 11C6 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:28 GMT
AN-X-Request-Uuid
656fae89-5d85-455b-82c9-85afeb60178d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame CD3A 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:28 GMT
AN-X-Request-Uuid
b1c0cdf3-0444-4b0e-87f3-d1b86e5b29ca
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9EC3 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:28 GMT
AN-X-Request-Uuid
c9f1eeea-ae84-4282-9463-34e9645c5288
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A2F7 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:28 GMT
AN-X-Request-Uuid
baeda0a0-a21b-4fe0-ab06-a3ac33ca4475
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 09C5 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:28 GMT
AN-X-Request-Uuid
dfd4eae6-4ae1-4b48-be0c-b8e78b2dec40
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame CF5F 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:28 GMT
AN-X-Request-Uuid
33ad54d0-6f80-4dac-91a1-fd936602f280
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 71F1 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:28 GMT
AN-X-Request-Uuid
76c6b37e-66f6-4e3f-978b-21518d80a52f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5BEF 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:28 GMT
AN-X-Request-Uuid
abdbc76c-2dbc-4aba-ab9e-91e7808135cb
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F432 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 03:04:29 GMT
AN-X-Request-Uuid
322eec4b-0f00-45b7-982a-e7e310bc6486
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
82.199.130.45; 82.199.130.45; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/serving/unload/ Frame 2FF4 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@58871330,8196369333080461211,100|4789|0|0|0|0|0|0|0||187|1|||||1|0|0|IFnaS8MEIS7i5nP9TebYOumn3tQYot-A0|||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 3443 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@58441608,8995820055123155826,100|4700|0|0|0|0|0|0|0||184|1|||||1|0|0|OH2Ui1mbFLPi5nP9TebYOumn3tQYot-A0|||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 84E2 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@56588294,3755240812814964720,100|4699|0|0|0|0|0|0|0||184|1|||||1|0|0|DX6-qzbEjIPi5nP9TebYOumn3tQYot-A0|||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame C5EF 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@57837237,540027060710738076,100|4699|0|0|0|0|0|0|0||184|1|||||1|0|0|vHyO5yCp89Di5nP9TebYOumn3tQYot-A0|||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame D238 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@57837237,3943823998769662183,100|4700|0|0|0|0|0|0|0||184|1|||||1|0|0|vHyO5yCp89Di5nP9TebYOumn3tQYot-A0|||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame D412 		35 B
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@57894125,1749323147481730378,100|4700|0|0|0|0|0|0|0||184|1|||||1|0|0|egdrGA4Q5nbi5nP9TebYOumn3tQYot-A0|||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 03:04:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://sholke.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
postback
s.update.mediamathtag.com/2/2.86.0/619621/AbEq6EsHEPJOBfH7/ Frame C176 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.86.0/619621/AbEq6EsHEPJOBfH7/postback?ap=&ti=7519516833810243741&c1=4562312&ci=619621&ai=216536&dt=6196211556140246740000&sr=13&si=5626891&dm=300x600&ac=651871&cr=6622396&di=https%3A%2F%2Ffriends.in.ua%2F&ui=4c10f98c-0000-0000-0000-000000000000&pp=10264&r1=82.199.130.0&r2=&pd=avt&pv=dd4fffe3-fb15-4c80-abc8-8a004c0b636b&de=43003&r3=&sid=AbEq6EsHEPJOBfH7&oz_sc=bcd85f1d2af917c22593c7bf&oz_df=1670900670763&oz_l=562&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.86.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 13 Dec 2022 03:04:29 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
test.takedwn.ws
URL
https://test.takedwn.ws/ping
Domain
mc.yandex.ua
URL
https://mc.yandex.ua/sync_cookie_image_check
Domain
mc.yandex.ua
URL
https://mc.yandex.ua/sync_cookie_image_check_secondary

Verdicts & Comments Add Verdict or Comment

199 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| oncontentvisibilityautostatechange function| gtag object| dataLayer object| head object| s object| c_cache object| dle_poll_voted function| reload function| dle_change_sort function| doPoll function| IPMenu function| ajax_save_for_edit function| ajax_prep_for_edit function| ajax_comm_edit function| ajax_cancel_comm_edit function| ajax_save_comm_edit function| DeleteComments function| MarkSpam function| doFavorites function| CheckLogin function| doCalendar function| doRate function| doCommentsRate function| ajax_cancel_reply function| ajax_fast_reply function| dle_reply function| doAddComments function| isHistoryApiAvailable function| CommentsPage function| dle_copy_quote function| dle_fastreply function| dle_ins function| ShowOrHide function| ckeck_uncheck_all function| confirmDelete function| setNewField function| dle_news_delete function| MenuNewsBuild function| sendNotice function| AddComplaint function| DLEalert function| DLEconfirm function| DLEprompt string| dle_user_profile string| dle_user_profile_link function| ShowPopupProfile function| ShowProfile function| FastSearch function| dle_do_search function| ShowLoading function| HideLoading function| ShowAllVotes function| fast_vote function| AddIgnorePM function| DelIgnorePM function| subscribe function| media_upload function| dropdownmenu function| hidemenu function| delayhidemenu function| clearhidemenu function| $ function| jQuery object| html5 object| Modernizr function| yepnope boolean| canRunAds function| doRateLD boolean| logopened undefined| auth_window function| set_video number| need_warning string| video_selector function| show_warning_js function| append string| GoogleAnalyticsObject function| ga function| show_warning function| getCookie boolean| autoplay function| minimize function| try_vip boolean| need_play object| jQuery11100592244690272882 object| fv_word string| dle_root string| dle_admin string| dle_login_hash number| dle_group string| dle_skin string| dle_wysiwyg string| quick_wysiwyg object| dle_act_lang string| menu_short string| menu_full string| menu_profile string| menu_send string| menu_uedit string| dle_info string| dle_confirm string| dle_prompt string| dle_req_field string| dle_del_agree string| dle_spam_agree string| dle_complaint string| dle_big_text string| dle_orfo_title string| dle_p_send string| dle_p_send_ok string| dle_save_ok string| dle_reply_title string| dle_tree_comm string| dle_del_news string| dle_sub_agree boolean| allow_dle_delete_news boolean| dle_search_delay string| dle_search_value object| google_tag_manager object| google_tag_data object| Shares number| __actualize.js object| AMSP function| Fingerprint2 object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| FB object| gaplugins object| gaGlobal object| gaData string| google_user_agent_client_hint object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| openTab function| vbm object| VAST_LIST object| h number| pushy_loaded function| sw_text string| ajax_root object| header number| headerPos number| headerHeight number| stickyHide function| AdVast function| AdHumanitarianFive function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| __buffer object| adpnExecutions object| aliveChecks boolean| adpnLoaded function| X2JS function| VbmVideo object| viboomGa function| 31aeb6078a58f6d2 function| MXoverrollClose object| _6238012052 object| Ya object| viboomYM function| aidataSendEvent function| aidataRefreshEventListeners object| GoogleGcLKhOms object| google_image_requests object| criteo_syncframe_state

47 Cookies

Domain/Path Name / Value
friends.in.ua/ Name: PHPSESSID
Value: h1qfe49um0ok8hvp3b9m1shtc1
franecki.net/ Name: CM_redirector
Value: 248ee93da
.friends.in.ua/ Name: _ga
Value: GA1.3.845992931.1670900663
.friends.in.ua/ Name: _gid
Value: GA1.3.224874732.1670900663
.friends.in.ua/ Name: _gat
Value: 1
.friends.in.ua/ Name: _gat_gtag_UA_60815340_5
Value: 1
friends.in.ua/ Name: hideModal
Value: true
franecki.net/ Name: ADWUID
Value: 42a0872bef3364e3484ecd91a6996b1e
.franecki.net/ Name: ADWUID
Value: 42a0872bef3364e3484ecd91a6996b1e
franecki.net/ Name: CPOOL
Value: 3
franecki.net/ Name: BNR_109268
Value: 1670987063%7C1%7C1670900663
.friends.in.ua/ Name: __gpi
Value: UID=00000b919f63cad4:T=1670900663:RT=1670900663:S=ALNI_MaV7kNdmlrGlqNcH7z4t3MwWWWE4A
.aidata.io/ Name: __upin
Value: dbLQMgBOPT9o3yyhTHDDVQ
.aidata.io/ Name: __upints
Value: 1670900663
.friends.in.ua/ Name: _gat_gtag_UA_57015589_1
Value: 1
x01.aidata.io/ Name: livin
Value: 1
.friends.in.ua/ Name: _ym_uid
Value: 1670900664880591006
.friends.in.ua/ Name: _ym_d
Value: 1670900664
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2938331592fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 90744101fake
.friends.in.ua/ Name: _ym_isad
Value: 2
.doubleclick.net/ Name: IDE
Value: AHWqTUl4zz_jYhd2SE-iDAQKp3pgdnZJhydtHHl8-etmm2iTRzxQ0JjT6WDBENS012I
.friends.in.ua/ Name: __gads
Value: ID=6572f49291d0d674-22d5403bfad900e2:T=1670900663:S=ALNI_MZ4Zth3LLePi367Lm8d5ZMj0yc1lw
.adnxs.com/ Name: icu
Value: ChgIx6J5EAoYASABKAEwuNffnAY4AUABSAEQuNffnAYYAA..
mc.yandex.com/ Name: yabs-sid
Value: 2461230751670900664
.yandex.com/ Name: i
Value: A1Zm5qptBFDq+eiBkm32o2qTusMORlGncQGMtt5Fa/hvoC5z6bXTCGM4li5jDRpo0HtsBJ8lwFEk4Yf78JgnOEIHfE8=
.yandex.com/ Name: yandexuid
Value: 501100151670900664
.yandex.com/ Name: yuidss
Value: 501100151670900664
.yandex.com/ Name: ymex
Value: 1702436664.yc.1670900664#1702436664.yrts.1670900664#1702436664.yrtsi.1670900664
.adnxs.com/ Name: uuid2
Value: 5799667654578100598
.mathtag.com/ Name: uuid
Value: 439b6397-ebb9-4c00-8280-d455d352f25f
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 1267b398fca05183
.awin1.com/ Name: awpv11524
Value: 296283|1670900665|d9a50d40-7a92-11ed-adce-2234a4c513ba
.awin1.com/ Name: awpv11601
Value: 113440|1670900665|d9a58270-7a92-11ed-adce-2234a4c513ba
.awin1.com/ Name: AWSESS
Value: 357526:3266505
trf.greatviews.de/ Name: ads_pu
Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bs%3A1%3A%221%22%3Bs%3A6%3A%22expire%22%3Bi%3A1671505465%3B%7D
trf.greatviews.de/ Name: ads_ps
Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bs%3A1%3A%221%22%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
trf.greatviews.de/ Name: ads_si
Value: a%3A3%3A%7Bs%3A2%3A%22si%22%3Bs%3A36%3A%22d9c4e5de-7a92-11ed-a9e4-00155def0803%22%3Bs%3A3%3A%22sit%22%3Bs%3A10%3A%221670987065%22%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
trf.greatviews.de/ Name: cjcookie
Value: a%3A2%3A%7Bs%3A2%3A%22id%22%3Bs%3A38%3A%22cjd9c50172-7a92-11ed-a9e4-00155def0803%22%3Bs%3A6%3A%22expire%22%3Bi%3A1733972665%3B%7D
trf.greatviews.de/ Name: mcookie
Value: a%3A3%3A%7Bs%3A4%3A%22m316%22%3Bs%3A36%3A%22d9c4e570-7a92-11ed-a9e4-00155def0803%22%3Bs%3A11%3A%22click_12771%22%3Bs%3A57%3A%221670900665%25%255712300%25%25d9c4e4d0-7a92-11ed-a9e4-00155def0803%22%3Bs%3A6%3A%22expire%22%3Bi%3A1686452665%3B%7D
pb.media01.eu/ Name: ASP.NET_SessionId
Value: gutuotfjx3gepgqoii3jrkac
pb.media01.eu/ Name: DTU
Value: 6BB59C7DC85E2217E0E726CB60591681
.www.parship.de/ Name: __cf_bm
Value: GioeXJPKsWcoO4eJqw4YniriDkbB.5_1i1RdzwhPAT0-1670900665-0-AVkMHO2nqnc/2sa9Sco6wDqxWRr+AA4dxpjHas9WhU22VDcswE39bQ+jpNAVgscnJoeiiGjT8+8VJ4VSQywDJRw=
.parship.de/ Name: NVI_LC2
Value: 01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e4d0-7a92-11ed-a9e4-00155def0803ID_TS%3A1670900666
.parship.de/ Name: NVI_FC
Value: 01_100_60078_1469_0001_0001_empty_AF00ID_GV1670900665.5712300.d9c4e4d0-7a92-11ed-a9e4-00155def0803ID_TS%3A1670900666
.criteo.com/ Name: uid
Value: 682d753c-80d7-4a1b-87b2-dcd26de9eb9d
.friends.in.ua/ Name: cto_bundle
Value: Dk04o185Y0tOZHg3a3FKU0R5T0ppTlJ1dzlCY2N4akJsNlNUZXBrcFlCa1U4MWRsNm9xdUI1OXZxJTJGJTJCOEt4TEdJMHFXSnVCUUl3Wm9OVWx4R25lNnoxcWElMkI0UjFhdVJqOWUlMkZDSGVVVlJsYjhCVnE1N0JwSGNhbXZ6NG9ON1NLeVhjR3VxbnRqT3M2T1pLRjF5V2ElMkJabHV5RFl3JTNEJTNE

5 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.ua/sync_cookie_image_check
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9850.Gp2DzH6myaY90aVyKKHMDSdUrkdo_eq8GK0-8jnFFzpiqpAmkKzv8GtAVI2aUh53HXopV_jMf63Z_b3Ygyk3OwDGeFZSBgaBaDloQ5lPiwY%2C.l0HFwvlD1UrIOXVkdr4BkAZTSwA%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://mc.yandex.ua/sync_cookie_image_check_secondary
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
worker error URL: blob:https://sholke.com/c72c7803-0d45-4093-a063-61684222e8d0
Message:
Mixed Content: The page at 'blob:https://sholke.com/c72c7803-0d45-4093-a063-61684222e8d0' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://sholke.com/c72c7803-0d45-4093-a063-61684222e8d0
Message:
Mixed Content: The page at 'blob:https://sholke.com/c72c7803-0d45-4093-a063-61684222e8d0' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ac3bcb6729b00b4ccdfb92d35dc43719.safeframe.googlesyndication.com
acdn.adnxs.com
ad-server.eu
adservice.google.com
adservice.google.de
ajax.googleapis.com
ams3-ib.adnxs.com
apps.sascdn.com
aurabom.ru
bidder.criteo.com
cdn.adnxs.com
ced-ns.sascdn.com
connect.facebook.net
counter.yadro.ru
eum.instana.io
eus.rubiconproject.com
euw1.smartadserver.com
fonts.googleapis.com
fonts.gstatic.com
franecki.net
friends.in.ua
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900026.redintelligence.net
hal90006.redintelligence.net
hal90009.redintelligence.net
hb.adpone.com
ib.adnxs.com
kodir2.github.io
mc.yandex.com
mc.yandex.ru
mc.yandex.ua
medialead.de
mug.criteo.com
mxtads.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pixel-eu.rubiconproject.com
pixel.mathtag.com
prebid-eu.creativecdn.com
prg.smartadserver.com
pv.medialead.de
s.update.mediamathtag.com
s1.adform.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
shb.richaudience.com
sholke.com
static.criteo.net
stats.myangular.life
sync.richaudience.com
tags.mathtag.com
test.takedwn.ws
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
trf.greatviews.de
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.megastock.ru
www.parship.de
www8.smartadserver.com
x01.aidata.io
mc.yandex.ua
test.takedwn.ws
104.109.78.125
138.201.220.30
138.201.63.149
138.201.63.164
138.201.84.244
144.76.109.99
145.239.193.130
157.90.0.13
168.119.149.178
178.250.0.157
184.24.9.113
184.30.20.207
185.184.8.90
185.29.134.249
185.86.138.124
185.89.210.141
185.89.211.84
213.196.39.165
23.67.134.223
2606:4700:20::ac43:49e4
2606:4700::6810:cc16
2606:4700::6813:b979
2606:50c0:8001::153
2a00:1450:4001:800::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::200a
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2001
2a02:2638:1::1a
2a02:2638::1c
2a02:2638::3
2a02:26f0:3400::5f64:9e19
2a02:26f0:480:10::213:7e97
2a02:6b8::1:119
2a03:2880:f02d:12:face:b00c:0:3
34.243.93.43
37.157.5.142
37.157.5.73
54.76.176.197
65.9.86.82
69.173.144.138
69.173.144.165
81.17.55.160
85.239.105.10
88.198.250.30
88.212.202.52
88.221.168.189
89.108.119.43
89.149.192.65
89.149.200.234
91.227.52.186
91.228.155.126
91.240.20.7
94.23.99.218
0059262ac920a0176174d3aebbe7e62a9d309dd5d2812541f29c9636ce17eef7
005bf1b8ccbd08270fe0793012dc84464a26fd5122400c790ba72e35a0573c42
00ac6ba4c7cd386ce2f692f45e7718b866bb00af4a14be2efab8e49a90b3df01
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01f460e02afed4fa122618a31212b246ecb7004961851dce17a42500dc4e0442
02a58acbc441082afffc279ae739aa8359c1e3b39ec18621647611b1e93809a4
0312e1f30bf4a79a90bead6d2cd681c2049e8a51d9e4a55249f21b2300da09c5
03344258fc32b471b8abb0400e3ba074e2b9a374f3ca98c5b9d48d9f1b2a37e5
0359b74bdc8a9ce5cf1f38a364b781b7169fe7892d7247cb4dbb2acc3cb07463
041765d8e3609a52c0e201db0f61d4b94ce47fa715cf1cb9cbedf4e4d87eac87
044d04a11d05e6208ce67b4e43880fa4e63dccf08256db539fd3f120cb711f1b
0462c90aa69c24ecb90cfb59024b71fb99c89c911432d5ad21c7cbf18ef7ea6e
046cbfa5a2f211d1b0d39749ec436ffb30424d3aa9ccab4a3f8aaa6e033fecc3
0914444836fae2f430d7c42f27b07a536508197a35aa9e4c8294bc5f7978d08b
0b4ad4c7e9f95aa3f37f4f71e91eb0def0f2d8f5d9936eb8739718c151268fbb
0bb75f6e07ec4d6d4e3ae2039822690b7d71e52c0208b63e5f34529d975db744
0c24d5868a3003ccf924ab3d528967219e03d6c93d46da648dc7e15b7d0b005d
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0f8e985d5a1ae9dc83e399713db9778b284256e4b88f0ac10e9ee55727fa86eb
164331299d8714c825f8579119570c0281762fd67567e32cfa7e95cfa0516a22
17456f8db64aa1850fded220ab227c27b308fa5197c09e35cdf108b91a688bcd
196f6aaf899900b6f188851c715fe7c4973af8fde8da73b1aaaf2c223fd3b144
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19a504af35c5c86859ecc31d7c9851dfc96dfe7828484998fdfd544d45fe6add
19bcad5c32c05a87eeecac5ae6a3398dc2b3d2a0409a32f32c4824b4a0ca9459
1a1fab3243cc3f837b3e77a415c4745f0c73373d42990637e607961d24abbd39
1acf63a647bcc2f7373a93a4b4d38bfb99bf27a13ddd3bff55c54b103be71077
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cdfec4471965cdc07a0a4fff3c5d65c624d201dd2d30772d1fa40adff2d9e4e
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1e7e6b59a5b05255178c9b9acfc303fe2c35a16534e61076c8bfe37a16ec8e51
1ed4d7d7a00440eaffdc5a033bc322f061d0775e87cda78901d6241649bb9058
1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d
1f87332e03f112c9dc74bc545bf9a71279a74a1aa982943e9172b008722721c5
2370614d9a7dd5896a8e51af64e891a11971ed48ceedeac99af204e3f77c99e1
29723249de5793762341c1df36b397b6353c43f239c399d04d441df0e0cfca5d
29e481af69eb714fb2745f0722c3d5ac2b27afd98eceef57fa58fa623f9700c7
29ec7a8cb3094008113317cb4b2da233fde8382e37c22b7c6990dfff4fa1785c
2a93931769b36603f167e96c38acf631944cbfba6aaf05de5791b851e6cf0292
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f896ed6900e7c4629741e3bde02b3b4845133ad762daa00e9b9ca5886d3d991
3049db46fa07d4ee444c862e4efad3775e181f8691ebca3a2942a9c6b4cc2606
371bd1007ecc50fdb3474537fd2a65516483e547bd0a552e0c51770c5c4e5952
39980b315eb62a1631c5f4016ab4b3e6cf632996def0434b91cec6077ec9bb64
3b89cc600f445b2c0d5c4b6f0704b28258f82c2d7927eaff9420459a18201c15
3c048340fc859bbe32ab61389aa748cd687eb9177424311f28d3c819542157e7
3d2985e23dad970ecde6f0fd0990898d71bb366e57c8e00c7a61e786b8d1af98
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1
3efab841da903d70479c8bdf811f5b0c78b6495ae24cf3865269cbd9ca8bc747
3f97196abc05431efe376e2576d7fe7acd76cce8644b62a0c38bb5ab8dd714d7
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812
425d14466d34dbb0acaa9cac644d5508c96124e36c0f233b365dff87a6e37874
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46967c5357950663d5b99cea4a1646982f8cc90467f8d2fcd5d7c5e38d0f96dd
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b
480e671f35917348ea232ffe01e2d759469f630f3b4045689e60d2edf69b63e0
486cf8923081a57175e52763b3ecaf24fa6c3c2338770f3ae07064e5161865d9
48cf70c51fb57810672f04d514ec363a69f0993b6dfd933ff7f2e9904dc17652
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4cf8b51ee99974fc1dcbb68bf4cf750c294a98ff687ca27a391151974145f4cb
4f8c566f2cc5e60ddec29774fddf017646b0d814eb25c6132d89c5c7cebd4cc3
5301276dbca72c00ff6748a3afa4878181bc89eb738ff88720663d53fc59fbf4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57747d0c58d8a960164c63f821b3132b813318f97d34fe74ed61ff679158ede4
578772ec6fa8a6583f97b0c4a7592279c79a9217a588000b6cd82d05ec71931b
5c3ef0d487495cdc55f766d8fc6fa80411aca75d28b30c0b9884b139e698f604
5ce0bbe89a521f471b2e1dcac3dfde2fa5532200acc9d5d3c8a450f363a2c54e
5db1fee4b5703808c48078a76768b155b421b210c0761cd6a5d223f4d99f1eaa
5f1a3a89f85d7d8fea248137111c5030e521d9efa3da80f95eaa2bf8ac3b6836
604ea1abc70968e6cc3ab0027cca1c5417c408b8f75451a28a6789a7b937e38c
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6323ce3a3abae9510023e49dfb4da1ee396013f50579b80a57a14503c0605410
6afadb5481488be9241475816177e2be5d53201c93b9e25378b44cea94202839
6b5f93fcba0cae2cf7d63478302e219b922d252bca9925061e733d5494da52ac
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c298c7796b872b6caa387178a0089923ed809b663bc5584601ec7c2182eb2bc
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
70be16b9dc61f64b3bdd8f879f8dcaaa114c52d8d22229f34605d75477555105
71cf32b72e7ba3d86950ab7ba544e2744b53d885b3230272a9c70e732ef3f9ad
751bf52105d41100531cfd0879ade4c5af4ad8062af7a4e98c2de400379b7240
752a46e373416e8e116514a5f6f2ddda6a20281376e27352095f6bb4137109bf
77b923d6fd76d50e9728f2786c10de9ab04d7853b863244de8f4f9ab612f8bd3
7a4bf613acd76295b7bab6c3e7509c6ab855b23c1b9ab1d4702be8a3414279f2
7b390a32282d4f92aedbeb2f0b3a07c7966b7227c8355de699fa905130634c8c
8078f97416dbfbb2b24d6a2ae82d6130ace453db0199a80746dfac32ac1040b8
80811c546d2d0740dd3c67e2e4c5ea2364ae23fe5f532ea63e0ff1079e8b4611
825190bc39f5380a2a05980aa17f0503dceaa0704081a20b97f43afb180ca5ed
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833bf0ec37d8a8c48ee876d0eb3d4c140fa7436d272d693097f005606f288e66
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
855cf138941573cf3dd1daf6ea12a15122e115c9145d809c8e3556f73668e254
892cb57a1eeb3e07a75462120d3b8429f2cf28d1f57aba1d7933395a9043bb7b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b297024f28bf7c02f796c5c55280dd53fd0047fa2e52c9d8c315c6128edb295
8bde2d6aaec90facc549711226805692394d1f414de6fba2807eb9ccc2a6727b
8d3e0a03224a6b4337ccb2119188643951d7fb506bba41a9e32188b16be8c922
8d4b9d561703235b44c824408370d4405e2c2c7ba7da310af7f40fc094da283e
8d7dcb7a9fcb5dea21038e276eb51a0f16ecd007a197d37f77a0a07279c1e7db
8fbef915c39b670da441a27a7ac28cfbd480a921ee6ec1ec0d325aec3d074914
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
94d7aa346974c2fb89458181777b05db520c81fefd53220dd124f064b08e6866
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
98824bc49e191983468e97a22e6c0b8961d0374e59c6df90414869d50cd850f6
9a210f208afe7d94673898071f42e05c6040ae0d98aff80c0dd2770a18da62d7
9a49365a0972e0978e6bb697a7f2f6916fcc47c6482b994b69e16122589964f8
9a820f57649f53d9e2479e5a18eeb57c5f23ddae1c343b50a3c17f3741df3a50
9ad687807321452b0610d488442ff3d2985aea4d8ea47c042bc1fee01d5c6fe0
9c307d5531d3e8bbcab4de8a7b943fb9ca9c5e173fde4556428af7ac85919a37
9d1d450caa10e5ed0a8cd9f44747e04fb4ad699da68f39abc15ba57ec2d8aeba
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9f98178c172ee2c1b0a3f4c38d2b1e2bd51ea772fcdaf16c23bf5556183fd030
a0184fae46bbb8cf85853992e0511bfbc9287e982165f7b43db574a956990b48
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a4401df717440e483f675fd4753e7be229d7a6a13366f2084f90654275965541
a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7
a472ce20c2c4ab1907fedde9d44b4f0d09e295d22603d26bc392233ba4a4448a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a57acc7776143c4260462075f7ee06df650c3ea5969900f63f1246b0fb76cff4
a5f1639083a2141204337b90f6465349a71631b133251c3eae888c9ca63da1b8
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27
ab8b6924619317a40378b8e6300d982eed7212151048bc43bd2f3706ca428621
ae667f9c3a748739ea15139d817849bca484b29d00bdbdb3c5c6c318a87951b2
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1563d03e3be2260354796af9aaf4526a96a6ac554badbd372183a4214308ce5
b27dac1362a907e10e84987c6e2ba5f5fbb716f095bd646f85de1d1927750b3c
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b29e26594da77563de1b026a6824ba5f575047c6cb2aa08084e0950c8ac30bdd
b2d284602d2d27bad157f100cbf68798f37236b4597cfcded6c62f2e54e6240e
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
b9132ab54c6e1bc9d6c1fd6b66b93c77894cda13b87cc8fdb3fabb1d4222ee0e
ba6ad3d5f2e4f812f189159634422ef4595e1efecc67ac79f5bd484fba3e3a46
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bf96081284956723e8c96dc1cb4f3cd6a0beb99f0eec0d75d5a6695110dd5222
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1e8e95c687117f453eb214b1e072e0d5e8d78aa6489c7ace60617a603da4597
c20efd9f643246d2a0bccd53a83b1dc0a575a0cf40a4db4145650b9d743861b7
c24bbcb3112da75415103f764163f3d510440abe4f3916e601ae6c1fa894eb4f
c2899b0932bdf27ca8d24ffefabe2892045f7dd8bcb3d45ba2c81f683578f308
c303ec3d579d216cb0f4d3f4752cba0479af240eded51d94e487022e1f055447
c325dbae60172806a015082cd51d4b1479b2c735e39e8b480aeeda0a73725e57
c424e173beea5acb5e7c66ee66f9af4fff6aa67a45ca8dcbaae2e28d183e7023
c5a61134a6532a5623e5055442e4b88e247c0a5c8b0f8c1a9c6e2bfba6bf422c
c6002842e5f7cd5d7898ccd55452049240e2014e283191fb63770bfe3ec49973
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca706f7070b55f04ad7e61bcd28ddf780ca341464cd42a329400101f0b01e423
ccc060ff9befb6e531d0c1eb0131436c3aca774c1e166f38460d5da86116a902
cd0038772a98bda5ec58eba7ca6dc699314b866e14a3a5f45921847d033873f1
ce6f1e3f93949f85786777cc53e2a369dec66c29bd9dbb932422b6dbb28d983a
cee490fdb12f5a7b47e3c3cb6c07082dbb80d36bac565762799456fde264424d
d4694f07d3862d90d94ac9c1767e742e904ec10e96c078995e30b5a9a1ef29f4
d811ae19b628a3b6de9262854c488d508c5c4c8d1dd265fdbaad5e21376c22e0
d83c8c684c71b22436e90b2de30f4346a6691d1a40e93a19285864ee5725108a
d8ff91b81a252d2a146615b8ba9416ea060484d00ea0df0951a939fb5d75148e
d9f7eb7abd8c938bdd86975d382911f93580a1a4622b2b816fb920f93e9a66ee
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de3f52a617f73e40d6a3b5722e7aa293fc8581464420f43d8d480eb087af893d
dea63e3333bf44542079e3bdc3662f9c960962bd6fc4baa422eb909e06b5c83c
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e1b901586d2dba4cbb94e0ebd2edc28366164be66b6c5c6ca365f2b1cbc6d309
e25b1807f6285a992305a2a993e7894c56c8864b20d7627f8956c454a8a84824
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7520fdc3fd23bbf8da0c32bf828269b342719970f70ba1ea2e909eb66ef8eef
e7753bef19914cd36a470ceb59a967d99f19155b34505f8c50f0720d760dfdbd
e93868d34d0a8d95f35f65b43b11ec1886536a0372c737d2232c94c90c9d934d
e9d04b52142cb63af955d167a62bc412e280b01a17648994aa4b838e0c979c52
ec7c7704dff96cefde09d463320858879f5d02567828c3e3c1480527cd23f012
ed4a6bfc2ee3e531be78b7330cbdbf23b564fa5144975bca472d60c3b03212b3
ed86779a00ea50ddd9ed1ab2876497cdc202ea58109dae5a363751410e2057e2
f005491925c778be395deb999d578725b8aea1560f0707b5227e3de06f32d0b4
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f0890052c64e6ebeb30ce1522f4b4255ec1e28acd020f57ed371134d4cf06801
f1f61b10a0645c5356fceeefc138dff4a4625d75d9cea1b09cad48b86dc37b32
f4d6fa15792bf2316634e30547b58982f70779af811f4f4612d78d4af4525a3d
f5cecd59e22ff2b722cedfe2f33d92d2504a97cdf33d4f24b8dbc735eb575558
f60dae7119e9a426e1d780c4975d6bcc5a86ee60638a8bd0588324ed29905438
f800e06dd0a06d26695ce311bdd13904916ae3e280481842cb5ffec4ddccc9a5
f83aba329a813f09369e5835393cf80f17235983b5933dcd51b8a8f3d95aac73
fd4bef1d430ec2e04e05f70e38251bfa98c5463186ca26d38ad960821e4a6291