get.aidrestore.com Open in urlscan Pro
2a02:4780:9:1024:0:1d4a:9c7f:4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://get.aidrestore.com/
Effective URL:
https://get.aidrestore.com/w1/index.html
Submission: On October 14 via automatic, source certstream-suspicious (October 14th 2023, 3:02:39 am UTC) — Scanned from DE

Summary HTTP 401 Redirects Links 135 Behaviour Indicators

Summary

This website contacted 69 IPs in 10 countries across 42 domains to perform 401 HTTP transactions. The main IP is 2a02:4780:9:1024:0:1d4a:9c7f:4, located in Vilnius, Lithuania and belongs to AS-HOSTINGER, CY. The main domain is get.aidrestore.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on October 14th 2023. Valid for: 3 months.

This is the only time get.aidrestore.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 34	2a02:4780:9:1... 2a02:4780:9:1024:0:1d4a:9c7f:4	47583 (AS-HOSTINGER) (AS-HOSTINGER)
3	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
48	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	116.203.212.0 116.203.212.0	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:20:... 2606:4700:20::ac43:4468	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	54.37.238.28 54.37.238.28	16276 (OVH) (OVH)
7	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
8	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:c276	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.59.30.96 146.59.30.96	16276 (OVH) (OVH)
2	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
4	2606:4700::68... 2606:4700::6813:9722	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
2	2.16.62.75 2.16.62.75	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.16.238.9 2.16.238.9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
7	2a0c:5c87:523... 2a0c:5c87:5239::2	55081 (24SHELLS) (24SHELLS)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:21:... 2606:4700:21::681b:c358	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.4.128 99.86.4.128	16509 (AMAZON-02) (AMAZON-02)
2	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
13	184.24.77.6 184.24.77.6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.16.238.148 2.16.238.148	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	184.24.77.28 184.24.77.28	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2.21.20.216 2.21.20.216	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.20.186.144 23.20.186.144	14618 (AMAZON-AES) (AMAZON-AES)
1	157.245.23.44 157.245.23.44	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
127 212	185.83.71.234 185.83.71.234	55081 (24SHELLS) (24SHELLS)
1	216.52.2.86 216.52.2.86	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
3	67.220.182.50 67.220.182.50	55081 (24SHELLS) (24SHELLS)
2	146.75.118.113 146.75.118.113	54113 (FASTLY) (FASTLY)
8	2.17.22.24 2.17.22.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	88.221.110.123 88.221.110.123	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a0c:5c87:523... 2a0c:5c87:5236:0:a236:9fff:fe1b:b5cc	55081 (24SHELLS) (24SHELLS)
3	2.21.20.206 2.21.20.206	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:401... 2a00:1450:4019:800::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
168 168	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
42	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2	2.16.1.35 2.16.1.35	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.36.162.219 23.36.162.219	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6813:9822	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9281	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1 2	52.31.110.112 52.31.110.112	16509 (AMAZON-02) (AMAZON-02)
1	2a0c:5c87:520... 2a0c:5c87:5205::2	55081 (24SHELLS) (24SHELLS)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2.16.100.171 2.16.100.171	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	95.67.21.154 95.67.21.154	34867 (COSMONOVA...) (COSMONOVA-AS Cosmonova LLC)
19	95.67.21.157 95.67.21.157	34867 (COSMONOVA...) (COSMONOVA-AS Cosmonova LLC)
2	23.36.162.200 23.36.162.200	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	95.67.6.36 95.67.6.36	34867 (COSMONOVA...) (COSMONOVA-AS Cosmonova LLC)
1	95.67.116.178 95.67.116.178	34867 (COSMONOVA...) (COSMONOVA-AS Cosmonova LLC)
10	95.67.116.179 95.67.116.179	34867 (COSMONOVA...) (COSMONOVA-AS Cosmonova LLC)
2	88.221.110.74 88.221.110.74	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
401	69

34 2a02:4780:9:1024:0:1d4a:9c7f:4 (Vilnius, Lithuania) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

get.aidrestore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.203.212.0 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.0.212.203.116.clients.your-server.de

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4468 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.fakty.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.37.238.28 (Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.bidmatic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c276 (United States)

ASN13335 (CLOUDFLARENET, US)

api-esp-eu.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

files.bidmatic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9722 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
autocounter.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.62.75 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-62-75.deploy.static.akamaitechnologies.com

lf16-tiktok-web.ttwstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cdnstat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.238.9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-9.deploy.static.akamaitechnologies.com

www.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a0c:5c87:5239::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

55a57e9b44b0c73b88dfae876d3445f5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:21::681b:c358 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.plyr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 184.24.77.6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-24-77-6.deploy.static.akamaitechnologies.com

sf16-website-login.neutral.ttwstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.238.148 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-148.deploy.static.akamaitechnologies.com

sf16-secsdk.ttwstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.24.77.28 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-24-77-28.deploy.static.akamaitechnologies.com

p16-sign-va.tiktokcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p16-sign-useast2a.tiktokcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.20.216 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-216.deploy.static.akamaitechnologies.com

sf16-short-va.bytedapm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.20.186.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-186-144.compute-1.amazonaws.com

cookies.nextmillmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.245.23.44 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

bid.adsinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

212 185.83.71.234 (Cricklewood, United Kingdom) 127 redirects

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.86 (New York, United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.182.50 (Piscataway, United States)

ASN55081 (24SHELLS, US)

aux-log.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.118.113 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

v19-web-newkey.tiktokcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.17.22.24 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-22-24.deploy.static.akamaitechnologies.com

mcs-va-useast2a.tiktokv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 88.221.110.123 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a88-221-110-123.deploy.static.akamaitechnologies.com

mon-va.byteoversea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a0c:5c87:5236:0:a236:9fff:fe1b:b5cc (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.21.20.206 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-206.deploy.static.akamaitechnologies.com

lf16-tiktok-common.ibytedtos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4019:800::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

168 185.89.211.12 (Frankfurt am Main, Germany) 168 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.1.35 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-1-35.deploy.static.akamaitechnologies.com

vmweb-va.byteoversea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.162.219 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-219.deploy.static.akamaitechnologies.com

mssdk-va.byteoversea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9822 (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9281 (United States)

ASN13335 (CLOUDFLARENET, US)

cl.imghosts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f6.1e100.net

6517501.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.110.112 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-110-112.eu-west-1.compute.amazonaws.com

segment.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c87:5205::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)

d.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.100.171 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-100-171.deploy.static.akamaitechnologies.com

v16-web-newkey.tiktokcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.67.21.154 (Kyiv, Ukraine) 1 redirects

ASN34867 (COSMONOVA-AS Cosmonova LLC, UA)
PTR: news-one-hls1.cosmonova.net.ua

live-ictv.mw-01.cosmonova-broadcast.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 95.67.21.157 (Kyiv, Ukraine)

ASN34867 (COSMONOVA-AS Cosmonova LLC, UA)
PTR: news-one-hls4.cosmonova.net.ua

live-ictv-02.mw-01.cosmonova-broadcast.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.162.200 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-200.deploy.static.akamaitechnologies.com

mssdk-va.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.67.6.36 (Kyiv, Ukraine)

ASN34867 (COSMONOVA-AS Cosmonova LLC, UA)

analytics.cosmonova.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.67.116.178 (Irpin, Ukraine)

ASN34867 (COSMONOVA-AS Cosmonova LLC, UA)
PTR: shpromoushn1.cosmonova.net.ua

live-ictv.cdn-01.cosmonova.net.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 95.67.116.179 (Irpin, Ukraine)

ASN34867 (COSMONOVA-AS Cosmonova LLC, UA)
PTR: shpromoushn2.cosmonova.net.ua

live-ictv.cdn-03.cosmonova.net.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.110.74 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a88-221-110-74.deploy.static.akamaitechnologies.com

mon.tiktokv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
232	adtelligent.com 127 redirects player.adtelligent.com — Cisco Umbrella Rank: 7392 ghb.adtelligent.com — Cisco Umbrella Rank: 5991 sync.adtelligent.com — Cisco Umbrella Rank: 3512 aux-log.adtelligent.com — Cisco Umbrella Rank: 906110 s.adtelligent.com — Cisco Umbrella Rank: 6398 d.adtelligent.com — Cisco Umbrella Rank: 498935	279 KB
168	adnxs.com 168 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	111 KB
54	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 6517501.fls.doubleclick.net	184 KB
42	openx.net rtb.openx.net — Cisco Umbrella Rank: 912	3 KB
34	aidrestore.com 1 redirects get.aidrestore.com	853 KB
20	cosmonova-broadcast.tv 1 redirects live-ictv.mw-01.cosmonova-broadcast.tv live-ictv-02.mw-01.cosmonova-broadcast.tv	746 KB
16	ttwstatic.com lf16-tiktok-web.ttwstatic.com — Cisco Umbrella Rank: 16857 sf16-website-login.neutral.ttwstatic.com — Cisco Umbrella Rank: 7542 sf16-secsdk.ttwstatic.com — Cisco Umbrella Rank: 47786	1019 KB
11	cosmonova.net.ua live-ictv.cdn-01.cosmonova.net.ua live-ictv.cdn-03.cosmonova.net.ua	3 MB
11	byteoversea.com mon-va.byteoversea.com — Cisco Umbrella Rank: 5043 vmweb-va.byteoversea.com — Cisco Umbrella Rank: 21512 mssdk-va.byteoversea.com — Cisco Umbrella Rank: 34336	8 KB
10	tiktokv.com mcs-va-useast2a.tiktokv.com — Cisco Umbrella Rank: 30872 mon.tiktokv.com — Cisco Umbrella Rank: 2364	3 KB
9	googlesyndication.com 55a57e9b44b0c73b88dfae876d3445f5.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	55 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	21 KB
7	idealmedia.io jsc.idealmedia.io — Cisco Umbrella Rank: 63837 c.idealmedia.io — Cisco Umbrella Rank: 56240 servicer.idealmedia.io — Cisco Umbrella Rank: 62467 s-img.idealmedia.io — Cisco Umbrella Rank: 58760 autocounter.idealmedia.io — Cisco Umbrella Rank: 71990	133 KB
6	tiktokcdn.com p16-sign-va.tiktokcdn.com — Cisco Umbrella Rank: 1045 v19-web-newkey.tiktokcdn.com — Cisco Umbrella Rank: 31972 p16-sign-useast2a.tiktokcdn.com — Cisco Umbrella Rank: 1276 v16-web-newkey.tiktokcdn.com — Cisco Umbrella Rank: 32720	812 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 334 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 657 aax.amazon-adsystem.com — Cisco Umbrella Rank: 426	68 KB
6	google.com 1 redirects ampcid.google.com — Cisco Umbrella Rank: 2926 www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2714 adservice.google.com — Cisco Umbrella Rank: 118	3 KB
6	bidmatic.io files.bidmatic.io — Cisco Umbrella Rank: 908023 player.bidmatic.io — Cisco Umbrella Rank: 79055	55 KB
5	gstatic.com fonts.gstatic.com csi.gstatic.com	31 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 81628 ls.hit.gemius.pl — Cisco Umbrella Rank: 14913	24 KB
4	tiktok.com www.tiktok.com — Cisco Umbrella Rank: 3990 mssdk-va.tiktok.com — Cisco Umbrella Rank: 19909	36 KB
3	ibytedtos.com lf16-tiktok-common.ibytedtos.com — Cisco Umbrella Rank: 8773	170 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49 imasdk.googleapis.com — Cisco Umbrella Rank: 498	358 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6147 ampcid.google.de — Cisco Umbrella Rank: 81257	931 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	259 KB
2	cosmonova.net analytics.cosmonova.net	21 KB
2	bidr.io 1 redirects segment.prod.bidr.io — Cisco Umbrella Rank: 6694	1 KB
2	bytedapm.com sf16-short-va.bytedapm.com — Cisco Umbrella Rank: 16400	27 KB
2	adtcdn.com player.adtcdn.com — Cisco Umbrella Rank: 54881	2 KB
1	imghosts.com cl.imghosts.com — Cisco Umbrella Rank: 10872	313 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 344	17 KB
1	trafmag.com t.trafmag.com — Cisco Umbrella Rank: 48534	349 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 754	277 B
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 11550	257 B
1	adsinteractive.com bid.adsinteractive.com — Cisco Umbrella Rank: 68366
1	nextmillmedia.com cookies.nextmillmedia.com — Cisco Umbrella Rank: 3040
1	plyr.io cdn.plyr.io — Cisco Umbrella Rank: 13141	2 KB
1	cdnstat.net cdnstat.net — Cisco Umbrella Rank: 293386	702 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 925	30 KB
1	piano.io api-esp-eu.piano.io — Cisco Umbrella Rank: 74728	14 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 153	2 KB
1	fakty.com.ua cdn.fakty.com.ua fakty.com.ua Failed	49 KB
1	onthe.io cdn.onthe.io — Cisco Umbrella Rank: 22217	26 KB
401	42

	Domain	Requested by
212	sync.adtelligent.com	127 redirects get.aidrestore.com
168	ib.adnxs.com	168 redirects
48	securepubads.g.doubleclick.net	get.aidrestore.com securepubads.g.doubleclick.net imasdk.googleapis.com
42	rtb.openx.net
34	get.aidrestore.com	1 redirects get.aidrestore.com code.jquery.com
19	live-ictv-02.mw-01.cosmonova-broadcast.tv	live-ictv-02.mw-01.cosmonova-broadcast.tv
13	sf16-website-login.neutral.ttwstatic.com	www.tiktok.com sf16-website-login.neutral.ttwstatic.com get.aidrestore.com sf16-secsdk.ttwstatic.com
10	live-ictv.cdn-03.cosmonova.net.ua	live-ictv-02.mw-01.cosmonova-broadcast.tv
8	mon-va.byteoversea.com	sf16-website-login.neutral.ttwstatic.com
8	mcs-va-useast2a.tiktokv.com	sf16-website-login.neutral.ttwstatic.com
8	www.google-analytics.com	get.aidrestore.com www.google-analytics.com
7	ghb.adtelligent.com	player.adtelligent.com
6	s.adtelligent.com	imasdk.googleapis.com
5	pagead2.googlesyndication.com	imasdk.googleapis.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	csi.gstatic.com	imasdk.googleapis.com
4	player.bidmatic.io	get.aidrestore.com player.bidmatic.io
4	gaua.hit.gemius.pl	1 redirects get.aidrestore.com
3	s-img.idealmedia.io
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	lf16-tiktok-common.ibytedtos.com	get.aidrestore.com
3	aux-log.adtelligent.com	player.bidmatic.io
3	c.amazon-adsystem.com	player.adtelligent.com c.amazon-adsystem.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	player.adtelligent.com	get.aidrestore.com player.adtelligent.com
3	www.googletagmanager.com	get.aidrestore.com www.google-analytics.com
2	mon.tiktokv.com	sf16-website-login.neutral.ttwstatic.com
2	analytics.cosmonova.net	live-ictv-02.mw-01.cosmonova-broadcast.tv analytics.cosmonova.net
2	mssdk-va.tiktok.com	sf16-website-login.neutral.ttwstatic.com
2	segment.prod.bidr.io	1 redirects
2	6517501.fls.doubleclick.net	1 redirects get.aidrestore.com
2	vmweb-va.byteoversea.com	sf16-website-login.neutral.ttwstatic.com
2	v19-web-newkey.tiktokcdn.com	www.tiktok.com
2	sf16-short-va.bytedapm.com	www.tiktok.com sf16-short-va.bytedapm.com
2	p16-sign-va.tiktokcdn.com	www.tiktok.com get.aidrestore.com
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	imasdk.googleapis.com	player.bidmatic.io imasdk.googleapis.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.tiktok.com	lf16-tiktok-web.ttwstatic.com sf16-website-login.neutral.ttwstatic.com
2	www.google.de	get.aidrestore.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	lf16-tiktok-web.ttwstatic.com	get.aidrestore.com
2	files.bidmatic.io	get.aidrestore.com
2	player.adtcdn.com	get.aidrestore.com
1	live-ictv.cdn-01.cosmonova.net.ua	live-ictv-02.mw-01.cosmonova-broadcast.tv
1	live-ictv.mw-01.cosmonova-broadcast.tv	1 redirects
1	v16-web-newkey.tiktokcdn.com
1	p16-sign-useast2a.tiktokcdn.com
1	adservice.google.com	6517501.fls.doubleclick.net
1	d.adtelligent.com
1	autocounter.idealmedia.io
1	cl.imghosts.com
1	servicer.idealmedia.io	jsc.idealmedia.io
1	mssdk-va.byteoversea.com	sf16-website-login.neutral.ttwstatic.com
1	c.idealmedia.io	get.aidrestore.com
1	region1.google-analytics.com	www.googletagmanager.com
1	s0.2mdn.net	imasdk.googleapis.com
1	t.trafmag.com	get.aidrestore.com
1	ap.lijit.com	get.aidrestore.com
1	a4p.adpartner.pro	1 redirects
1	bid.adsinteractive.com	get.aidrestore.com
1	cookies.nextmillmedia.com	get.aidrestore.com
1	fonts.gstatic.com	fonts.googleapis.com
1	sf16-secsdk.ttwstatic.com	www.tiktok.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	cdn.plyr.io	get.aidrestore.com
1	fonts.googleapis.com	client
1	55a57e9b44b0c73b88dfae876d3445f5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ampcid.google.de	www.google-analytics.com
1	cdnstat.net	get.aidrestore.com
1	googleads.g.doubleclick.net	1 redirects
1	ampcid.google.com	www.google-analytics.com
1	code.jquery.com	get.aidrestore.com
1	jsc.idealmedia.io	get.aidrestore.com
1	ls.hit.gemius.pl	get.aidrestore.com
1	api-esp-eu.piano.io	get.aidrestore.com
1	www.googleadservices.com	get.aidrestore.com
1	cdn.fakty.com.ua	get.aidrestore.com
1	cdn.onthe.io	get.aidrestore.com
0	fakty.com.ua Failed	get.aidrestore.com
401	79

This site contains links to these domains. Also see Links.

Domain
fakty.com.ua
health.fakty.com.ua
life.fakty.com.ua
www.youtube.com
www.facebook.com
twitter.com
telegram.me
unsplash.com
www.tiktok.com
zakon.rada.gov.ua
cdn.fakty.com.ua
t.me
play.google.com
ictv.ua
www.stb.ua
vikna.tv
novy.tv
smachno.ua

Subject Issuer	Validity	Valid
get.aidrestore.com ZeroSSL RSA Domain Secure Site CA	`2023-10-14` - `2024-01-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
adtcdn.com GTS CA 1P5	`2023-09-12` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.onthe.io Sectigo ECC Domain Validation Secure Server CA	`2023-07-03` - `2024-07-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-15` - `2024-04-14`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2023-09-14` - `2024-09-25`	a year	crt.sh
player.adtelligent.com R3	`2023-09-16` - `2023-12-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2023-03-27` - `2024-03-26`	a year	crt.sh
files.bidmatic.io R3	`2023-08-18` - `2023-11-16`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.ttwstatic.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-11-11` - `2023-12-12`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
cdnstat.net E1	`2023-09-18` - `2023-12-17`	3 months	crt.sh
player.bidmatic.io R3	`2023-08-17` - `2023-11-15`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-09-29` - `2023-12-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
cdn.plyr.io Cloudflare Inc ECC CA-3	`2023-04-12` - `2024-04-10`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.neutral.ttwstatic.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-06-30` - `2024-07-30`	a year	crt.sh
*.tiktokcdn.com RapidSSL ECC CA 2018	`2023-07-13` - `2024-08-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.bytedapm.com RapidSSL ECC CA 2018	`2022-12-13` - `2024-01-13`	a year	crt.sh
cookies.nextmillmedia.com Amazon RSA 2048 M02	`2023-06-13` - `2024-07-11`	a year	crt.sh
bid.adsinteractive.com R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
aux-log.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-09-03` - `2023-12-02`	3 months	crt.sh
*.tiktokv.com RapidSSL ECC CA 2018	`2023-08-14` - `2024-09-13`	a year	crt.sh
*.byteoversea.com RapidSSL ECC CA 2018	`2022-12-15` - `2024-01-15`	a year	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-09-24` - `2023-12-23`	3 months	crt.sh
*.ibytedtos.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
cl.imghosts.com Cloudflare Inc ECC CA-3	`2023-10-03` - `2024-10-02`	a year	crt.sh
d.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-09-20` - `2023-12-19`	3 months	crt.sh
*.mw-01.cosmonova-broadcast.tv R3	`2023-09-25` - `2023-12-24`	3 months	crt.sh
analytics.cosmonova.net R3	`2023-09-28` - `2023-12-27`	3 months	crt.sh
*.cdn-01.cosmonova.net.ua R3	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.cdn-03.cosmonova.net.ua R3	`2023-09-25` - `2023-12-24`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://get.aidrestore.com/w1/index.html
Frame ID: 4DACF3EE42794C617F15F7BB91DF2FB4
Requests: 132 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 79C2BEF7E36380299FD920D981801638
Requests: 1 HTTP requests in this frame

Frame: https://www.tiktok.com/embed/v2/7285969595880475910?lang=en-US&referrer=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&embedFrom=oembed
Frame ID: 33C3BA7E91F6B61D349FD163D8DDD71D
Requests: 43 HTTP requests in this frame

Frame: https://55a57e9b44b0c73b88dfae876d3445f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 71B9641A9EDEBD2102DE119E304B7C7A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Frame ID: 60D2E8B7DC0C31AD4C47FACD9F17BDA1
Requests: 179 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A2AA21608D4AEFD006FE94ADF5B8FACF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6CF3B2CA8EAA8E9E98125727118EEDCC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AA81FDFD5D2C1FA5CE0154728A78C109
Requests: 2 HTTP requests in this frame

Frame: https://6517501.fls.doubleclick.net/activityi;dc_pre=CO7PsbvG9IEDFVaQ_Qcd5o4Cww;src=6517501;type=invmedia;cat=t4azj4zi;qty=1;cost=get.aidrestore.com;ord=%2Fw1%2Findex.html;auiddc=1754772136.1697252547;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html
Frame ID: 18480CEC661D84D152DD90C73CF70CAB
Requests: 2 HTTP requests in this frame

Frame: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
Frame ID: 8AD3D15E929E4350ED08513DF5EC0493
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Допомога українцям, які залишилися в Україні: шахрайські схеми 2023

Page URL History Show full URLs

https://get.aidrestore.com/ HTTP 302
https://get.aidrestore.com/w1/index.html Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

401
Requests

65 %
HTTPS

42 %
IPv6

42
Domains

79
Subdomains

69
IPs

10
Countries

8192 kB
Transfer

20175 kB
Size

33
Cookies

135 Outgoing links

These are links going to different origins than the main page.

URL: https://fakty.com.ua/ua/

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ru/ukraine/suspilstvo/20231013-dopomoga-ukrayinczyam-yaki-zalyshylysya-v-ukrayini-chy-vyplachuyetsya-ta-yak-vidriznyty-vid-shahrajstva/
Title: � ус

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/?s=

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/igry/
Title: Ігри

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/donate/
Title: Підтримати

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/ukraine/
Title: Україна

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/novyny-kyyeva/
Title: Київ

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/harkiv/
Title: Харків

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/odesa/
Title: Одеса

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/lviv/
Title: Львів

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/dnipro/
Title: Дніпро

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/zaporizhzhya/
Title: Запоріжжя

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/donbas/
Title: Донбас

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/krym/
Title: Крим

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/special/vijna-v-ukrayini/
Title: Війна

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/karta/
Title: Карти

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/ukraine/polituka/
Title: Політика

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/verhovna-rada/
Title: Верховна � ада

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/kabmin/
Title: Кабмін

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/ofis-prezydenta/
Title: Офіс президента

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/vybory-2019/
Title: Вибори

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/ukraine/suspilstvo/
Title: Суспільство

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/opytuvannya/
Title: Опитування

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/osvita/
Title: Освіта

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/ukraine/ekonomika/
Title: Економіка

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/biznes-v-ukrayini/
Title: Бізнес

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/neruhomist/
Title: Нерухомість

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/transport/
Title: Транспорт

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/komunalni-platezhi/
Title: Комуналка

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/robota/
Title: � обота

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/proisshestvija/
Title: Надзвичайні події

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/svit/
Title: Світ

Search URL Search Domain Scan URL

URL: https://health.fakty.com.ua/ua/
Title: Здоров’я

Search URL Search Domain Scan URL

URL: https://health.fakty.com.ua/ua/psykholohiia/
Title: Психологія

Search URL Search Domain Scan URL

URL: https://health.fakty.com.ua/ua/dity/
Title: Діти

Search URL Search Domain Scan URL

URL: https://health.fakty.com.ua/ua/medohliad/
Title: Медогляд

Search URL Search Domain Scan URL

URL: https://health.fakty.com.ua/ua/medohliad/kartatila/
Title: Карта тіла

Search URL Search Domain Scan URL

URL: https://health.fakty.com.ua/ua/medohliad/konsultatsiia/
Title: Консультація

Search URL Search Domain Scan URL

URL: https://health.fakty.com.ua/ua/tilo/
Title: Тіло

Search URL Search Domain Scan URL

URL: https://health.fakty.com.ua/ua/tilo/yizha/
Title: Їжа

Search URL Search Domain Scan URL

URL: https://health.fakty.com.ua/ua/tilo/rukhaiemos/
Title: � ухаємось

Search URL Search Domain Scan URL

URL: https://health.fakty.com.ua/ua/tilo/seks/
Title: Секс

Search URL Search Domain Scan URL

URL: https://health.fakty.com.ua/ua/tilo/krasa/
Title: Краса

Search URL Search Domain Scan URL

URL: https://health.fakty.com.ua/ua/napulsi/
Title: На пульсі

Search URL Search Domain Scan URL

URL: https://health.fakty.com.ua/ua/napulsi/aktualno/
Title: Актуально

Search URL Search Domain Scan URL

URL: https://health.fakty.com.ua/ua/napulsi/vaktsynatsiia/
Title: Вакцинація

Search URL Search Domain Scan URL

URL: https://health.fakty.com.ua/ua/napulsi/porady/
Title: Поради

Search URL Search Domain Scan URL

URL: https://life.fakty.com.ua/ua/
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://life.fakty.com.ua/ua/showbiz/
Title: Шоу-бізнес

Search URL Search Domain Scan URL

URL: https://life.fakty.com.ua/ua/showbiz/kino-ta-serialy/
Title: Кіно та серіали

Search URL Search Domain Scan URL

URL: https://life.fakty.com.ua/ua/showbiz/moda/
Title: Мода

Search URL Search Domain Scan URL

URL: https://life.fakty.com.ua/ua/showbiz/muzyka/
Title: Музика

Search URL Search Domain Scan URL

URL: https://life.fakty.com.ua/ua/showbiz/persony/
Title: Персони

Search URL Search Domain Scan URL

URL: https://life.fakty.com.ua/ua/showbiz/tb/
Title: ТБ

Search URL Search Domain Scan URL

URL: https://life.fakty.com.ua/ua/tekhnolohii/
Title: Технології

Search URL Search Domain Scan URL

URL: https://life.fakty.com.ua/ua/tekhnolohii/internet/
Title: Інтернет

Search URL Search Domain Scan URL

URL: https://life.fakty.com.ua/ua/tekhnolohii/hadzhety/
Title: Гаджети

Search URL Search Domain Scan URL

URL: https://life.fakty.com.ua/ua/tekhnolohii/kosmos/
Title: Космос

Search URL Search Domain Scan URL

URL: https://life.fakty.com.ua/ua/avto/
Title: Авто

Search URL Search Domain Scan URL

URL: https://life.fakty.com.ua/ua/vidpochynok/
Title: Відпочинок

Search URL Search Domain Scan URL

URL: https://life.fakty.com.ua/ua/sviata/
Title: Свята в Україні

Search URL Search Domain Scan URL

URL: https://life.fakty.com.ua/ua/astrolohiia/
Title: Астрологія

Search URL Search Domain Scan URL

URL: https://life.fakty.com.ua/ua/lifehack/
Title: Лайфхаки

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/sport/
Title: Спорт

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/futbol/
Title: Футбол

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/boks/
Title: Бокс

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/tenis/
Title: Теніс

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/opinion/
Title: Думки

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/special/
Title: Спецтеми

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/longreads/
Title: Лонгріди

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/infographic/
Title: Інфографіка

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/videos/
Title: Відео

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@FaktyICTVchannel/featured
Title: Телемарафон

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/fakty-vupuski/
Title: Випуски

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/live/
Title: Онлайн

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/news#popular
Title: Популярні

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/proisshestvija/20231012-u-sevastopoli-pidirvavsya-velykyj-storozhovyj-korabel-pavel-derzhavyn-shho-vidomo/
Title: У Севастополі підірвався великий сторожовий корабель Павел Державин – що відомо

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/proisshestvija/20231012-nayev-opivnochi-na-sumshhynu-prorvalas-grupa-dyversantiv/
Title: Наєв: Опівночі на Сумщину прорвалась група диверсантів

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/proisshestvija/20231010-v-odesi-lunayut-potuzhni-vybuhy-tryvaye-povitryana-tryvoga-na-pivdni-ukrayiny/
Title: Терміново Шахеди поцілили в логістичну інфраструктуру Одещини – ОВА

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/proisshestvija/20231011-iskandery-po-grozi-navely-dva-braty-kolaboranty-sbu/
Title: Іскандери по Грозі навели два брати-колаборанти – СБУ

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/proisshestvija/20231012-nichna-ataka-droniv-v-umani-pered-vidboyem-bulo-chuty-vybuhy/
Title: Один дрон збили, інший спровокував пожежу: що відомо про атаку БпЛА на Черкащині

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/by/anna-golishevska/
Title: Анна Голішевська

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Ffakty.com.ua%2Fua%2Fukraine%2Fsuspilstvo%2F20231013-dopomoga-ukrayinczyam-yaki-zalyshylysya-v-ukrayini-chy-vyplachuyetsya-ta-yak-vidriznyty-vid-shahrajstva%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Ffakty.com.ua%2Fua%2Fukraine%2Fsuspilstvo%2F20231013-dopomoga-ukrayinczyam-yaki-zalyshylysya-v-ukrayini-chy-vyplachuyetsya-ta-yak-vidriznyty-vid-shahrajstva%2F&title=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0+%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%86%D1%8F%D0%BC%2C+%D1%8F%D0%BA%D1%96+%D0%B7%D0%B0%D0%BB%D0%B8%D1%88%D0%B8%D0%BB%D0%B8%D1%81%D1%8F+%D0%B2+%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%3A+%D1%87%D0%B8+%D0%B2%D0%B8%D0%BF%D0%BB%D0%B0%D1%87%D1%83%D1%94%D1%82%D1%8C%D1%81%D1%8F+%D1%82%D0%B0+%D1%8F%D0%BA+%D0%B2%D1%96%D0%B4%D1%80%D1%96%D0%B7%D0%BD%D0%B8%D1%82%D0%B8+%D0%B2%D1%96%D0%B4+%D1%88%D0%B0%D1%85%D1%80%D0%B0%D0%B9%D1%81%D1%82%D0%B2%D0%B0

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url/?url=https%3A%2F%2Ffakty.com.ua%2Fua%2Fukraine%2Fsuspilstvo%2F20231013-dopomoga-ukrayinczyam-yaki-zalyshylysya-v-ukrayini-chy-vyplachuyetsya-ta-yak-vidriznyty-vid-shahrajstva%2F&text=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0+%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%86%D1%8F%D0%BC%2C+%D1%8F%D0%BA%D1%96+%D0%B7%D0%B0%D0%BB%D0%B8%D1%88%D0%B8%D0%BB%D0%B8%D1%81%D1%8F+%D0%B2+%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%3A+%D1%87%D0%B8+%D0%B2%D0%B8%D0%BF%D0%BB%D0%B0%D1%87%D1%83%D1%94%D1%82%D1%8C%D1%81%D1%8F+%D1%82%D0%B0+%D1%8F%D0%BA+%D0%B2%D1%96%D0%B4%D1%80%D1%96%D0%B7%D0%BD%D0%B8%D1%82%D0%B8+%D0%B2%D1%96%D0%B4+%D1%88%D0%B0%D1%85%D1%80%D0%B0%D0%B9%D1%81%D1%82%D0%B2%D0%B0

Search URL Search Domain Scan URL

URL: https://unsplash.com/photos/ZQhkkCaVKFM
Title: Unsplash

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@cqfznmvdslh/video/7287902454035778822?lang=uk-UA
Title: голоси відомих телеведучих

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@dolars003/video/7285337384185597189?lang=uk-UA
Title: заголовки

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@ukrainee_5/video/7284944676606446853?lang=uk-UA
Title: швидкі методи отримання

Search URL Search Domain Scan URL

URL: https://zakon.rada.gov.ua/laws/show/332-2022-%D0%BF#n54
Title: Державна допомога

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@dolars003?lang=uk-UA
Title: відео

Search URL Search Domain Scan URL

URL: https://cdn.fakty.com.ua/wp-content/uploads/2023/10/10/1.jpeg

Search URL Search Domain Scan URL

URL: https://cdn.fakty.com.ua/wp-content/uploads/2023/10/10/2.jpeg

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/link/v2?aid=1988&lang=uk-UA&scene=bio_url&target=https%3A%2F%2Ft.me%2F%2BMPROmUVVWA40ZDIy
Title: Telegram

Search URL Search Domain Scan URL

URL: https://cdn.fakty.com.ua/wp-content/uploads/2023/10/10/3.jpeg

Search URL Search Domain Scan URL

URL: https://cdn.fakty.com.ua/wp-content/uploads/2023/10/10/4.jpeg

Search URL Search Domain Scan URL

URL: https://cdn.fakty.com.ua/wp-content/uploads/2023/10/10/5.jpeg

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/ukraine/suspilstvo/20230711-telefonuyut-ta-povidomlyayut-pro-pryznachennya-vyplat-v-ukrayini-praczyuye-shahrajska-kompaniya-shhaslyvyj-dim/
Title: Телефонують та повідомляють про призначення виплат: в Україні працює шахрайська компанія Щасливий дім

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/internet-shahrajstvo/
Title: Інтернет-шахрайство

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/vyplaty/
Title: виплати

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/vpo/
Title: ВПО

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/sotsialni-vyplaty/
Title: Соціальні виплати

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/tag/shahrajstvo/
Title: шахрайство

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/ukraine/suspilstvo/20231012-yak-rozdrukuvaty-dovidku-vpo-z-diyi-pokrokova-instrukcziya/
Title: Як роздрукувати довідку ВПО з Дії: покрокова інструкція

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/ukraine/suspilstvo/20231011-na-yaki-pilgy-ta-vyplaty-mozhut-rozrahovuvaty-kavalery-ordenu-za-muzhnist-iii-stupenya-rozpovidaye-yuryst/
Title: На які пільги та виплати можуть розраховувати кавалери ордену За мужність III ступеня – розповідає юрист

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/ukraine/ekonomika/20231011-dekretna-vidpustka-2023-skilky-otrymuyut-vagitni-zhinky-ta-yak-rozrahuvaty-rozmir-dopomogy/
Title: Декретна відпустка 2023: скільки отримують вагітні жінки та як розрахувати розмір допомоги

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/ukraine/suspilstvo/20231011-alimenty-v-ukrayini-2022-yakyj-rozmir-vyplat/
Title: Аліменти в Україні 2023: який розмір виплат

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/ukraine/suspilstvo/20231010-dopomoga-vid-estoniyi-2023-rozmir-ta-yak-otrymaty/
Title: Допомога від Естонії 2023: розмір та як отримати

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/videos/pidsumky-ramshtajnu-16-yaku-dopomogu-otrymaye-ukrayina/
Title: Підсумки � амштайну-16: яку допомогу отримає Україна Напередодні у Бельгії відбувся перший особистий виступ Володимира Зеленського на контактній зустрічі у форматі � амштайн. 12 Жовтня, 18:11 •

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/by/natalya-lutsenko/
Title: Наталя Луценко

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/videos/najbilshyj-proval-speczsluzhb-chomu-izrayil-ne-buv-gotovyj-do-ataky-hamasu/
Title: Найбільший провал спецслужб: чому Ізраїль не був готовий до атаки ХАМАСу

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/videos/neskinchenni-pohorony-u-seli-groza-zagyblyh-hovayut-czilymy-rodynamy/
Title: Нескінченні похорони у селі Гроза: загиблих ховають цілими родинами

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/videos/u-kyyevi-poproshhalys-iz-ninoyu-matviyenko-obstril-nikopolya-novyny-fakty-ictv-za-11-10-2023/
Title: У Києві попрощались із Ніною Матвієнко | Обстріл Нікополя | Новини Факти ICTV за 11.10.2023

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/videos/evakuacziya-ukrayincziv-iz-gazy-dopomogu-ssha-podilyat-mizh-novyny-fakty-ictv-za-11-10-2023/
Title: Евакуація українців із Гази | Допомогу США поділять між… | Новини Факти ICTV за 11.10.2023

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/about_site/
Title: Про Факти

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/longreads/redyzajn-sajtu/
Title: Про сайт

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/hosts-and-journalists/
Title: Ведучі та журналісти

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/editors/
Title: � едакція сайту

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/reklama/
Title: � еклама

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/kontakty/
Title: Зв’язатися з нами

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Fakty.ICTV/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://t.me/FAKTY_ICTV
Title: Telegram

Search URL Search Domain Scan URL

URL: https://twitter.com/ICTV_Fakty
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/FaktyICTVchannel
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@fakty.ictv
Title: Tik-tok

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.ictv
Title: Факти Android

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/feed/
Title: RSS

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/push-povidomlennya/
Title: PUSH-повідомлення

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/pravyla-korystuvannya-sajtom/
Title: Правила користування сайтом

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/privacy_policy/
Title: Політика конфіденційності

Search URL Search Domain Scan URL

URL: https://ictv.ua/ua/

Search URL Search Domain Scan URL

URL: https://www.stb.ua/ua/

Search URL Search Domain Scan URL

URL: https://vikna.tv/

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/

Search URL Search Domain Scan URL

URL: https://smachno.ua/ua/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://get.aidrestore.com/ HTTP 302
https://get.aidrestore.com/w1/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10885073154/?random=942299033&cv=11&fst=1697252546766&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&label=-6YeCPaJrrMDEIKStMYo&hn=www.googleadservices.com&frm=0&tiba=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%86%D1%8F%D0%BC%2C%20%D1%8F%D0%BA%D1%96%20%D0%B7%D0%B0%D0%BB%D0%B8%D1%88%D0%B8%D0%BB%D0%B8%D1%81%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%3A%20&value=0&auid=1754772136.1697252547&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=wwQqZYSTJYWT7_UP6fOHiAE&sscte=1&crd=&eitems=ChAI8NWjqQYQ6uSvg5OO0-58Eh0AG0dcVh2k3LJSsV10_sMqAE0zO6XnSb3xrp0l8g&pscrd=Ek9DaEVJOE5XanFRWVEyT0wtdUxuaWxKdWlBUkltQUJWM2dUdkoydFY3bXFRZlRWc3V0Z1JIY01BTlBPanBGbk5Cck9jdDdtUG9FMng4OWJ3GlhDaEFJOE5XanFRWVFpbzZxdFpxbXNvY29FaTRBY2Y0M0ZLbERkQzhFWmxMM3ZaWk9HNXFOeUMxR3JKT2xadDQ3MEdUUlpoaFBMeDBSSm4wdGNBbFpJaVZlIhMIxIDHucb0gQMVhcm7CB3p-QER HTTP 302
https://www.google.com/pagead/1p-conversion/10885073154/?random=942299033&cv=11&fst=1697252546766&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&label=-6YeCPaJrrMDEIKStMYo&hn=www.googleadservices.com&frm=0&tiba=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%86%D1%8F%D0%BC%2C%20%D1%8F%D0%BA%D1%96%20%D0%B7%D0%B0%D0%BB%D0%B8%D1%88%D0%B8%D0%BB%D0%B8%D1%81%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%3A%20&value=0&auid=1754772136.1697252547&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE5XanFRWVEyT0wtdUxuaWxKdWlBUkltQUJWM2dUdkoydFY3bXFRZlRWc3V0Z1JIY01BTlBPanBGbk5Cck9jdDdtUG9FMng4OWJ3GlhDaEFJOE5XanFRWVFpbzZxdFpxbXNvY29FaTRBY2Y0M0ZLbERkQzhFWmxMM3ZaWk9HNXFOeUMxR3JKT2xadDQ3MEdUUlpoaFBMeDBSSm4wdGNBbFpJaVZlIhMIxIDHucb0gQMVhcm7CB3p-QER&is_vtc=1&ocp_id=wwQqZYSTJYWT7_UP6fOHiAE&eitems=ChAI8NWjqQYQ6uSvg5OO0-58Eh0AG0dcVmUlM16Qg4dgtrjwY2hJprczV4zAvJDs4A&random=363857356 HTTP 302
https://www.google.de/pagead/1p-conversion/10885073154/?random=942299033&cv=11&fst=1697252546766&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&label=-6YeCPaJrrMDEIKStMYo&hn=www.googleadservices.com&frm=0&tiba=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%86%D1%8F%D0%BC%2C%20%D1%8F%D0%BA%D1%96%20%D0%B7%D0%B0%D0%BB%D0%B8%D1%88%D0%B8%D0%BB%D0%B8%D1%81%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%3A%20&value=0&auid=1754772136.1697252547&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE5XanFRWVEyT0wtdUxuaWxKdWlBUkltQUJWM2dUdkoydFY3bXFRZlRWc3V0Z1JIY01BTlBPanBGbk5Cck9jdDdtUG9FMng4OWJ3GlhDaEFJOE5XanFRWVFpbzZxdFpxbXNvY29FaTRBY2Y0M0ZLbERkQzhFWmxMM3ZaWk9HNXFOeUMxR3JKT2xadDQ3MEdUUlpoaFBMeDBSSm4wdGNBbFpJaVZlIhMIxIDHucb0gQMVhcm7CB3p-QER&is_vtc=1&ocp_id=wwQqZYSTJYWT7_UP6fOHiAE&eitems=ChAI8NWjqQYQ6uSvg5OO0-58Eh0AG0dcVmUlM16Qg4dgtrjwY2hJprczV4zAvJDs4A&random=363857356&ipr=y

Request Chain 64

https://gaua.hit.gemius.pl/_1697252547898/rexdot.js?l=100&sendf=24&id=zao6P2d9U3r6qXvmrhZChJchzSugagLmNCDiR6Vr42..q7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=dnnXNwU7XDfAhYMWW95j41Se01wbgfZEJzj1tnwb1Mb.n7bODdqmIaKlVBPcFTej_V_7OVnOSLS06mAbux6HdbMFEioQ/oudP2RUJBNuLK/&fpdata=A9WMkTe34gQzDpb9E.CWCcySafd8yjC5.FOAYhTEnqz.N7&ltime=796&fr=1&ref=&inner=_ver%3D344%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=652a04c2276cb414&brts=1697252547&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1697252547898/rexdot.js?l=100&sendf=24&id=zao6P2d9U3r6qXvmrhZChJchzSugagLmNCDiR6Vr42..q7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=dnnXNwU7XDfAhYMWW95j41Se01wbgfZEJzj1tnwb1Mb.n7bODdqmIaKlVBPcFTej_V_7OVnOSLS06mAbux6HdbMFEioQ/oudP2RUJBNuLK/&fpdata=A9WMkTe34gQzDpb9E.CWCcySafd8yjC5.FOAYhTEnqz.N7&ltime=796&fr=1&ref=&inner=_ver%3D344%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=652a04c2276cb414&brts=1697252547&fpcap=

Request Chain 116

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=12b7c219-3fca-48ad-a1e2-9610e239dd69

Request Chain 118

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=5c68ccd97b028698

Request Chain 156

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 157

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 158

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 160

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 161

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 162

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 163

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 164

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 165

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 166

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 167

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 168

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 169

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 170

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 171

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 172

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 173

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 174

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 177

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 178

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 179

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 209

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 210

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 211

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 212

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 213

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 214

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 215

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 216

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 217

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 218

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 219

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 220

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 221

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 222

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 223

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 224

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 225

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 226

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 230

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 231

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 232

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 237

https://6517501.fls.doubleclick.net/activityi;src=6517501;type=invmedia;cat=t4azj4zi;qty=1;cost=get.aidrestore.com;ord=%2Fw1%2Findex.html;auiddc=1754772136.1697252547;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html HTTP 302
https://6517501.fls.doubleclick.net/activityi;dc_pre=CO7PsbvG9IEDFVaQ_Qcd5o4Cww;src=6517501;type=invmedia;cat=t4azj4zi;qty=1;cost=get.aidrestore.com;ord=%2Fw1%2Findex.html;auiddc=1754772136.1697252547;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html

Request Chain 238

https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-8&value= HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-8&value=&_bee_ppp=1

Request Chain 251

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 252

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 253

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 254

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 255

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 256

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 257

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 258

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 259

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 260

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 261

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 262

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 263

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 264

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 265

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 267

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 268

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 269

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 273

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 274

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 275

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 278

https://live-ictv.mw-01.cosmonova-broadcast.tv/player?autoplay=true HTTP 302
https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true

Request Chain 289

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 290

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 291

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 292

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 293

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 294

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 295

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 296

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 297

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 298

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 299

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 300

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 301

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 302

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 303

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 304

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 305

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 306

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 307

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 308

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 309

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 341

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 342

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 343

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 344

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 345

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 346

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 347

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 348

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 349

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 350

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 351

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 352

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 353

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 354

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 355

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 356

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 357

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 358

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 364

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 365

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 366

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 380

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 381

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 382

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 383

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 384

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 385

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 386

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 387

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 388

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 389

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 390

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 391

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 392

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 393

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 394

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 395

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 396

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 397

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

Request Chain 399

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

Request Chain 400

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D309255%2526extuid%253D%2524%257BUID%257D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

Request Chain 401

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

401 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.html Show response
get.aidrestore.com/w1/
Redirect Chain

https://get.aidrestore.com/
https://get.aidrestore.com/w1/index.html

248 KB
48 KB

43ms
42ms

Document
text/html

2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://get.aidrestore.com/w1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

6bb8d4d7ea931562e91509fc2ef781a07e3057d01db71802b5f8ddf39eba5502

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 48686
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Sat, 14 Oct 2023 03:02:26 GMT
etag: "3e0a3-6529f580-19f3ee9f1ee5a83;br"
last-modified: Sat, 14 Oct 2023 01:57:20 GMT
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 14 Oct 2023 03:02:26 GMT
location: w1/index.html
platform: hostinger
server: LiteSpeed
x-powered-by: PHP/8.1.22

GET
H2 200 xgemius.js Show response
get.aidrestore.com/w1/js/ 46 KB
12 KB 62ms
61ms Script
application/x-javascript 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://get.aidrestore.com/w1/js/xgemius.js

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

bba353679a3866d7ab5a3312dade07c3fded2e626423ed686a76b7496b0d0242

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:26 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:23 GMT
server: LiteSpeed
etag: "b819-6529f583-f6dd66aa17ac0aab;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 11777
expires: Sat, 21 Oct 2023 03:02:26 GMT

GET
H2 200 gtm.js Show response
get.aidrestore.com/w1/js/ 266 KB
83 KB 70ms
69ms Script
application/x-javascript 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://get.aidrestore.com/w1/js/gtm.js

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

6d4633126f96b944cb7d1beee10a7b2602ec2bc6e9e0fe8d350e6dd7acaad8fa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:26 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:23 GMT
server: LiteSpeed
etag: "428a9-6529f583-a46ef2c6f001c9c2;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 85266
expires: Sat, 21 Oct 2023 03:02:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 286 KB
96 KB 678ms
47ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KMS7G77

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2bf1afac1d651978906520edd4162be71de95b96047e42a14f87151a1cfb92cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97583
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 03:02:27 GMT

GET
H2 200 hb_266844_811.js Show response
player.adtcdn.com/prebidlink/471459/ 944 B
813 B 811ms
191ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/471459/hb_266844_811.js
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9505938b9a195a344f5ac26e5b162d75f4014b93f8aa1a8181180ee017191239

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 12 Oct 2023 17:06:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65282780-3b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUjBH1RKY6F1MjMtHelwKAFlTiLseILeneYuvMapeRB2nl4hP%2FrRKNYThmUFrK4vVtZLXgxgw5%2BxQV0c%2BLAIrY4IqyPoO%2BbUsF2%2B7ESNRfmxdrKiWajd0wrSvDkNZvzjfk6zmwCvwIDccoqqsCu%2FRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 815c95665b6c9225-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 14 Oct 2023 03:17:27 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 173ms
75ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0406a8ea4f9ad15938e0dffcac791c69f3e645e4fad41a60ee21ec6b5d61094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29185
x-xss-protection: 0
server: cafe
etag: 507 / 19644 / 31078828 / config-hash: 16770446656291207178
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 03:02:26 GMT

GET
H2 200 wrapper_hb_266844_811.js Show response
player.adtcdn.com/prebidlink/471459/ 2 KB
1 KB 807ms
187ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/471459/wrapper_hb_266844_811.js
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04d10348c58f3bb013b99ca02fd501a614a50290547bc52f2187a4fb1e6cfd62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 12 Oct 2023 17:06:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65282780-867"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IY0A%2FBYlOnVw1GLfpzjcv4EYFqZMGHJO9qeervRw38hlPovcZpDkDlz39IewlmFNKWSFA%2BMk7FM4WN%2BV1jitQKMt%2FOtepEUhX3OQjrz9922WZcJtaok9lJbXZSCkR1rY1wQyZSMqTxDen6dnc0rKTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 815c95665b6d9225-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 14 Oct 2023 03:17:27 GMT

GET
H3 200 hb_266844_811.js Show response
get.aidrestore.com/w1/js/ 908 B
805 B 46ms
45ms Script
application/x-javascript 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://get.aidrestore.com/w1/js/hb_266844_811.js

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b4d1c0ff466f2f792783cfeed6069dbafd435f92237841e554b4dc673b00545c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:26 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:23 GMT
server: LiteSpeed
etag: "38c-6529f583-d3ac0097d960e3f7;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 449
expires: Sat, 21 Oct 2023 03:02:26 GMT

GET
H3 200 gpt.js Show response
get.aidrestore.com/w1/js/ 96 KB
28 KB 51ms
50ms Script
application/x-javascript 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://get.aidrestore.com/w1/js/gpt.js

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

33aa4f83800a699238869702a6a56ec611684fb3592e42f5165d3cdf1b877773

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:26 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:23 GMT
server: LiteSpeed
etag: "17fab-6529f583-8e184dc11054550b;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 28318
expires: Sat, 21 Oct 2023 03:02:26 GMT

GET
H3 200 wrapper_hb_266844_811.js Show response
get.aidrestore.com/w1/js/ 2 KB
923 B 54ms
52ms Script
application/x-javascript 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://get.aidrestore.com/w1/js/wrapper_hb_266844_811.js

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5bc5737d832b26ccb0f1f4d51999f8bc42eaa2a7935d920f6186ee9c6e580a9f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:26 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:23 GMT
server: LiteSpeed
etag: "856-6529f583-fa23d28a430a086e;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 871
expires: Sat, 21 Oct 2023 03:02:26 GMT

GET
H/1.1 200
OK VQQFD6QvyvUn Show response
cdn.onthe.io/io.js/ 68 KB
26 KB 658ms
21ms Script
text/javascript 116.203.212.0
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/VQQFD6QvyvUn
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 116.203.212.0 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.0.212.203.116.clients.your-server.de
Software: nginx /
Resource Hash: 8b62de03068904e1e690299925e027ad3cbdb24caefb76c40622d4d24dee8768

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Nov 2021 09:17:47 GMT
Server: nginx
ETag: W/"61a5ec3b-110e8"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sun, 15 Oct 2023 03:02:27 GMT

GET
H3 200 integrator.min.js Show response
get.aidrestore.com/w1/js/ 58 KB
16 KB 46ms
39ms Script
application/x-javascript 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://get.aidrestore.com/w1/js/integrator.min.js

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

49223159698b68891323f82dd08cdfa99876675b3933ebf3b243df54a31a2552

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:26 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:23 GMT
server: LiteSpeed
etag: "e842-6529f583-b4d9df442b700d25;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 16837
expires: Sat, 21 Oct 2023 03:02:26 GMT

GET
H2 200 0-632x356.jpeg
cdn.fakty.com.ua/wp-content/uploads/2023/10/10/ 48 KB
49 KB 809ms
170ms Image
image/webp 2606:4700:20::ac43:4468
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.fakty.com.ua/wp-content/uploads/2023/10/10/0-632x356.jpeg
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4468 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1423256e88ae5abfc93d256b2b9af5155d8c7738a2a7387ced72f8947366be63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 14 Oct 2023 03:02:27 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: qual=85, origFmt=jpeg, origSize=54513
content-disposition: inline; filename="0-632x356.webp"
content-length: 49492
cf-bgj: imgq:85,h2pri
last-modified: Tue, 10 Oct 2023 11:42:40 GMT
server: cloudflare
etag: "652538b0-d4f1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O26KoNh6GqCvk7ulyz1Y5CJ4fVv23q4TPWglZnc%2FV%2Fbs9jVni6ejDORLWJV%2FSTMQnqipDO9MFINbi7cKJ%2FJFr5Q7uZ1rOToto7mZtxkiq%2F3jsY6135Py7WgAvdvQ%2FUOz41umJd%2F7jZllDDKpew4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 815c95667ff86964-FRA
expires: Sat, 14 Oct 2023 04:02:27 GMT

GET Inter-Regular.woff2
fakty.com.ua/wp-content/themes/fkt/dist/fonts/ 0
0

GET Inter-SemiBold.woff2
fakty.com.ua/wp-content/themes/fkt/dist/fonts/ 0
0

GET Inter-Bold.woff2
fakty.com.ua/wp-content/themes/fkt/dist/fonts/ 0
0

GET
H3 200 sdk.js Show response
get.aidrestore.com/w1/js/ 44 KB
13 KB 56ms
51ms Script
application/x-javascript 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://get.aidrestore.com/w1/js/sdk.js

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

8dbbc199d667fe79425f746a9a4a3be0af7e42d75ce2082710948faf007b079c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:26 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:23 GMT
server: LiteSpeed
etag: "ae92-6529f583-1335849e61047775;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 12972
expires: Sat, 21 Oct 2023 03:02:26 GMT

GET
H3 200 0-632x356.jpeg
get.aidrestore.com/w1/images/ 49 KB
50 KB 55ms
40ms Image
image/jpeg 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://get.aidrestore.com/w1/images/0-632x356.jpeg

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

97ba96015f89109ed49c2f6c3dccc4f0ddd168c8adb8de8d2f25f1898a212bc4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:26 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:20 GMT
server: LiteSpeed
etag: "c5c0-6529f580-42029f2e15c5e6af;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 50624
expires: Sat, 21 Oct 2023 03:02:26 GMT

GET
H3 200 embed_v1.0.11.js Show response
get.aidrestore.com/w1/js/ 42 KB
13 KB 56ms
51ms Script
application/x-javascript 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://get.aidrestore.com/w1/js/embed_v1.0.11.js

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

aeb326fe39cd7c553456564c31fa935d11b567785d9bbaa9ba60225e9319528b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:26 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:23 GMT
server: LiteSpeed
etag: "a7bb-6529f583-9233ad35466a254a;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 13381
expires: Sat, 21 Oct 2023 03:02:26 GMT

GET
H3 200 1.jpeg
get.aidrestore.com/w1/images/ 103 KB
103 KB 69ms
54ms Image
image/jpeg 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://get.aidrestore.com/w1/images/1.jpeg

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

948eaba16b885ca4a8cb13f0c402e5f5a4cddcf030e4f301d189ecae1fbe9c22

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:26 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:20 GMT
server: LiteSpeed
etag: "19ce1-6529f580-b05a29fab8468f1d;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 105697
expires: Sat, 21 Oct 2023 03:02:26 GMT

GET
H3 200 fakty.ictv.ua.1438379.js Show response
get.aidrestore.com/w1/js/ 4 KB
1 KB 57ms
51ms Script
application/x-javascript 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://get.aidrestore.com/w1/js/fakty.ictv.ua.1438379.js

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

9262e839f4c7c9b5e1cb0deba52da92e24a970538d9cc27a50d209c9dd626319

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:26 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:23 GMT
server: LiteSpeed
etag: "e35-6529f583-fc92c192b7195a65;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1194
expires: Sat, 21 Oct 2023 03:02:26 GMT

GET
H3 200 error-content-fakty.css
get.aidrestore.com/w1/css/ 3 KB
1 KB 41ms
41ms Stylesheet
text/css 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://get.aidrestore.com/w1/css/error-content-fakty.css

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c591934172d5a7679c8d5bb51ea2f631f7e3839626f5e186bcf05034878b76c9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:26 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:20 GMT
server: LiteSpeed
etag: "d36-6529f580-f7887376511335c3;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1339
expires: Sat, 21 Oct 2023 03:02:26 GMT

GET
H3 200 index.js Show response
get.aidrestore.com/w1/js/ 3 KB
1 KB 62ms
56ms Script
application/x-javascript 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://get.aidrestore.com/w1/js/index.js

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e2a55d8b61c7ca7f343862f3899b5ca2c24a7946ddf5d99c462e3b4fb60ce32c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:26 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:23 GMT
server: LiteSpeed
etag: "deb-6529f583-4c6578d92f72b304;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1086
expires: Sat, 21 Oct 2023 03:02:26 GMT

GET
H3 200 lazyLoad.js Show response
get.aidrestore.com/w1/js/ 5 KB
1 KB 58ms
52ms Script
application/x-javascript 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://get.aidrestore.com/w1/js/lazyLoad.js

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

437fb8f9e914698b2ec863a3c7159d9117c3f7b4ee4f08bf55e5db086b4b8628

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:26 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:23 GMT
server: LiteSpeed
etag: "1201-6529f583-afd6726039993de1;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1367
expires: Sat, 21 Oct 2023 03:02:26 GMT

GET
H3 200 article.js Show response
get.aidrestore.com/w1/js/ 57 KB
15 KB 59ms
53ms Script
application/x-javascript 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://get.aidrestore.com/w1/js/article.js

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

89330d11a8f55e01099ad6c42811784812a7633b989f5da7004929814f838269

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:26 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:23 GMT
server: LiteSpeed
etag: "e205-6529f583-979ab509e6a7f79a;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 15232
expires: Sat, 21 Oct 2023 03:02:26 GMT

GET
H3 200 articleAjaxHeadline.js Show response
get.aidrestore.com/w1/js/ 72 KB
20 KB 39ms
39ms Script
application/x-javascript 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://get.aidrestore.com/w1/js/articleAjaxHeadline.js

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

40b67984996e8900f9ac7c38ec2954f50c7394411c3d785d9eb1ae4f419cc2dc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:26 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:23 GMT
server: LiteSpeed
etag: "11e87-6529f583-ce8173903d72aeb2;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 20764
expires: Sat, 21 Oct 2023 03:02:26 GMT

GET
H3 200 vi-abtest.js Show response
get.aidrestore.com/w1/js/ 1 KB
493 B 41ms
40ms Script
application/x-javascript 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://get.aidrestore.com/w1/js/vi-abtest.js

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

bdb4df87183382ee675e7b7abeddcad14ca9823c25c3c7594d3804ad7f4ce475

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:26 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:23 GMT
server: LiteSpeed
etag: "462-6529f583-7e8cbfc1adacda9;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 442
expires: Sat, 21 Oct 2023 03:02:26 GMT

GET
H3 200 main.js Show response
get.aidrestore.com/w1/js/ 2 KB
687 B 41ms
39ms Script
application/x-javascript 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://get.aidrestore.com/w1/js/main.js

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

342b70afd8bfc82906c029aa5c8017bd9f184d3799acdd845e8be57772825e01

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:26 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:23 GMT
server: LiteSpeed
etag: "711-6529f583-b01ae5648bfff107;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 635
expires: Sat, 21 Oct 2023 03:02:26 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 283 B
646 B 694ms
58ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=get.aidrestore.com
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/js/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: dbdf0e4d620bf3b669c47bdf60885c03a80275cac576951a9cb863d6e37854db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 283
expires: Mon, 13 Nov 2023 03:02:27 GMT

GET
H2 200 hbp_master_266844_811.js Show response
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ 440 KB
138 KB 671ms
35ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_266844_811.js
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/js/hb_266844_811.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7656678023208dea7de0ed07aceb3d4f5edf6171f002e97b792618863323a10b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires: Sun, 15 Oct 2023 03:02:27 GMT
date: Sat, 14 Oct 2023 03:02:27 GMT
content-encoding: gzip
last-modified: Fri, 06 Oct 2023 06:19:32 GMT
server: nginx
etag: W/"651fa6f4-6e0c9"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
x-proxy-cache: HIT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/ 420 KB
132 KB 50ms
38ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed217f84a2f42753409477460b63ce2ed71c6447b9ec89aa0abde7f42ae5bcf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://get.aidrestore.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 13 Oct 2023 10:42:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58772
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134786
x-xss-protection: 0
server: cafe
etag: 13749274744457858240
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 12 Oct 2024 10:42:54 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 40 B
583 B 74ms
24ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=get.aidrestore.com

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69113c0e84a726b187354203565f678b58b6163701efec6e6380ef02a52792b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41
x-xss-protection: 0
expires: Sat, 14 Oct 2023 03:02:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 658ms
23ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/js/gtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Oct 2023 01:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4365
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 14 Oct 2023 03:49:42 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/10885073154/ 3 KB
2 KB 678ms
43ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/10885073154/?random=1697252546766&cv=11&fst=1697252546766&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&label=-6YeCPaJrrMDEIKStMYo&hn=www.googleadservices.com&frm=0&tiba=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%86%D1%8F%D0%BC%2C%20%D1%8F%D0%BA%D1%96%20%D0%B7%D0%B0%D0%BB%D0%B8%D1%88%D0%B8%D0%BB%D0%B8%D1%81%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%3A%20&value=0&bttype=purchase&auid=1754772136.1697252547&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/js/gtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ac1c7a65b75de20df65470d4902f38023bc4a0e046929e0ba63c071aafcd11bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1697
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
83 KB 699ms
73ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-57RZ078QNH&l=dataLayer&cx=c

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/js/gtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5427b201e73d5c81238ce14de4badd9d0a724e8f7cbe55f61e2b03d5d7cdf74d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84900
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 03:02:27 GMT

GET
H2 200 hbw_master_266844_811.js Show response
player.adtelligent.com/prebidlink/Kqn1V/ 200 KB
47 KB 79ms
79ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/Kqn1V/hbw_master_266844_811.js
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/js/wrapper_hb_266844_811.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 358c537a7111049614be1a5320eff95ea8fc7a0a696be8ca8aba53715d1559e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires: Sun, 15 Oct 2023 03:02:27 GMT
date: Sat, 14 Oct 2023 03:02:27 GMT
content-encoding: gzip
last-modified: Thu, 12 Oct 2023 17:06:08 GMT
server: nginx
etag: W/"65282780-321af"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
x-proxy-cache: HIT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 67 KB
19 KB 38ms
38ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: f4852c9989535b26a978711ee9cd8e88638600d206e25a00fd49355b14736ba6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
content-encoding: gzip
last-modified: Mon, 02 Oct 2023 11:58:36 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 19409
expires: Sat, 14 Oct 2023 15:02:27 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c84c4aad06938ac68ac600fd49f8aabab04dd2d01c709ce5a60e1c6032dfa709

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sdk.js Show response
api-esp-eu.piano.io/public/sdk/v04/ 43 KB
14 KB 103ms
34ms Script
application/javascript 2606:4700::6811:c276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/public/sdk/v04/sdk.js?v=xxx

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 135199
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Aug 2023 13:02:11 GMT
server: cloudflare
etag: W/"1bbec-189b65773f0"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp-eu.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 815c95670d0939e6-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sun, 13 Oct 2024 03:02:27 GMT

GET
DATA 200
OK truncated
/ 396 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25ed710c5c08b3eb5102ecbba0e12a27431aea1743cd5934ca1304293df57fcf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 gzar3yX7Jl0-sddefault.jpg
get.aidrestore.com/w1/images/ 49 KB
49 KB 41ms
40ms Image
image/jpeg 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://get.aidrestore.com/w1/images/gzar3yX7Jl0-sddefault.jpg

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

683333e3e22d42e0b0e9e769a8e2dae6904ea75670b8fedfcf18c50fbddbcd69

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:26 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:22 GMT
server: LiteSpeed
etag: "c308-6529f582-73bb1d4e0bd381aa;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 49928
expires: Sat, 21 Oct 2023 03:02:26 GMT

GET
DATA 200
OK truncated
/ 589 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0aa826bcffa98b1dde25c4c6a3ad104ddaf7fd0241c229e5b13a8149aa6e164c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 316 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd91c48149a390760c11b12d3e05f0e1ca24129eab37a03cb9a27cd33b35f449

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 Inter-SemiBold.woff2
get.aidrestore.com/w1/fonts/ 22 KB
22 KB 47ms
43ms Font
font/woff2 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://get.aidrestore.com/w1/fonts/Inter-SemiBold.woff2

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3f874f5d64bf52611e97f98c9f8e869354837cbb961dac846aa356d237c98055

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://get.aidrestore.com/w1/index.html
Origin: https://get.aidrestore.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:20 GMT
server: LiteSpeed
etag: "584c-6529f580-e491b366b0a41b8e;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 22604
expires: Sat, 21 Oct 2023 03:02:27 GMT

GET
H3 200 Inter-Regular.woff2
get.aidrestore.com/w1/fonts/ 21 KB
21 KB 56ms
53ms Font
font/woff2 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://get.aidrestore.com/w1/fonts/Inter-Regular.woff2

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4152910b13961b0102aa8bcf50d5f02c7def843989cfd0f146d98cc6baa4cec7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://get.aidrestore.com/w1/index.html
Origin: https://get.aidrestore.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:20 GMT
server: LiteSpeed
etag: "52e4-6529f580-1e33a1fa78a5182f;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 21220
expires: Sat, 21 Oct 2023 03:02:27 GMT

GET
H3 200 Inter-Bold.woff2
get.aidrestore.com/w1/fonts/ 22 KB
22 KB 84ms
81ms Font
font/woff2 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://get.aidrestore.com/w1/fonts/Inter-Bold.woff2

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ddf9968abe307e0e2e966fe44ec381516ad99d9073203dec541e0e7b9904710d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://get.aidrestore.com/w1/index.html
Origin: https://get.aidrestore.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:20 GMT
server: LiteSpeed
etag: "588c-6529f580-a468e489bf0475e8;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 22668
expires: Sat, 21 Oct 2023 03:02:27 GMT

GET
H3 200 2.jpeg
get.aidrestore.com/w1/images/ 125 KB
125 KB 56ms
40ms Image
image/jpeg 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://get.aidrestore.com/w1/images/2.jpeg

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5e49da4053e090df0cae812179c65e9b49915e8081655d92eacdaeadfd2b49be

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:21 GMT
server: LiteSpeed
etag: "1f248-6529f581-65ef79391e199287;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 127560
expires: Sat, 21 Oct 2023 03:02:27 GMT

GET
H3 200 3.jpeg
get.aidrestore.com/w1/images/ 21 KB
21 KB 78ms
62ms Image
image/jpeg 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://get.aidrestore.com/w1/images/3.jpeg

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

41f4986a05b867fd17b4569e8ed575ccb37a5e225373dd081d6eb425a97209b0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:21 GMT
server: LiteSpeed
etag: "547a-6529f581-a4283ec109b2dde6;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 21626
expires: Sat, 21 Oct 2023 03:02:27 GMT

GET
H3 200 4.jpeg
get.aidrestore.com/w1/images/ 40 KB
40 KB 97ms
81ms Image
image/jpeg 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://get.aidrestore.com/w1/images/4.jpeg

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

373d207f564c4107239edf636155370438a37dd81fa768e86c35f8474318d145

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:21 GMT
server: LiteSpeed
etag: "9f1b-6529f581-2846df7e5107936a;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 40731
expires: Sat, 21 Oct 2023 03:02:27 GMT

GET
H3 200 5.jpeg
get.aidrestore.com/w1/images/ 110 KB
110 KB 120ms
104ms Image
image/jpeg 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://get.aidrestore.com/w1/images/5.jpeg

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

18e951b83864d4449c50d525059d590050472172b9bc5da318117d5063c191d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:21 GMT
server: LiteSpeed
etag: "1b77b-6529f581-5f99005c23d6a57c;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 112507
expires: Sat, 21 Oct 2023 03:02:27 GMT

GET
H3 200 diya-e1690543766360-200x113.jpeg
get.aidrestore.com/w1/images/ 5 KB
5 KB 123ms
108ms Image
image/jpeg 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://get.aidrestore.com/w1/images/diya-e1690543766360-200x113.jpeg

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

badcecc1ba070d3798e5baa16b846ff09359d82fa168c0ec66210d3d4265e35e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:21 GMT
server: LiteSpeed
etag: "14da-6529f581-cbd8e3a619efb9f9;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 5338
expires: Sat, 21 Oct 2023 03:02:27 GMT

GET
H3 200 ukrayinski-vijskovi-300x169.jpg
get.aidrestore.com/w1/images/ 9 KB
9 KB 125ms
110ms Image
image/jpeg 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://get.aidrestore.com/w1/images/ukrayinski-vijskovi-300x169.jpg

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e4b78af54754716d1fd791a952b01db1fa5f0004bdf25efcf7f85661fad58e53

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:23 GMT
server: LiteSpeed
etag: "2471-6529f583-ec67e938d0b5a298;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 9329
expires: Sat, 21 Oct 2023 03:02:27 GMT

GET
H3 200 father-g51cbb4802_1280-2-200x113.jpg
get.aidrestore.com/w1/images/ 6 KB
6 KB 122ms
111ms Image
image/jpeg 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://get.aidrestore.com/w1/images/father-g51cbb4802_1280-2-200x113.jpg

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

96496b75f7f73ce0b91a714e861fbadc655056c0d47d85c71d17c4a7e8c2e10d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:22 GMT
server: LiteSpeed
etag: "1660-6529f582-3dfb16297ea8ee67;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 5728
expires: Sat, 21 Oct 2023 03:02:27 GMT

GET
H3 200 depositphotos_315251422_xl-1-300x169.jpg
get.aidrestore.com/w1/images/ 7 KB
8 KB 122ms
111ms Image
image/jpeg 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://get.aidrestore.com/w1/images/depositphotos_315251422_xl-1-300x169.jpg

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

64264260a51de96cea8d2583d39bfe8455cde9c1f4257707a7b8905c00d716e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:21 GMT
server: LiteSpeed
etag: "1df9-6529f581-35e95d10a70a55e;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 7673
expires: Sat, 21 Oct 2023 03:02:27 GMT

GET
H3 200 nout-200x113.jpeg
get.aidrestore.com/w1/images/ 6 KB
6 KB 123ms
112ms Image
image/jpeg 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://get.aidrestore.com/w1/images/nout-200x113.jpeg

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

26785e70600dba464ae93812a1a1b53e29312999886d3f7dae11c9684bc2ae28

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/w1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 01:57:22 GMT
server: LiteSpeed
etag: "1740-6529f582-993b84c44a41f35e;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 5952
expires: Sat, 21 Oct 2023 03:02:27 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 79C2 5 KB
3 KB 133ms
35ms Document
text/html 146.59.30.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/js/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: 276f6d51adcb28b24b4b9cf939ed6e09b7599397a806a78b699280256b5f83c0

Request headers

Referer: https://get.aidrestore.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2724
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 03:02:27 GMT
etag: PRIVATE7520710249
expires: Mon, 13 Nov 2023 03:02:27 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 adfc3abd7f7505c84e4ee73f933be0d6.jsonp Show response
files.bidmatic.io/microplayer/configs/ 1 KB
2 KB 91ms
8ms Script
application/octet-stream 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://files.bidmatic.io/microplayer/configs/adfc3abd7f7505c84e4ee73f933be0d6.jsonp
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/js/integrator.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: 5689e516ed10f452b02fa2e9064f81961c2eb78521d8353d02a6f1acb46dda2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires: Sat, 14 Oct 2023 04:02:27 GMT
date: Sat, 14 Oct 2023 03:02:27 GMT
last-modified: Thu, 07 Sep 2023 14:16:54 GMT
server: openresty
etag: "64f9db56-52e"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=3600
content-disposition: inline; filename="adfc3abd7f7505c84e4ee73f933be0d6.jsonp"
accept-ranges: bytes
content-length: 1326
x-proxy-cache: HIT

GET
H2 200 fakty.ictv.ua.1438379.es6.js Show response
jsc.idealmedia.io/f/a/ 326 KB
101 KB 446ms
392ms Script
text/javascript 2606:4700::6813:9722
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.idealmedia.io/f/a/fakty.ictv.ua.1438379.es6.js

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/js/fakty.ictv.ua.1438379.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9722 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4818ea917355765ed93ec2cbf3c8d833117550d025e3c37cc4461f18c4b31d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:28 GMT
content-encoding: gzip
x-amz-version-id: CHQOtAOQjjUMx74y1KcM5G6GTCy10A_P
cf-cache-status: REVALIDATED
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: S5B38FMY8E1N1SC0
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 102516
x-amz-id-2: xV9ZTy94K2TJs2g5R2kwYNE5FwxP4SSvfWIVAGwhWNC9tOykcVxCTAQpFw0mr1YLIjia98JhVv3otonir2GADg==
last-modified: Wed, 11 Oct 2023 08:17:13 GMT
server: cloudflare
etag: "26fc57ac562091840ec65495d56ba98f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 815c956719d36946-FRA
expires: Sat, 14 Oct 2023 06:02:28 GMT

GET
H2 200 jquery-2.2.0.min.js Show response
code.jquery.com/ 84 KB
30 KB 69ms
6ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.0.min.js
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/js/sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2450348
x-cache: HIT, HIT
content-length: 29875
x-served-by: cache-lga21967-LGA, cache-fra-eddf8230119-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1697252548.725409,VS0,VE0
etag: W/"28feccc0-14e55"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 13, 44916

GET
H2 200 embed_lib_v1.0.11.css
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/ 4 KB
2 KB 97ms
19ms Stylesheet
text/css 2.16.62.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.css
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/js/embed_v1.0.11.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.62.75 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-62-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 03bdc578df22c63b243c4f3e898dd7d083c65b24205260541b0abc072cc38e5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: 13fbadf2
date: Sat, 14 Oct 2023 03:02:27 GMT
content-encoding: br
gzip-server: KFC
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
content-md5: zJ2Nyh55L+w+3gi0qlc5pw==
x-check-cacheable: YES
x-cache: TCP_MEM_HIT from a2-16-62-71.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 1201
x-tos-request-id: bbd1f40c5506f552640c5506-af54031
x-tos-response-time: Sat, 11 Mar 2023 10:16:38 GMT
last-modified: Thu, 03 Nov 2022 00:46:48 GMT
server: nginx
x-tt-logid: 20230314000519FBEAA85982DD249AAB1E
etag: CP6J0dbkkPsCEAE=
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2023566
access-control-allow-credentials: false
x-tt-trace-host: 01a590d3cc931e2cc6b2d92fa3b55d0c4e2fdf68f0910c86e8b88f661266b76e9ce7047b09a9fb36b47024a77ebb17944cf145b65fa6fd2b66b943480061438956b08bf54706f53fa8c80a5b37c5b80bad7be5926dd057936f150626b28ec2f1873e0ef6e561d9a3bd80e89dee5d54ecc006d422150a3cc00c021decde5b80c83d
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 embed_lib_v1.0.11.js Show response
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/ 15 KB
6 KB 53ms
20ms Script
application/javascript 2.16.62.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.js
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/js/embed_v1.0.11.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.62.75 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-62-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2895e5ed5c744e60706d7b9ca2659c79555abd6a8a876b547b82bb89299fc6a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: 13fbadf3
date: Sat, 14 Oct 2023 03:02:27 GMT
content-encoding: br
gzip-server: KFC
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
content-md5: 6f9KK8Y3c/2Yh2WZTLuA2Q==
x-check-cacheable: YES
x-cache: TCP_MEM_HIT from a2-16-62-71.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 5147
x-tos-request-id: c80d20e854be7ef640e854b-af5401d
x-tos-response-time: Mon, 13 Mar 2023 02:07:07 GMT
last-modified: Thu, 03 Nov 2022 00:46:48 GMT
server: nginx
x-tt-logid: 20230313084045A75655EE9C7B9D0E7B14
etag: CNX5z9bkkPsCEAE=
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=942272
access-control-allow-credentials: false
x-tt-trace-host: 01d1a77e5e337d3b0789d42ad28693fcdc1029654597455514615af2f841cc4980641c57606ca4ac78ba9a56bee9af72e0e2ae668b01b2bee6d2ae727012370200bced85b221bc1fc855c85b15ecd2d0ff9e7ef0df6adde90e6a57c4f572edc344db40e20cd134baf7e708915c842bf083b3a82f00833a38b37901df7061f6446a
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
440 B 144ms
67ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://get.aidrestore.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://get.aidrestore.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
H2

200

/
www.google.de/pagead/1p-conversion/10885073154/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10885073154/?random=942299033&cv=11&fst=1697252546766&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fget...
https://www.google.com/pagead/1p-conversion/10885073154/?random=942299033&cv=11&fst=1697252546766&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%...
https://www.google.de/pagead/1p-conversion/10885073154/?random=942299033&cv=11&fst=1697252546766&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2...

42 B
154 B

81ms
45ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/10885073154/?random=942299033&cv=11&fst=1697252546766&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&label=-6YeCPaJrrMDEIKStMYo&hn=www.googleadservices.com&frm=0&tiba=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%86%D1%8F%D0%BC%2C%20%D1%8F%D0%BA%D1%96%20%D0%B7%D0%B0%D0%BB%D0%B8%D1%88%D0%B8%D0%BB%D0%B8%D1%81%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%3A%20&value=0&auid=1754772136.1697252547&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE5XanFRWVEyT0wtdUxuaWxKdWlBUkltQUJWM2dUdkoydFY3bXFRZlRWc3V0Z1JIY01BTlBPanBGbk5Cck9jdDdtUG9FMng4OWJ3GlhDaEFJOE5XanFRWVFpbzZxdFpxbXNvY29FaTRBY2Y0M0ZLbERkQzhFWmxMM3ZaWk9HNXFOeUMxR3JKT2xadDQ3MEdUUlpoaFBMeDBSSm4wdGNBbFpJaVZlIhMIxIDHucb0gQMVhcm7CB3p-QER&is_vtc=1&ocp_id=wwQqZYSTJYWT7_UP6fOHiAE&eitems=ChAI8NWjqQYQ6uSvg5OO0-58Eh0AG0dcVmUlM16Qg4dgtrjwY2hJprczV4zAvJDs4A&random=363857356&ipr=y

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/10885073154/?random=942299033&cv=11&fst=1697252546766&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&label=-6YeCPaJrrMDEIKStMYo&hn=www.googleadservices.com&frm=0&tiba=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%86%D1%8F%D0%BC%2C%20%D1%8F%D0%BA%D1%96%20%D0%B7%D0%B0%D0%BB%D0%B8%D1%88%D0%B8%D0%BB%D0%B8%D1%81%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%3A%20&value=0&auid=1754772136.1697252547&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE5XanFRWVEyT0wtdUxuaWxKdWlBUkltQUJWM2dUdkoydFY3bXFRZlRWc3V0Z1JIY01BTlBPanBGbk5Cck9jdDdtUG9FMng4OWJ3GlhDaEFJOE5XanFRWVFpbzZxdFpxbXNvY29FaTRBY2Y0M0ZLbERkQzhFWmxMM3ZaWk9HNXFOeUMxR3JKT2xadDQ3MEdUUlpoaFBMeDBSSm4wdGNBbFpJaVZlIhMIxIDHucb0gQMVhcm7CB3p-QER&is_vtc=1&ocp_id=wwQqZYSTJYWT7_UP6fOHiAE&eitems=ChAI8NWjqQYQ6uSvg5OO0-58Eh0AG0dcVmUlM16Qg4dgtrjwY2hJprczV4zAvJDs4A&random=363857356&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 script.js Show response
cdnstat.net/get/ 129 B
702 B 78ms
42ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstat.net/get/script.js?referrer=https://get.aidrestore.com/w1/index.html
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/js/gtm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.1
Resource Hash: c59a3960888d96b3748601b9b77df171bafa3d53289ec4b8b6db3d474e9a39e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.1
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: https://get.aidrestore.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vz2IjrrcxBwuVf7diDKJtr62KU8HuykOTW54a%2BTEkfpuNXxlkiv8g1VELkiaVRC%2B2BA9STxLON%2F9f1fxHro%2B3NtriZx%2B8ouxW%2FE1hTgMMrQC8oO%2FzolSrnUCzoDpZg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 815c9567fb535c56-FRA
access-control-allow-headers: X-Requested-With,content-type
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e40392e86c82f3bce196182c21ed8467cca4aea225e451db8fd16ca727fa52d8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1697252547898/
Redirect Chain

https://gaua.hit.gemius.pl/_1697252547898/rexdot.js?l=100&sendf=24&id=zao6P2d9U3r6qXvmrhZChJchzSugagLmNCDiR6Vr42..q7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Fget....
https://gaua.hit.gemius.pl/__/_1697252547898/rexdot.js?l=100&sendf=24&id=zao6P2d9U3r6qXvmrhZChJchzSugagLmNCDiR6Vr42..q7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Fg...

169 B
475 B

34ms
33ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1697252547898/rexdot.js?l=100&sendf=24&id=zao6P2d9U3r6qXvmrhZChJchzSugagLmNCDiR6Vr42..q7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=dnnXNwU7XDfAhYMWW95j41Se01wbgfZEJzj1tnwb1Mb.n7bODdqmIaKlVBPcFTej_V_7OVnOSLS06mAbux6HdbMFEioQ/oudP2RUJBNuLK/&fpdata=A9WMkTe34gQzDpb9E.CWCcySafd8yjC5.FOAYhTEnqz.N7&ltime=796&fr=1&ref=&inner=_ver%3D344%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=652a04c2276cb414&brts=1697252547&fpcap=
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html
Protocol: H2
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: ef7e81de40cfacd52d4f50a4b106812f54199b6863c0f38d23d30beaa13ece77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:28 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Fri, 13 Oct 2023 03:02:28 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:27 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1697252547898/rexdot.js?l=100&sendf=24&id=zao6P2d9U3r6qXvmrhZChJchzSugagLmNCDiR6Vr42..q7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=dnnXNwU7XDfAhYMWW95j41Se01wbgfZEJzj1tnwb1Mb.n7bODdqmIaKlVBPcFTej_V_7OVnOSLS06mAbux6HdbMFEioQ/oudP2RUJBNuLK/&fpdata=A9WMkTe34gQzDpb9E.CWCcySafd8yjC5.FOAYhTEnqz.N7&ltime=796&fr=1&ref=&inner=_ver%3D344%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=652a04c2276cb414&brts=1697252547&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Fri, 13 Oct 2023 03:02:27 GMT

GET
H2 200 integration.css
player.bidmatic.io/microplayer/v2/ 34 KB
6 KB 56ms
7ms Stylesheet
text/css 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.bidmatic.io/microplayer/v2/integration.css
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/js/integrator.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: ba77d701b3b7bf79c34f1b48230081f7e2bfac2981f66e897fb5d93f65a711b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 18:18:51 GMT
server: nginx
etag: W/"651efe0b-8618"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=172800
expires: Mon, 16 Oct 2023 03:02:27 GMT

GET
H2 200 plyr.polyfilled.min.js Show response
player.bidmatic.io/microplayer/v2/ 130 KB
37 KB 66ms
19ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.bidmatic.io/microplayer/v2/plyr.polyfilled.min.js?471460
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/js/integrator.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: b214dc82c962420f9799acf1593704684728591457a7aa6e5c66d90e5ad99ff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:27 GMT
content-encoding: gzip
last-modified: Tue, 07 Jun 2022 12:27:44 GMT
server: nginx
etag: W/"629f4440-20688"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Mon, 16 Oct 2023 03:02:27 GMT

GET
H2 200 7285969595880475910 Show response
www.tiktok.com/embed/v2/ Frame 33C3 108 KB
20 KB 304ms
240ms Document
text/html 2.16.238.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tiktok.com/embed/v2/7285969595880475910?lang=en-US&referrer=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&embedFrom=oembed
Requested by: Host: lf16-tiktok-web.ttwstatic.com
URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-9.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: 3b8d5b8fbc1d13a05f2a9e393e66a77fdb69f0418a6c0c7802541b8ce06a8a1a

Request headers

Referer: https://get.aidrestore.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 14 Oct 2023 03:02:28 GMT
expires: Sat, 14 Oct 2023 03:02:28 GMT
pragma: no-cache
server: TLB
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=141 inner; dur=135
x-akamai-request-id: 865949f.c2650e4
x-cache: TCP_MISS from a2-16-239-9.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-cache-remote: TCP_MISS from a23-32-17-7.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-origin-response-time: 141,23.32.17.7
x-parent-response-time: 228,2.16.239.9
x-pumbaa-web-avail: 1
x-tt-logid: 2023101403022738DDD632AD406F1A6EC1
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139c7641199da990ec2beb9ccde26a5c6882247c3b82e4721b763e7cfcf1941f2e3ec7f957009b2b74f2d93b059ca462b47f5de40c2ef4caa11faa0ae2736e77ac3fde2bb15ddb3988538d2c355d67a61c62
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 52ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-57RZ078QNH&gtm=45je3ab0&_p=478695864&_gaz=1&cid=1932489114.1697252548&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697252547&sct=1&seg=0&dl=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dt=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%86%D1%8F%D0%BC%2C%20%D1%8F%D0%BA%D1%96%20%D0%B7%D0%B0%D0%BB%D0%B8%D1%88%D0%B8%D0%BB%D0%B8%D1%81%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%3A%20%D1%88%D0%B0%D1%85%D1%80%D0%B0%D0%B9%D1%81%D1%8C%D0%BA%D1%96%20%D1%81%D1%85%D0%B5%D0%BC%D0%B8%202023&en=page_view&_fv=1&_nsi=1&_ss=1&ep.article_date=2023-10-13
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-57RZ078QNH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.aidrestore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 72ms
19ms Ping
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-57RZ078QNH&cid=1932489114.1697252548&gtm=45je3ab0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-57RZ078QNH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.aidrestore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 62ms
25ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-57RZ078QNH&cid=1932489114.1697252548&gtm=45je3ab0&aip=1&z=1419240822

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/279944/ 2 KB
1 KB 34ms
8ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/279944/config.json?cb=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_266844_811.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: d29c7fb7752595a7345a95774182e54d31d1002ee13169be7af77f9b9c52314a

Request headers

Referer: https://get.aidrestore.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

expires: Sun, 15 Oct 2023 03:02:28 GMT
date: Sat, 14 Oct 2023 03:02:28 GMT
content-encoding: gzip
last-modified: Fri, 13 Oct 2023 12:03:49 GMT
server: nginx
etag: W/"65293225-8f2"
content-type: application/json
access-control-allow-origin: https://get.aidrestore.com
cache-control: max-age=86400
x-proxy-cache: HIT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 255 KB
63 KB 54ms
9ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/Kqn1V/hbw_master_266844_811.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 02:29:57 GMT
content-encoding: gzip
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront), 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
last-modified: Thu, 05 Oct 2023 19:43:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1951
x-amz-server-side-encryption: AES256
etag: W/"e1caada96468a3b669d0d0cc6ec9a23c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: pIwEaMUc_gANBBoeSkQhiMBdwpAPhmdjbgDgN3Wijx1sf44abNjiUg==

GET
H3 404 29 Show response
get.aidrestore.com/publisher/fusion/lucid/data/ 2 KB
1017 B 38ms
38ms XHR
text/html 2a02:4780:9:1024:0:1d4a:9c7f:4
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://get.aidrestore.com/publisher/fusion/lucid/data/29?email=&visitor=&stored_visitor=&pnespid=

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:9:1024:0:1d4a:9c7f:4 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://get.aidrestore.com/w1/index.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 14 Oct 2023 03:02:28 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 03 Oct 2023 16:58:16 GMT
server: LiteSpeed
etag: "999-651c4828-23ed0387ef6ff307;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
369 B 127ms
66ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://get.aidrestore.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 14 Oct 2023 03:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://get.aidrestore.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 157 B
431 B 132ms
19ms XHR
application/json 2a0c:5c87:5239::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/Kqn1V/hbw_master_266844_811.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 7d8998f6ba1d244231957cd560b2e8294d631f5b9442460b75d1d2251bcbe110

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:27 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://get.aidrestore.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 157

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
435 B 133ms
21ms XHR
image/gif 2a0c:5c87:5239::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=266844&site_id=811&pbjsv=v7.37.4&full_page_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&adid=pgcfjw.1g&features=81952&vpbv=N179&tte=1504&lifecycle_tte=2205
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/Kqn1V/hbw_master_266844_811.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:27 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://get.aidrestore.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
1 KB 58ms
57ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3655793237012901&correlator=4222186028696804&eid=44804939&output=ldjh&gdfp_req=1&vrg=202310110101&ptt=17&impl=fifs&trt=1&iu_parts=58302844%2CSLDS_Fakty_Interstitials&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697252548147&lmt=1697241440&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1932489114.1697252548&ga_sid=1697252548&ga_hid=478695864&ga_fc=true&dlt=1697252546572&idt=344&cust_params=fakty5061154%3D2493890c04ee69efa523303ddc784c46%26fakty%3Dsuspilstvo%26url%3D2493890c04ee69efa523303ddc784c46%26fakty_article%3Dlong&adks=3691027390&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

735aeb40df368e4e7476c6a0fbc6bb19e1bc3b57ae2ce6deb58e68c6968fcb6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 671
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://get.aidrestore.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
55a57e9b44b0c73b88dfae876d3445f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 71B9 6 KB
3 KB 140ms
22ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://55a57e9b44b0c73b88dfae876d3445f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://get.aidrestore.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 03:02:28 GMT
expires: Sun, 13 Oct 2024 03:02:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/ 38 KB
13 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc2b61cf28583354672e9ceb5b4c4d8e182e8e9e2003df6fa8723a1dc459fbd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 11:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55548
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13428
x-xss-protection: 0
server: cafe
etag: 7072425772309545193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 12 Oct 2024 11:36:40 GMT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 157 B
431 B 80ms
21ms XHR
application/json 2a0c:5c87:5239::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/Kqn1V/hbw_master_266844_811.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 7d8998f6ba1d244231957cd560b2e8294d631f5b9442460b75d1d2251bcbe110

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:27 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://get.aidrestore.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 157

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
435 B 64ms
20ms XHR
image/gif 2a0c:5c87:5239::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=266844&site_id=811&pbjsv=v7.37.4&full_page_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&adid=pgcfnk.25&features=81952&vpbv=N179&tte=1582&lifecycle_tte=2283
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/Kqn1V/hbw_master_266844_811.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:27 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://get.aidrestore.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
BLOB 200
OK efbb12b6-2f8d-49ea-bde2-37d6df54fa23
https://get.aidrestore.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://get.aidrestore.com/efbb12b6-2f8d-49ea-bde2-37d6df54fa23
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 5565c029-a2ac-49e3-8e2d-3ed06add88ce
https://get.aidrestore.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://get.aidrestore.com/5565c029-a2ac-49e3-8e2d-3ed06add88ce
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 bdm.svg Show response
player.bidmatic.io/microplayer/v2/ 15 KB
6 KB 27ms
11ms XHR
image/svg+xml 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.bidmatic.io/microplayer/v2/bdm.svg
Requested by: Host: player.bidmatic.io
URL: https://player.bidmatic.io/microplayer/v2/plyr.polyfilled.min.js?471460
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: f274477a928cb073850e676de511dea27235c39219ccded0a5e9d341717bab0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:28 GMT
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 18:18:54 GMT
server: nginx
etag: W/"651efe0e-3d5e"
content-type: image/svg+xml
access-control-allow-origin: https://get.aidrestore.com
cache-control: max-age=172800
access-control-allow-credentials: true
expires: Mon, 16 Oct 2023 03:02:28 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 147ms
53ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b396d8a5787ac71f0a45383d1973e561aa7ce4622e704ec11f59c3cd8be89bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Oct 2023 03:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 03:02:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Oct 2023 03:02:28 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 361 KB
124 KB 121ms
35ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.bidmatic.io
URL: https://player.bidmatic.io/microplayer/v2/plyr.polyfilled.min.js?471460

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6939afaeb559a7dd48bf40e39170c0f5ca2125984aeaca978d9491801f717bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126235
x-xss-protection: 0
expires: Sat, 14 Oct 2023 03:02:28 GMT

GET
H2 200 bdm.svg Show response
player.bidmatic.io/microplayer/v2/ 15 KB
6 KB 18ms
15ms XHR
image/svg+xml 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.bidmatic.io/microplayer/v2/bdm.svg
Requested by: Host: player.bidmatic.io
URL: https://player.bidmatic.io/microplayer/v2/plyr.polyfilled.min.js?471460
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: f274477a928cb073850e676de511dea27235c39219ccded0a5e9d341717bab0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:28 GMT
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 18:18:54 GMT
server: nginx
etag: W/"651efe0e-3d5e"
content-type: image/svg+xml
access-control-allow-origin: https://get.aidrestore.com
cache-control: max-age=172800
access-control-allow-credentials: true
expires: Mon, 16 Oct 2023 03:02:28 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 45ms
30ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=478695864&t=pageview&_s=1&dl=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%86%D1%8F%D0%BC%2C%20%D1%8F%D0%BA%D1%96%20%D0%B7%D0%B0%D0%BB%D0%B8%D1%88%D0%B8%D0%BB%D0%B8%D1%81%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%3A%20%D1%88%D0%B0%D1%85%D1%80%D0%B0%D0%B9%D1%81%D1%8C%D0%BA%D1%96%20%D1%81%D1%85%D0%B5%D0%BC%D0%B8%202023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAABAAQCAC~&jid=344267663&gjid=692237741&cid=1932489114.1697252548&tid=UA-126238864-1&_gid=1528576055.1697252548&_slc=1&gtm=45He3ab0n81KMS7G77&cd8=function(a)%7Btracker.set(%22dimension8%22%2Ctracker.get(%22clientId%22))%7D&z=619796074

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.aidrestore.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.aidrestore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 30ms
17ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-126238864-1&cid=1932489114.1697252548&jid=344267663&gjid=692237741&_gid=1528576055.1697252548&_u=YCDAgAABAAQCAG~&z=819278362

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.aidrestore.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 14 Oct 2023 03:02:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.aidrestore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
83 B 44ms
43ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=478695864&t=pageview&_s=1&dl=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%86%D1%8F%D0%BC%2C%20%D1%8F%D0%BA%D1%96%20%D0%B7%D0%B0%D0%BB%D0%B8%D1%88%D0%B8%D0%BB%D0%B8%D1%81%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%3A%20%D1%88%D0%B0%D1%85%D1%80%D0%B0%D0%B9%D1%81%D1%8C%D0%BA%D1%96%20%D1%81%D1%85%D0%B5%D0%BC%D0%B8%202023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCHAAEABAAQCAGAAI~&jid=149339479&gjid=1959227614&cid=1932489114.1697252548&tid=UA-126238864-2&_gid=1528576055.1697252548&_r=1&_slc=1&gtm=45He3ab0n81KMS7G77&z=348178589

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f5e7ba83ca1221101feed3ba5bd80960a68e576235091899ecbbd7918df577ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.aidrestore.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.aidrestore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 39ms
37ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=478695864&t=event&ni=1&_s=1&dl=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%86%D1%8F%D0%BC%2C%20%D1%8F%D0%BA%D1%96%20%D0%B7%D0%B0%D0%BB%D0%B8%D1%88%D0%B8%D0%BB%D0%B8%D1%81%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%3A%20%D1%88%D0%B0%D1%85%D1%80%D0%B0%D0%B9%D1%81%D1%8C%D0%BA%D1%96%20%D1%81%D1%85%D0%B5%D0%BC%D0%B8%202023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=page%20info&ea=undefined&_u=YCHAAEABAAQCAGAAI~&jid=1402021146&gjid=810528702&cid=1932489114.1697252548&tid=UA-126238864-1&_gid=1528576055.1697252548&_r=1&gtm=45He3ab0n81KMS7G77&z=1125131006

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.aidrestore.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.aidrestore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 28ms
27ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=478695864&t=event&ni=1&_s=1&dl=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%86%D1%8F%D0%BC%2C%20%D1%8F%D0%BA%D1%96%20%D0%B7%D0%B0%D0%BB%D0%B8%D1%88%D0%B8%D0%BB%D0%B8%D1%81%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%3A%20%D1%88%D0%B0%D1%85%D1%80%D0%B0%D0%B9%D1%81%D1%8C%D0%BA%D1%96%20%D1%81%D1%85%D0%B5%D0%BC%D0%B8%202023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=page%20time&ea=undefined&_u=YCHAAEABAAQCAGAAI~&jid=&gjid=&cid=1932489114.1697252548&tid=UA-126238864-1&_gid=1528576055.1697252548&gtm=45He3ab0n81KMS7G77&z=1977464150

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 08:16:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 67568
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
27ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=478695864&t=event&ni=1&_s=1&dl=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%86%D1%8F%D0%BC%2C%20%D1%8F%D0%BA%D1%96%20%D0%B7%D0%B0%D0%BB%D0%B8%D1%88%D0%B8%D0%BB%D0%B8%D1%81%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%3A%20%D1%88%D0%B0%D1%85%D1%80%D0%B0%D0%B9%D1%81%D1%8C%D0%BA%D1%96%20%D1%81%D1%85%D0%B5%D0%BC%D0%B8%202023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=page%20authors&ea=undefined&_u=YCHAAEABAAQCAGAAI~&jid=&gjid=&cid=1932489114.1697252548&tid=UA-126238864-1&_gid=1528576055.1697252548&gtm=45He3ab0n81KMS7G77&z=857596428

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 08:16:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 67568
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 206 blank.mp4
cdn.plyr.io/static/ 2 KB
2 KB 89ms
30ms Media
video/mp4 2606:4700:21::681b:c358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/static/blank.mp4
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5747997d80825cbafcdbe5ab97d7b5502c06b1aae85fed9610845348b3da4d98

Request headers

Referer: https://get.aidrestore.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 14 Oct 2023 03:02:29 GMT
cf-cache-status: HIT
last-modified: Thu, 20 Apr 2023 10:33:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 15265678
etag: "08fc2557b6c938f1a251e59b016e90e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=filLYgssyYjjfXkRwNQBWe1ohSpcvmPNyuF1hWq2A7vA6sYxYPmG5HAYw%2BlpG8YVQaPYs5UT4EfwIhI3VxzDIbPdfxwntQu0B6mx6kO4Oju6VIM6RoWbRZlSwsO2aPiKe6kpbLK%2FxPsX"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 0-1776/1777
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 815c956f38299b80-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 1777

GET
H2 206 dada366b63c78a6bf291cceb3e5f46ff.mp4
files.bidmatic.io/video-service/ 2 MB
0 14ms
14ms Media
video/mp4 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://files.bidmatic.io/video-service/dada366b63c78a6bf291cceb3e5f46ff.mp4
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Referer: https://get.aidrestore.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range: bytes=0-

Response headers

expires: Sat, 14 Oct 2023 04:02:28 GMT
date: Sat, 14 Oct 2023 03:02:28 GMT
last-modified: Thu, 07 Sep 2023 14:15:14 GMT
server: openresty
etag: "64f9daf2-1ec6a52"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-32270929/32270930
cache-control: max-age=3600
content-disposition: inline; filename="dada366b63c78a6bf291cceb3e5f46ff.mp4"
Content-Length: 32270930
x-proxy-cache: HIT

GET
H2 200 f7e8cac4-1bcc-4a33-a6c1-7cf8b2305f1a Show response
config.aps.amazon-adsystem.com/configs/ 537 B
811 B 80ms
13ms Script
application/javascript 99.86.4.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/f7e8cac4-1bcc-4a33-a6c1-7cf8b2305f1a
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-128.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 5e4c349c87b338421cf6f805efb8cacda5b466b12d1678dae2dac913528b3572

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 02:50:20 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 729
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: OkkIpscFaICGCOxu6fIW_Ebb1nDYx5oUaoanYLa3mi9Wj1SE6wmKSA==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
304 B 108ms
106ms XHR
text/plain 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fget.aidrestore.com&pubid=f7e8cac4-1bcc-4a33-a6c1-7cf8b2305f1a
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:28 GMT
via: 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
access-control-allow-origin: https://get.aidrestore.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: cIzxr__FeLmXpil5bepQG-rBGDef3PRt5gICeVM_GbVhtSfkABErLA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
462 B 405ms
334ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&pid=8v14wGQZUYLmo&cb=0&ws=1600x1200&v=23.919.1525&t=1900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1676019381850-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F58302844%2FSLDS_FakTy_Gorizont1_728x90%22%7D%5D&schain=1.0%2C1!adtelligent.com%2C266844%2C1%2C%2C%2C&pubid=f7e8cac4-1bcc-4a33-a6c1-7cf8b2305f1a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 759KM49QPZCTWXBQV5DQ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://get.aidrestore.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: TT2qzkZajkgoP0U_KFxmvUAT0Ua6iWESnFn_pBBsG9smjrf9A0CFjQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 683ms
418ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:30 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 2RKkop49cv4PQFOFM8X4FGH9xgNt9Hi7znLjXVtB9U9XRz779xb5rg==

GET
H/1.1 200
OK vr Show response
ghb.adtelligent.com/ 48 B
321 B 28ms
25ms XHR
application/json 2a0c:5c87:5239::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/vr?bids=18960
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/Kqn1V/hbw_master_266844_811.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 7088bb37c1b84631bc9be0e40fdf6672a55f05cf6672be6d972039c269d4ca60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:28 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://get.aidrestore.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 48

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 174ms
129ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&pid=8v14wGQZUYLmo&cb=1&ws=1600x1200&v=23.919.1525&t=1900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1472565425637-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F58302844%2FSLDS_FakTy_Premium1_300x250%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1676020058675-0%22%2C%22s%22%3A%5B%221366x90%22%2C%221280x90%22%2C%221200x90%22%2C%221080x90%22%2C%221024x90%22%2C%221000x90%22%2C%22980x90%22%2C%22970x90%22%2C%22960x90%22%2C%22950x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F58302844%2FSLDS_Fakty_Catfish%22%7D%5D&schain=1.0%2C1!adtelligent.com%2C266844%2C1%2C%2C%2C&pubid=f7e8cac4-1bcc-4a33-a6c1-7cf8b2305f1a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 5HQ24JP2DRDFRR4RYXVT
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://get.aidrestore.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: d3JiGKcW4sgEr10kYxu7MKLmdmLVjsUU8HlxbazAqOkPIuo72vlKnw==

GET
H2 200 index.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.553/ Frame 33C3 61 KB
17 KB 119ms
53ms Script
application/javascript 184.24.77.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.553/index.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7285969595880475910?lang=en-US&referrer=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&embedFrom=oembed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-6.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d9afabf4a36224312d137fd3a3e1b0131935b4ea0cac1efe0bd3fe1c73ac1c2f

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: dbce5e4
date: Sat, 14 Oct 2023 03:02:29 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: 72yk2QILFrNd97QSogvZbQ==
x-cache: TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 16692
last-modified: Wed, 27 Sep 2023 06:58:50 GMT
opc-request-id: iad-1:i-8LNzdu6J5VplggENdKYx8E8Fpq1uwWUB_rQY6SeHcDLhMP2KBCLHdnkTcBS6Be
x-api-id: native
etag: bcaf8a92-375f-45dd-af80-a81152f90233
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: f7bd8f03-e0fb-4518-adcf-6501d7e475ce
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Nov 2023 03:02:29 GMT

GET
H2 200 webmssdk.js Show response
sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/ Frame 33C3 619 KB
185 KB 104ms
12ms Script
application/javascript 2.16.238.148
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/webmssdk.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7285969595880475910?lang=en-US&referrer=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&embedFrom=oembed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-148.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a9f2f7ad522f41e86ac8dbc907d37db9cd7bdd5f3c9dc4dec9b3f7deb48ffe59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: 3f1fd800
date: Sat, 14 Oct 2023 03:02:29 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: z6lb4ggvjhvby2nY7JSVRA==
x-cache: TCP_MEM_HIT from a2-16-237-148.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 3,23.192.44.214
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=210
content-length: 188901
x-tos-request-id: ea484068ccaa9a3e6368ccaa-abf3427
x-tos-response-time: Mon, 07 Nov 2022 09:15:22 GMT
last-modified: Mon, 07 Nov 2022 03:53:53 GMT
server: nginx
etag: "CLn13/mVm/sCEAE="
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1580482
x-origin-response-time: 223,23.192.44.230
access-control-allow-credentials: false
x-tt-trace-host: 011785d5f7af4a77e70353a0133ed909f20b10df25d40b451d7edab5fd25af910546bb1c7a28716e084aa1df3cc437c0130e9cc8468308b73200769dffa3aab5436de8e65ca025bfeb1ea64dbf668061e2bd73e97124ff0244e31b5c6871b8e1c1712f87b3ece92e19c759d7bbb2cad911
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 tiktok-embed.module.0beb9a8cc31ba28fc6d9.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/ Frame 33C3 2 MB
565 KB 81ms
15ms Script
application/javascript 184.24.77.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/tiktok-embed.module.0beb9a8cc31ba28fc6d9.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7285969595880475910?lang=en-US&referrer=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&embedFrom=oembed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-6.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f53f372f689059afb73db548dec6c019104427f7796e7c352b394a5c1666dc22

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: dbce5dc
date: Sat, 14 Oct 2023 03:02:29 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: hDpSiXnffjiXM0FZLTU2WA==
x-cache: TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 577422
last-modified: Fri, 18 Aug 2023 09:06:04 GMT
opc-request-id: iad-1:ZP9jJzHhrSgywAxSr5VRN7Cdds5egQd0ybIleW4_0I3M4J1NL0LCEWKmiyFfRfrX
x-api-id: native
etag: a911b2c7-ae37-4328-9798-4b56053b580b
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: c8045553-63ca-4728-aeea-0311752d1f89
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Nov 2023 03:02:29 GMT

GET
H2 200 vendors~home.module.e801207375152283d9f9.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/ Frame 33C3 154 KB
42 KB 106ms
41ms Script
application/javascript 184.24.77.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/vendors~home.module.e801207375152283d9f9.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7285969595880475910?lang=en-US&referrer=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&embedFrom=oembed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-6.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 82140abb49d323ef675484f9ab07527f7ec42f1abba9710fdeed2cf036891956

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: dbce5e2
date: Sat, 14 Oct 2023 03:02:29 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: mPg02YcXyGm8DwvmXkmtkw==
x-cache: TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 41749
last-modified: Fri, 18 Aug 2023 09:06:04 GMT
opc-request-id: iad-1:F6kY-99dSPWd5x8o4kKdk5YB5a8jdyGxTt9HBDrw4d2bzbUYjJaWb7BNuFkDzgyx
x-api-id: native
etag: 45585525-0814-4ac6-9426-e32c9207af1f
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 8d332dbe-8f86-4bf7-af85-dac0471399b0
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Nov 2023 03:02:29 GMT

GET
H2 200 home.module.6fe9d52b239d003fa3a7.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/ Frame 33C3 119 KB
31 KB 108ms
43ms Script
application/javascript 184.24.77.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/home.module.6fe9d52b239d003fa3a7.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7285969595880475910?lang=en-US&referrer=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&embedFrom=oembed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-6.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7941202bc792f9125d713040a0c460c06fc48eda478112850490c19048978237

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: dbce5e3
date: Sat, 14 Oct 2023 03:02:29 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: tx1MjiEn15PNGQpdKRx8IA==
x-cache: TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 30601
last-modified: Fri, 18 Aug 2023 09:06:04 GMT
opc-request-id: iad-1:X3FFXOICcifmsHV99YHdYOiCQz62UFLQcY1jg_ghsNDJhv0dsh2MBudG86xkd1YE
x-api-id: native
etag: f8f7d8b0-3735-449a-bb06-9ac3d990e024
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 7629e64b-91c5-42bd-b8e1-ce6ab80da7be
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Nov 2023 03:02:29 GMT

GET
H2 200 o8cVZZMCIInAskEtIoECn1zyIETfhgznAobq9j
p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame 33C3 153 KB
154 KB 114ms
20ms Image
image/jpeg 184.24.77.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/o8cVZZMCIInAskEtIoECn1zyIETfhgznAobq9j?x-expires=1697425200&x-signature=NCszBAmbG9MmRPsr%2FDmEmrEdZv4%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7285969595880475910?lang=en-US&referrer=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&embedFrom=oembed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-28.deploy.static.akamaitechnologies.com
Software: TLB / ImageX
Resource Hash: 5125c532a41778eccf863693f51dc85812af45d0bcf028c8b077cb678a96e550

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: d639641.d6da4b0
date: Sat, 14 Oct 2023 03:02:29 GMT
x-check-cacheable: YES
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
nw-session-id: 2023101307015289DE1D2726A4FF404D08zv8th21tt
x-powered-by: ImageX
x-cache: TCP_MISS from a23-54-207-28.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 2,23.54.207.28
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1498632
server-timing: cdn-cache; desc=MISS, edge; dur=4, origin; dur=0, inner; dur=58
x-length: 156810
content-length: 156810
last-modified: Fri, 13 Oct 2023 07:01:53 GMT
server: TLB
x-tt-logid: 2023101307015289DE1D2726A4FF404D08
x-response-date: Fri, 13 Oct 2023 07:01:53 GMT
x-cache-remote: TCP_HIT from a23-54-207-7.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-10-13T07:01:53.509348439Z 53
x-request-ip: fdbd:dc61:c:149::25
cache-control: max-age=31464049
x-tt-trace-host: 010c57e75beb33381949d90b312373949a952641d8c807a6d10c29d645465970a4890c02c9ca2c7512f2642b38fb1e9791f1107c5fe992d28bc9ece2e59f7bbb62556205a8712041eb5a3c12b2a70946eb8a4f8ba506fd02d9129c4f6bd968a3639bd1ad2631264fbef7a68708449dbcd5
x-response-cinfo: fdbd:dc61:c:149::25
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *

GET
H2 200 pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 30 KB
31 KB 147ms
56ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://get.aidrestore.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 07:33:53 GMT
x-content-type-options: nosniff
age: 588516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31052
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:27:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Oct 2024 07:33:53 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 954 B
847 B 31ms
31ms XHR
application/json 2a0c:5c87:5239::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=378201&aid2=443025&aid3=467848&aid4=587777
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/Kqn1V/hbw_master_266844_811.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 34260d62205054960d6ece5faf62f1f2dab3312fc1d80edd6fffa76d8949098e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:28 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://get.aidrestore.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 534

GET
H2 200 browser.maliva.js Show response
sf16-short-va.bytedapm.com/slardar/fe/sdk-web/ Frame 33C3 48 KB
18 KB 91ms
8ms Script
application/javascript 2.21.20.216
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7285969595880475910?lang=en-US&referrer=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&embedFrom=oembed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-216.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: 0d1bbddcc8c3e9a620da765ca70c17199e87ed9e46be40d2e9aeda1f42c3796b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: 600e0eb7
date: Sat, 14 Oct 2023 03:02:29 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: m53Q8mhUaj4+iImwuMVuww==
x-tt-trace-id: 00-68ea603f1064f5a12196d34606f804d1-68ea603f1064f5a1-01
x-cache: TCP_MEM_HIT from a23-206-213-88.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=94
content-length: 17755
x-tos-request-id: 71f43bf80ad9a1de64f80ad9-a362d18
x-tos-response-time: Wed, 06 Sep 2023 05:15:05 GMT
last-modified: Thu, 31 Aug 2023 08:28:11 GMT
server: TLB
x-tt-logid: 202309060515040258DB6231F4384EE48A
etag: W/"9b9dd0f268546a3e3e8889b0b8c56ec3"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-credentials: false
x-tt-trace-host: 0101bd995126b39e6b58551ab541eec96d8a74067e1d0718b3737b6e7848539d7ba1bedb53a6417e037ebd26a22d884cb343362b6478b29be15e53f7c98c2eb8e4bc859f26ccdc1f974669fb23c6dcb4c19582f783e458369b13fac14b6f161aa6a3e7f42ab2ab6f0c1974de9aee269f8ae2faf480e84336da7104c32c4c932bf0
timing-allow-origin: *
access-control-allow-headers: *
expires: Sat, 14 Oct 2023 03:07:29 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 954 B
789 B 37ms
33ms XHR
application/json 2a0c:5c87:5239::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=378201&aid2=443025&aid3=467848&aid4=587777
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/Kqn1V/hbw_master_266844_811.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: b528d86a58ebfafb02b2243357d9d379d4377b06b38fa70ebfd37d699d61c928

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:28 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://get.aidrestore.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 476

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 49ms
43ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XWZZ6T1NQW&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

01a8aa0fca750ca898766fddf3439d468cf0f1442f73fa6c9de1ae8460796816

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82238
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 03:02:29 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 31ms
28ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-126238864-1&cid=1932489114.1697252548&jid=1402021146&gjid=810528702&_gid=1528576055.1697252548&_u=YCHAAEABAAQCAGAAI~&z=1753704982

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.aidrestore.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 14 Oct 2023 03:02:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.aidrestore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
cookies.nextmillmedia.com/ 0
0 563ms
99ms Image
text/html 23.20.186.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cookies.nextmillmedia.com/sync?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D722242%26extuid%3D%5BNMUID%5D
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.186.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-186-144.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H2 404 getuid
bid.adsinteractive.com/ 0
0 172ms
51ms Image
text/plain 157.245.23.44
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bid.adsinteractive.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D750634%26extuid%3D%24AUID%26gpp%3D%7Bgpp%7D%26gpp_sid%3D%7Bgpp_sid%7D
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.245.23.44 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=12b7c219-3fca-48ad-a1e2-9610e239dd69

43 B
473 B

106ms
106ms

Image
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=12b7c219-3fca-48ad-a1e2-9610e239dd69
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:29 GMT
Server: Adtelligent
Etag: 5c68ccd97b028698
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=12b7c219-3fca-48ad-a1e2-9610e239dd69
date: Sat, 14 Oct 2023 03:02:29 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 120ms
38ms Image
text/plain 216.52.2.86
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.86 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 14 Oct 2023 03:02:29 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H/1.1

200
OK

1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=5c68ccd97b028698

35 B
349 B

61ms
19ms

Image
image/gif

193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=5c68ccd97b028698
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html
Protocol: HTTP/1.1
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 14 Oct 2023 03:02:29 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Location: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=5c68ccd97b028698
Date: Sat, 14 Oct 2023 03:02:29 GMT
Server: Adtelligent
Etag: 5c68ccd97b028698
Content-Length: 0

GET
H2 200 core.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.553/ Frame 33C3 71 KB
23 KB 18ms
17ms Script
application/javascript 184.24.77.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.553/core.js?globalName=__PNS_RUNTIME__
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.553/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-6.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 226097c62636778bbb3c6432474c9cc7aa391fb57d7daac19b72b01cdd2b6ecf

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: dbce6ef
date: Sat, 14 Oct 2023 03:02:29 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: bn6EK1siDXAlsnTidPqXkw==
x-cache: TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 22448
last-modified: Wed, 27 Sep 2023 06:58:50 GMT
opc-request-id: iad-1:kiNNIQ6rTQFzxJRMwB0gB7q2O10EY-wuATpQOLHzsb6srjB2CxklpDtQiUVDmy4J
x-api-id: native
etag: 5c7a85d2-8b5e-469c-a830-12c0b64e269d
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: b7d1cd33-e4ad-40c4-9f37-94349a3d761f
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
x-origin-response-time: 651,96.7.219.147
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Nov 2023 03:02:29 GMT

GET
H2 200 bridge3.595.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 60D2 726 KB
233 KB 28ms
26ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9de6cf1275e2335cae4231d25e6119cd5bb53cfadd831de5cdfc411de862c6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://get.aidrestore.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 371606
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 238136
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 19:49:03 GMT
expires: Tue, 08 Oct 2024 19:49:03 GMT
last-modified: Mon, 09 Oct 2023 19:46:17 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 123ms
43ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 14 Oct 2023 03:02:29 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A2AA 40 KB
14 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 02:12:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 14 Oct 2023 03:12:40 GMT

GET
H/1.1 200
OK player Show response
aux-log.adtelligent.com/svp/ 43 B
286 B 466ms
86ms XHR
image/gif 67.220.182.50
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://aux-log.adtelligent.com/svp/player?type=8&content_id=459050&aid=806472&client_id=680638&playlist_id=14091&width=632&height=356&tte=1737&player_version=1.6.1
Requested by: Host: player.bidmatic.io
URL: https://player.bidmatic.io/microplayer/v2/plyr.polyfilled.min.js?471460
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.220.182.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://get.aidrestore.com
Date: Sat, 14 Oct 2023 03:02:29 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK player Show response
aux-log.adtelligent.com/svp/ 43 B
286 B 552ms
88ms XHR
image/gif 67.220.182.50
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://aux-log.adtelligent.com/svp/player?type=1&content_id=459050&aid=806472&client_id=680638&playlist_id=14091&width=632&height=356&tte=1740&player_version=1.6.1
Requested by: Host: player.bidmatic.io
URL: https://player.bidmatic.io/microplayer/v2/plyr.polyfilled.min.js?471460
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.220.182.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://get.aidrestore.com
Date: Sat, 14 Oct 2023 03:02:29 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK player Show response
aux-log.adtelligent.com/svp/ 43 B
286 B 531ms
93ms XHR
image/gif 67.220.182.50
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://aux-log.adtelligent.com/svp/player?type=2&content_id=459050&aid=806472&client_id=680638&playlist_id=14091&width=632&height=356&tte=1851&player_version=1.6.1
Requested by: Host: player.bidmatic.io
URL: https://player.bidmatic.io/microplayer/v2/plyr.polyfilled.min.js?471460
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.220.182.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://get.aidrestore.com
Date: Sat, 14 Oct 2023 03:02:29 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 36ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XWZZ6T1NQW&gtm=45je3ab0&_p=478695864&ul=en-us&sr=1600x1200&cid=1932489114.1697252548&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&ngs=1&_s=1&dl=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dt=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%86%D1%8F%D0%BC%2C%20%D1%8F%D0%BA%D1%96%20%D0%B7%D0%B0%D0%BB%D0%B8%D1%88%D0%B8%D0%BB%D0%B8%D1%81%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%3A%20%D1%88%D0%B0%D1%85%D1%80%D0%B0%D0%B9%D1%81%D1%8C%D0%BA%D1%96%20%D1%81%D1%85%D0%B5%D0%BC%D0%B8%202023&sid=1697252549&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XWZZ6T1NQW&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.aidrestore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/357d366a17427e7f9095d0eb06c719eb/652a592a/video/tos/useast2a/tos-useast2a-ve-0068c004/o0nDnE6zcIyATsZ9nFh4AfjCIgsznoqk1ItQVZ/ Frame 33C3 251 KB
252 KB 148ms
8ms Media
video/mp4 146.75.118.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/357d366a17427e7f9095d0eb06c719eb/652a592a/video/tos/useast2a/tos-useast2a-ve-0068c004/o0nDnE6zcIyATsZ9nFh4AfjCIgsznoqk1ItQVZ/?a=1988&ch=0&cr=3&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C3&cv=1&br=576&bt=288&bti=NDU3ZjAwOg%3D%3D&cs=0&ds=3&ft=ApKJEBeUq8ZmodGc.Q_vj5HrfAhLrus&mime_type=video_mp4&qs=0&rc=Ojw8M2k2aGVoZzk7OjdnZ0BpanNvczs6ZnNpbjMzNzczM0BjXi0wLWJfXy4xY18vXzUuYSM2XnJncjRvXmJgLS1kMTZzcw%3D%3D&l=2023101403022738DDD632AD406F1A6EC1&btag=e00088000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7285969595880475910?lang=en-US&referrer=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&embedFrom=oembed
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2eada3ce12521827f8b5f3ec2b1091f5d90d1839f3c1da4552e93775d416c9ba

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range: bytes=0-

Response headers

Expires: Sun, 07 Apr 2024 11:46:59 GMT
Date: Sat, 14 Oct 2023 03:02:29 GMT
Via: 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
Age: 314130
X-Cache: MISS, HIT
Content-Range: bytes 0-256627/256628
Connection: keep-alive
server-timing: inner; dur=89, cdn-cache;desc=hit, edge;dur=1
Content-Length: 256628
X-Served-By: cache-iad-kjyo7100032-IAD, cache-fra-eddf8230032-FRA
X-Storagegw-Request-Id: 20231010114658241466A6D3AE26BBBD34
Last-Modified: Wed, 04 Oct 2023 05:23:18 GMT
X-TT-LOGID: 20231010114658241466A6D3AE26BBBD34
X-Timer: S1697252550.625008,VS0,VE1
Etag: "e89266c7d5558d07f072d14564232ac0"
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Tue, 10 Oct 2023 11:46:59 GMT
Cache-Control: max-age=15552000
x-tt-trace-host: 01b24b2cb2a581008aebf7a1a6383607d319ae4bd294f459118e5c52d35d5d5d64a34ca39f89f89c7427ce8cef7a48a020c8e4425b9e7f67286202416000d9e2ca644070d09d18ee9cce45baad6b3ef4808faaee9efeb6378a60ac5fbcec474bb951fd5ba83be505d74fa73e1a3f98051c159048d7e5498152cadbb27879ff154c
Accept-Ranges: bytes
x-response-cache: edge_hit
BD-Request-Id: c26f9ae872478555acd214d14e20e594
X-Cache-Hits: 0, 0

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/357d366a17427e7f9095d0eb06c719eb/652a592a/video/tos/useast2a/tos-useast2a-ve-0068c004/o0nDnE6zcIyATsZ9nFh4AfjCIgsznoqk1ItQVZ/?a=1988&ch=0&cr=3&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C3&cv=1&br=576&bt=288&bti=NDU3ZjAwOg%3D%3D&cs=0&ds=3&ft=ApKJEBeUq8ZmodGc.Q_vj5HrfAhLrus&mime_type=video_mp4&qs=0&rc=Ojw8M2k2aGVoZzk7OjdnZ0BpanNvczs6ZnNpbjMzNzczM0BjXi0wLWJfXy4xY18vXzUuYSM2XnJncjRvXmJgLS1kMTZzcw%3D%3D&l=2023101403022738DDD632AD406F1A6EC1&btag=e00088000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7285969595880475910?lang=en-US&referrer=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&embedFrom=oembed
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2eada3ce12521827f8b5f3ec2b1091f5d90d1839f3c1da4552e93775d416c9ba

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range: bytes=0-

Response headers

Expires: Sun, 07 Apr 2024 11:46:59 GMT
Date: Sat, 14 Oct 2023 03:02:29 GMT
Via: 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
Age: 314130
X-Cache: MISS, HIT
Content-Range: bytes 0-256627/256628
Connection: keep-alive
server-timing: inner; dur=89, cdn-cache;desc=hit, edge;dur=1
Content-Length: 256628
X-Served-By: cache-iad-kjyo7100032-IAD, cache-fra-eddf8230088-FRA
X-Storagegw-Request-Id: 20231010114658241466A6D3AE26BBBD34
Last-Modified: Wed, 04 Oct 2023 05:23:18 GMT
X-TT-LOGID: 20231010114658241466A6D3AE26BBBD34
X-Timer: S1697252550.625108,VS0,VE1
Etag: "e89266c7d5558d07f072d14564232ac0"
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Tue, 10 Oct 2023 11:46:59 GMT
Cache-Control: max-age=15552000
x-tt-trace-host: 01b24b2cb2a581008aebf7a1a6383607d319ae4bd294f459118e5c52d35d5d5d64a34ca39f89f89c7427ce8cef7a48a020c8e4425b9e7f67286202416000d9e2ca644070d09d18ee9cce45baad6b3ef4808faaee9efeb6378a60ac5fbcec474bb951fd5ba83be505d74fa73e1a3f98051c159048d7e5498152cadbb27879ff154c
Accept-Ranges: bytes
x-response-cache: edge_hit
BD-Request-Id: c26f9ae872478555acd214d14e20e594
X-Cache-Hits: 0, 0

GET
H2 200 /
c.idealmedia.io/pv/ 43 B
138 B 39ms
31ms Image
image/gif 2606:4700::6813:9722
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.idealmedia.io/pv/?lu=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&cbuster=1697252549486583630600&pvid=18b2c22a36dae978c1f&implVersion=11&cxurl=https%3A%2F%2Ffakty.com.ua%2Fua%2Fukraine%2Fsuspilstvo%2F20231013-dopomoga-ukrayinczyam-yaki-zalyshylysya-v-ukrayini-chy-vyplachuyetsya-ta-yak-vidriznyty-vid-shahrajstva%2F&site=465430&i=1&scum=%3F0&scuw=%3F0

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9722 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 815c9572583f6946-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 392 B
175 B 159ms
158ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3655793237012901&correlator=4307919109590544&eid=44804939&output=ldjh&gdfp_req=1&vrg=202310110101&ptt=17&impl=fifs&trt=1&iu_parts=58302844%2CSLDS_FakTy_Gorizont1_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&abxe=1&dt=1697252549506&lmt=1697241440&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&vis=1&psz=1328x5946&msz=0x0&fws=128&ohw=0&psts=AOrYGsnnrR2yiz03RbW6UQFKQn2Kajtsjvqo9qBJtQamJPWr&ga_vid=1932489114.1697252548&ga_sid=1697252548&ga_hid=478695864&ga_fc=true&dlt=1697252546572&idt=344&prev_scp=amznbid%3D2%26amznp%3D2%26excl_cat%3DPREPOST&cust_params=fakty5061154%3D2493890c04ee69efa523303ddc784c46%26fakty%3Dsuspilstvo%26url%3D2493890c04ee69efa523303ddc784c46%26fakty_article%3Dlong&adks=2601916407&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49757859a79c25a49934f727085e702048990a46173a21a76cd0bcbdcecf72b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:29 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://get.aidrestore.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK webid
mcs-va-useast2a.tiktokv.com/v1/user/ Frame 0
0 212ms
104ms Preflight 2.17.22.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/user/webid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.22.24 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-22-24.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 14 Oct 2023 03:02:29 GMT
Server: TLB
Server-Timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=4 inner; dur=1
X-Origin-Response-Time: 4,23.48.249.168
X-Parent-Response-Time: 89,2.17.22.20
X-Tt-Logid: 20231014030228923A0947D8A1FFCCFE05
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139c0b3af6ac3e93755be875674fdd448240b956424884a5fd8b6cf3a01aadf62794cb4d3b1c41c8bde919f6392b409aee1e2fab27702d7865eab2334fc3864fcc13d66340c13e1aaf84abcf8fcf188ad710b0b80ef736155fc6c6b7eec211986649
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H/1.1 200
OK webid Show response
mcs-va-useast2a.tiktokv.com/v1/user/ Frame 33C3 58 B
962 B 111ms
111ms XHR
application/json 2.17.22.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/user/webid
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.553/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.22.24 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-22-24.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: 9e37790c25ccfead1b161fdc61be45f9d8f5954ffb428d8ba66d434d86db15d8

Request headers

Referer: https://www.tiktok.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Sat, 14 Oct 2023 03:02:29 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Parent-Response-Time: 96,2.17.22.20
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=11, inner; dur=9
Content-Length: 58
Server: TLB
X-Tt-Logid: 202310140302289FA65AE021CE4DCE8FD2
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 11,23.218.222.7
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139c0b3af6ac3e93755be875674fdd448240d1199cfe00adf469eaa03f723cdb0bf345446bdc96f4f38938c01b634ca1ecf31f61d217ba6aa81043a830607a9f081412cd6ea765f7858a0cc8b87a8ec6b98c7adfcfaf9f5f6fddeaa1d55ace62ccda

OPTIONS
H2 200 browser-settings
mon-va.byteoversea.com/monitor_web/settings/ Frame 0
0 258ms
104ms Preflight
application/json 88.221.110.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=tiktok_web_embed&store=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.110.123 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-110-123.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-origin: https://www.tiktok.com
access-control-max-age: 600
access-control-request-method: POST,GET,OPTIONS
cache-control: public, max-age=600
content-encoding: gzip
content-length: 386
content-type: application/json; charset=utf-8
date: Sat, 14 Oct 2023 03:02:29 GMT
server: TLB
server-timing: cdn-cache; desc=MISS, edge; dur=80, origin; dur=11 inner; dur=1
upstream-caught: 1697252549906726
vary: Origin, Accept-Encoding
x-akamai-request-id: 4d464d90.ff1f3c8
x-cache: TCP_MISS from a88-221-110-119.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-cache-remote: TCP_MISS from a23-43-56-109.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
x-origin-response-time: 11,23.43.56.109
x-parent-response-time: 91,88.221.110.119
x-tt-logid: 20231014030228F2F48690357BC6117355
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139c55214ecefb98db89d3a33426c4360e2cd0d71b613abbe762663f2706c3794a937fac08d75e376e9b24ab5693c62d7dc281f003b1857e1db187495f8129bdb84bf9353cf32e08316700c203f6f05bf613ba000f464cb0657663c0735dd829daf8
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H2 200 browser-settings Show response
mon-va.byteoversea.com/monitor_web/settings/ Frame 33C3 1 KB
1 KB 143ms
107ms XHR
application/json 88.221.110.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=tiktok_web_embed&store=1
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.553/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.110.123 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-110-123.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: a86c3552c9a2a6744d4f086449a0edb001e9189dc70c2b37d849f6473ddbf725

Request headers

Referer: https://www.tiktok.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json

Response headers

x-akamai-request-id: 6aa62d7.ff1f458
date: Sat, 14 Oct 2023 03:02:30 GMT
access-control-request-method: POST,GET,OPTIONS
content-encoding: gzip
upstream-caught: 1697252550046786
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a88-221-110-119.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-parent-response-time: 91,88.221.110.119
server-timing: cdn-cache; desc=MISS, edge; dur=81, origin; dur=10, inner; dur=1
content-length: 388
server: TLB
x-tt-logid: 2023101403022990CE257C5843640DC0AE
x-cache-remote: TCP_MISS from a23-43-56-94.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
access-control-max-age: 600
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tiktok.com
cache-control: public, max-age=600
access-control-allow-credentials: true
x-origin-response-time: 10,23.43.56.94
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139c55214ecefb98db89d3a33426c4360e2c1f7f63e08b113497576a01bd22efca41c5b5a28e48d8a5e99aca7a381bc065b8439e573707e932b40a2974e8f86254163279baed947ed53b7962eef6fc6af5b3740a5c5583021a1777114d55940ca4bd
access-control-allow-headers: Content-Type

GET
H2 200 devtools.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.553/ Frame 33C3 4 KB
3 KB 8ms
7ms Script
application/javascript 184.24.77.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.553/devtools.js?globalName=__PNS_RUNTIME__&__PNS_SW_CACHE__=1&__PNS_SW_CACHE_KEY__=to-json-schema
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.553/core.js?globalName=__PNS_RUNTIME__
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-6.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1d21c7c4a5231e2baf41c4c0f580cd87bb0536d8feb0e20be417870875c99963

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: dbce85b
date: Sat, 14 Oct 2023 03:02:29 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: SBOqY3b5/4rueltCkuSr0w==
x-cache: TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=1
storage-tier: Standard
content-length: 1706
last-modified: Wed, 27 Sep 2023 06:58:50 GMT
opc-request-id: iad-1:7N1KGxv88TM0yTWOsNboEMujNWZTZGbiJZez4kz8mfjeOyjRdtBrLJyUXdscgST5
x-api-id: native
etag: e3f08358-a183-4418-af3a-5f2c7ceddb9d
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 28eaf37c-7c67-4339-bd6e-caf2af0437b8
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
x-origin-response-time: 806,23.48.148.146
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Nov 2023 03:02:29 GMT

GET
H/1.1 200
OK / Show response
s.adtelligent.com/ Frame 60D2 23 KB
2 KB 125ms
21ms XHR
text/xml 2a0c:5c87:5236:0:a236:9fff:fe1b:b5cc
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/?sv_content_id=459050&site_full_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&width=400&height=250&aid=806472&top_domain=get.aidrestore.com&multi-ads=1&rawg=1&pods=10&minbitrate=240&maxbitrate=720
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5236:0:a236:9fff:fe1b:b5cc Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 8492b4530a342b62ac26ceecd894cbee838d6f8140f2645b15aa75905bcdbb33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:29 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 1663

GET
H2 200 img-embed-logo-colorful-6e578f33c94fb378e31eb676c51d6ac2.svg
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/ Frame 33C3 2 KB
2 KB 43ms
8ms Image
image/svg+xml 184.24.77.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/img-embed-logo-colorful-6e578f33c94fb378e31eb676c51d6ac2.svg
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-6.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6820dc5a852a390b26eaa791f6f9f9b976fa0ba6c17412089b25946d7d9de99c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: dbce8c7
date: Sat, 14 Oct 2023 03:02:29 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: blePM8lPs3jjHrZ2xR1qwg==
x-cache: TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=1
storage-tier: Standard
content-length: 1134
last-modified: Fri, 18 Aug 2023 09:06:04 GMT
opc-request-id: iad-1:OkFadwiLSx8SXNiGD19HO2HNttPTLkp2Z7l_tGUJTzawZpMvCCu5wjPj-TGjvA4A
x-api-id: native
etag: 299cdf2c-877d-4702-ac5d-b7bd406378d7
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: image/svg+xml
version-id: 066cbc3a-471e-472c-9981-5d542c380e7e
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Nov 2023 03:02:29 GMT

GET
H2 200 5b8cd465937213dc99ff8c5a4bf76d14~c5_100x100.jpeg
p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ Frame 33C3 3 KB
4 KB 21ms
11ms Image
image/jpeg 184.24.77.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/5b8cd465937213dc99ff8c5a4bf76d14~c5_100x100.jpeg?x-expires=1697425200&x-signature=RMX41pIhgM76BpPh1pUckGhpVjg%3D
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-28.deploy.static.akamaitechnologies.com
Software: TLB / ImageX
Resource Hash: b4065e452222f471b3c4af12dc6e58e7782cfbff0f639b1a4bf1d2ac23525f17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: 1a85be23.d6da727
date: Sat, 14 Oct 2023 03:02:29 GMT
x-crop-loc: (228,0)-(878,650)
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-check-cacheable: YES
nw-session-id: 20231009103630D1BBB017ED90AA37DE562rtmm21tt
x-powered-by: ImageX
x-cache: TCP_MISS from a23-54-207-28.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 2,23.54.207.28
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1498632
server-timing: cdn-cache; desc=MISS, edge; dur=2, origin; dur=0, inner; dur=1
x-length: 2651
content-length: 2651
last-modified: Mon, 09 Oct 2023 10:36:31 GMT
server: TLB
x-tt-logid: 20231009103630D1BBB017ED90AA37DE56
x-response-date: Mon, 09 Oct 2023 10:36:31 GMT
x-cache-remote: TCP_HIT from a23-54-207-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-imagex-extra: {"algo.succ":"crop","enc":{"h":100,"nq":75,"q":75,"w":100}}
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-10-09T10:36:31.431143352Z 51
x-request-ip: fdbd:dc61:3:301::67
cache-control: max-age=31131263
x-response-cinfo: fdbd:dc61:3:301::67
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
x-tt-trace-host: 011fecf332a716c1ee936148b917a91af68126a99218585ee506d9526cb4a372895734650a6a1957fa1fbd4ff8d329cee8fc8351c09f252dae2b135519c093a1afaa204b8b4796353f8b31a0d01a04e30c4981d812707fc1b978218998c0fbe72f

GET
H2 200 img-embed-banner-comment-d1335fb135de82a0a6b923df2e515c06.svg
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/ Frame 33C3 1 KB
1 KB 47ms
12ms Image
image/svg+xml 184.24.77.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/img-embed-banner-comment-d1335fb135de82a0a6b923df2e515c06.svg
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-6.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5f5beabf59a0f4c1c28f05dd34047cd1f401f146b85eebbaa7ab8d971f075e64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: dbce8cd
date: Sat, 14 Oct 2023 03:02:29 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: 0TNfsTXegqCmuSPfLlFcBg==
x-cache: TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 498
last-modified: Fri, 18 Aug 2023 09:06:04 GMT
opc-request-id: iad-1:O7G5hHChrrvaDkh8OEBzZCwIFkFUQcLi3iohdcnZ-EWW4PDEPHJWJQS_Eb4wlf9Q
x-api-id: native
etag: 29e5fdb8-faba-4ee1-83a7-f910b0b62c32
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: image/svg+xml
version-id: f3a01793-76d3-4596-acc7-d07c02110ec6
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Nov 2023 03:02:29 GMT

GET
H2 200 img-embed-music-26847fc3f0c6f8b667c268b0c0a2bd0f.svg
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/ Frame 33C3 647 B
1 KB 46ms
11ms Image
image/svg+xml 184.24.77.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/img-embed-music-26847fc3f0c6f8b667c268b0c0a2bd0f.svg
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-6.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d858782d53337cb280fd29487a8c25544984a1abc8619d4fc3535e4458101d1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: dbce8ce
date: Sat, 14 Oct 2023 03:02:29 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: JoR/w/DG+LZnwmiwwKK9Dw==
x-cache: TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 368
last-modified: Thu, 20 Jul 2023 03:27:34 GMT
opc-request-id: iad-1:8YXQ-zk8DS86c5rpsktPhrrcWT2yrmyF7rirczUzLPlKawxnTCyqo-1mlR8fnIS3
x-api-id: native
etag: 7e87753c-51bb-494a-aa0e-0da963cffa0a
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: image/svg+xml
version-id: cfdef070-a431-4afc-8dcb-fb8d0c7783dc
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Nov 2023 03:02:29 GMT

GET
H2 200 TikTokFont-Regular.woff2
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/ Frame 33C3 55 KB
56 KB 76ms
7ms Font
font/woff2 2.21.20.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/TikTokFont-Regular.woff2?_default_font=1&v=2
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-206.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 52a37b3a78eb5b59df3bdb129b9115c6fed9bec6ca62b55ae56d8c2701de5972

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: b553682
date: Sat, 14 Oct 2023 03:02:29 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: /fJgDZBaD6oGDWkeAhLhpw==
x-tt-trace-id: 00-efba2aad10621c6e695282060134049c-efba2aad10621c6e-01
x-cache: TCP_MEM_HIT from a23-206-213-78.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=5
content-length: 56492
x-tos-request-id: 53b6d455f238e56b6455f238-af54d2d
x-tos-response-time: Sat, 06 May 2023 06:22:48 GMT
last-modified: Fri, 05 May 2023 11:48:04 GMT
server: nginx
x-tt-logid: 202305060622474964EA0A8AC54D873E28
etag: CNHJjeWN3v4CEAE=
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2150391
access-control-allow-credentials: false
x-tt-trace-host: 0195ab2be86cb1aa0256ee90ce317852775f91267e206dd72036d3806fd91ea95920c8732f542ae80fa9dbed2b3e2e46b7565cde5052088852bd502786d532fc18e2663c764689dda1d6c83a8680a28de9ddd2c50054c462aee0fe3c3a83ce9a8b7c5335a6b52df74bcd0d53feda0a025d2b0a5802c12459015437cb87f439987e
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 TikTokFont-Semibold.woff2
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/ Frame 33C3 56 KB
57 KB 75ms
13ms Font
font/woff2 2.21.20.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/TikTokFont-Semibold.woff2?_default_font=1&v=2
Requested by: Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-206.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c0b1c3c6995c24eabd1a6fcc4f00523e022b546cf1fa4fce6c30d04763244d1b

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: b553683
date: Sat, 14 Oct 2023 03:02:29 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: z9iG4cqEmn+OJgB2PyNteA==
x-tt-trace-id: 00-efba2a8d1060eab31e6c95c602d6049c-efba2a8d1060eab3-01
x-cache: TCP_MEM_HIT from a23-206-213-78.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=5
content-length: 56968
x-tos-request-id: 1dc7db55f2377ad26455f237-af54405
x-tos-response-time: Sat, 06 May 2023 06:22:48 GMT
last-modified: Fri, 05 May 2023 11:48:04 GMT
server: nginx
x-tt-logid: 2023050606224795819C54D0949B685230
etag: CJzWjeWN3v4CEAE=
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=734414
access-control-allow-credentials: false
x-tt-trace-host: 013ab5c6e35edce4c8480d5404b045d49f2c5e087b395f46baaf2f7bb2d1d7d1b4ec59d6f105336bf47482acc401687df0657224363ceda31fb1b0e7367fc72feb699f38c0cacaa3984fbace91fc7ef4f0ca399a6d945d9ef6efd11bf8c33653fd1e3ca18d4999a6fb3660f04fd6bdd2709834a63ea333f017f5f9cad87236ca7c
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 72ms
40ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310110101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6f39b8414c617d4b4cf01b8f7601075fa792741e64c536b899ed8343451abd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12141
x-xss-protection: 0

GET
H2 200 common-monitors.1.11.0.js Show response
sf16-short-va.bytedapm.com/slardar/fe/sdk-web/plugins/ Frame 33C3 20 KB
9 KB 39ms
10ms Script
application/javascript 2.21.20.216
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/plugins/common-monitors.1.11.0.js
Requested by: Host: sf16-short-va.bytedapm.com
URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-216.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: 4a661eca2ceef3564880a93b74708422f6c8c35e1b3d2aa33ee3698df6939780

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: 600e0f52
date: Sat, 14 Oct 2023 03:02:29 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: eDqon6I92HwwmcwZaZJLtA==
x-tt-trace-id: 00-4ab57eaa1064093abc7984c605d804d1-4ab57eaa1064093a-01
x-cache: TCP_MEM_HIT from a23-206-213-88.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=62
content-length: 7845
x-tos-request-id: 50e554f04f3af64164f04f3a-a3649a0
x-tos-response-time: Thu, 31 Aug 2023 08:28:42 GMT
last-modified: Thu, 31 Aug 2023 08:28:11 GMT
server: TLB
x-tt-logid: 2023083108284132F1BBEB8326AA1EDCC7
etag: W/"783aa89fa23dd87c3099cc1969924bb4"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
x-origin-response-time: 123,23.193.177.34
access-control-allow-credentials: false
x-tt-trace-host: 0130b405ef762342a4f6edc1a2360a3d67f7289e0ca59dad15548c526e9523de3440dec1c24069277391a1c9df9eaa9a002e3368289cbae528060001c9fdfe0049d7c5564f1ff6a69bd8211932435cf17ebdb50bfe3f3b3db4f86ef8a9f27352b69424541d992a45c19fae7c6b4e746af07593c092db4596e7a3058414a936fd3b
timing-allow-origin: *
access-control-allow-headers: *
expires: Sat, 14 Oct 2023 03:07:29 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 29ms
29ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=478695864&t=event&ni=1&_s=1&dl=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%86%D1%8F%D0%BC%2C%20%D1%8F%D0%BA%D1%96%20%D0%B7%D0%B0%D0%BB%D0%B8%D1%88%D0%B8%D0%BB%D0%B8%D1%81%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%3A%20%D1%88%D0%B0%D1%85%D1%80%D0%B0%D0%B9%D1%81%D1%8C%D0%BA%D1%96%20%D1%81%D1%85%D0%B5%D0%BC%D0%B8%202023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=%D0%93%D0%BB%D1%83%D0%B1%D0%B8%D0%BD%D0%B0%20%D0%BF%D1%80%D0%BE%D0%BA%D1%80%D1%83%D1%82%D0%BA%D0%B8&el=0%25&_u=aCHAAEABAAQCAGAAI~&jid=&gjid=&cid=1932489114.1697252548&tid=UA-126238864-1&_gid=1528576055.1697252548&gtm=45He3ab0n81KMS7G77&z=981260699

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 08:16:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 67569
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 60D2 0
54 B 675ms
238ms Ping
image/gif 2a00:1450:4019:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lnpgcgn8&c=2474829761964&slotId=1237414880982&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4019:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 143ms
97ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 03:02:29 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 46ms
45ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22906616360%2C58302844%2Ffakty.com.ua%2Fvideo%2Fmed&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dt=1697252549872&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td3_tt0_pd3_la3000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
143 B 208ms
207ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F58302844%2Fat_fakty_oct&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dt=1697252549877&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td3_tt0_pd3_la3000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:30 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 47ms
47ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F8570%2C58302844%2Fbidmatic%2Ffakty.com.ua_mid&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dt=1697252549880&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td3_tt0_pd3_la3000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 43ms
42ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22906616360%2C58302844%2Ffakty.com.ua%2Fvideo%2Flow&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dt=1697252549883&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td3_tt0_pd3_la3000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 56ms
53ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22906616360%2C58302844%2Ffakty.com.ua%2Fvideo%2Fhigh&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dt=1697252549885&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td3_tt0_pd3_la3000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 46ms
44ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22724712014%2C58302844%2Fca-video-pub-9857612698505806-tag%2FAdtelligent_C1_1x1v&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dt=1697252549888&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td3_tt0_pd3_la3000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 54ms
51ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F8570%2C58302844%2Fbidmatic%2Ffakty.com.ua&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dt=1697252549891&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td3_tt0_pd3_la3000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 60D2 0
54 B 610ms
244ms Ping
image/gif 2a00:1450:4019:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lnpgcgyl&c=2474829761964&slotId=1237414880982&ghmsh_eids=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&vast_v=4.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4019:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

30ms
28ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
an-x-request-uuid: d9ac86df-51c0-49b1-aac3-743148181655
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
94 B

96ms
24ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H2
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:29 GMT
Server: Adtelligent
Etag: 8cb15680114c3c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

31ms
29ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
an-x-request-uuid: a5f501a4-cc96-475b-a49e-f9a6111ba915
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 60D2 0
234 B 594ms
234ms Ping
image/gif 2a00:1450:4019:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lnpgch0l&c=2474829761964&slotId=1237414880982&faa=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4019:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

27ms
26ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
an-x-request-uuid: 9ded1ba9-e564-4c13-bd1b-6ddf91fdff92
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
103 B

93ms
22ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H2
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:29 GMT
Server: Adtelligent
Etag: 8cb15680114c3c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

31ms
29ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
an-x-request-uuid: defd6211-5b94-4849-85a1-6bd154f5ec55
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

46ms
31ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
an-x-request-uuid: 183464e2-a4a0-430d-ab33-a70b7092ff16
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
103 B

77ms
22ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H2
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:29 GMT
Server: Adtelligent
Etag: 8cb15680114c3c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

28ms
27ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
an-x-request-uuid: 876b96ea-087d-4a4c-8f6b-f192597b4c94
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

28ms
27ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
an-x-request-uuid: d011f24e-4bba-4ecb-925c-64b34c1820cf
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
103 B

77ms
23ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H2
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:29 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

99ms
18ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
an-x-request-uuid: 8b84f201-5767-43d7-92cd-2fe564d50fa3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
103 B

77ms
24ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H2
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:29 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

74ms
30ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
an-x-request-uuid: dfb0d0b4-3a99-473e-a065-d31675e8a696
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

41ms
28ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
an-x-request-uuid: f20b8c8f-e526-464f-a95a-6b0d4b6a7dde
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

37ms
24ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
an-x-request-uuid: 7feed4a5-dfad-4787-8f5f-5aa158ded8bb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
245 B

74ms
21ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H2
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:29 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

37ms
24ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
an-x-request-uuid: c7fc062b-2c0f-414d-9d9f-b1a88fb22bdb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK / Show response
vmweb-va.byteoversea.com/service/2/abtest_config/ Frame 33C3 553 B
2 KB 152ms
102ms XHR
application/json 2.16.1.35
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vmweb-va.byteoversea.com/service/2/abtest_config/
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.553/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-35.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: 23162f6e2b9ad48c0c58da1ec5a40f250d5cfcb13f8ff666bb096502c4a44d63

Request headers

Referer: https://www.tiktok.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

X-Akamai-Request-ID: 742c3076.b419249
Date: Sat, 14 Oct 2023 03:02:30 GMT
Content-Encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Cache: TCP_MISS from a2-16-1-31.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
X-Parent-Response-Time: 95,2.16.1.31
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=8, inner; dur=5
Content-Length: 316
Pragma: no-cache
Server: TLB
X-Tt-Logid: 20231014030229B0583D62E595FB2390B8
X-Cache-Remote: TCP_MISS from a23-220-105-204.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: PUT,POST,GET,DELETE,OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
X-Origin-Response-Time: 8,23.220.105.204
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139cca11aa78447a6b99c8bd1b99f1ce2906b54904b43340f3138fa9635cd46c9d72c50fc6ee77e56a307fb1803aa0212fbbc6cb46d8d64ab40a105ef0d89fe7a1747ac9aad03f950ff3322a8cd150d36e809a4b852d3bccb3b9f329b1cffc3a3db0
Vary: Accept-Encoding
Access-Control-Allow-Headers: Content-Type,Content-Length, Authorization, Accept,X-Requested-With
Expires: Sat, 14 Oct 2023 03:02:30 GMT

OPTIONS
H/1.1 200
OK /
vmweb-va.byteoversea.com/service/2/abtest_config/ Frame 0
0 185ms
118ms Preflight
application/json 2.16.1.35
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vmweb-va.byteoversea.com/service/2/abtest_config/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-35.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type,Content-Length, Authorization, Accept,X-Requested-With
Access-Control-Allow-Methods: PUT,POST,GET,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 60
Content-Type: application/json; charset=utf-8
Date: Sat, 14 Oct 2023 03:02:30 GMT
Expires: Sat, 14 Oct 2023 03:02:30 GMT
Pragma: no-cache
Server: TLB
Server-Timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=7 inner; dur=2
X-Akamai-Request-ID: 12005ef7.b419236
X-Cache: TCP_MISS from a2-16-1-31.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
X-Cache-Remote: TCP_MISS from a104-96-220-47.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
X-Origin-Response-Time: 7,104.96.220.47
X-Parent-Response-Time: 101,2.16.1.31
X-Tt-Logid: 20231014030229E7C4C497365B1C0FBF97
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139c71ba993098325c0d7e682e440cde4c8d385f6264b195f835b6d24ebffcd0537671ad0f52f26df42d41a2f5873db20d1c06ffa6ca9b0e9fe091a2ad79347140af48fc83b88a8bd3673a3654b1833d3d90752b63d2f47aaae89baaafaf3d33095d
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

104ms
16ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
an-x-request-uuid: b2a39bc1-2732-4325-8a1b-b9e16698e052
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
103 B

21ms
21ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H2
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

106ms
18ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
an-x-request-uuid: ed9ac38f-9479-4594-8d66-6a9ea3d7d69b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
BLOB 206
Partial Content 8c083467-0efd-4fc7-b5bf-6ede16438c79
https://get.aidrestore.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://get.aidrestore.com/8c083467-0efd-4fc7-b5bf-6ede16438c79
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
DATA 200
OK truncated
/ Frame 33C3 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/gif

POST
H/1.1 200
OK list Show response
mcs-va-useast2a.tiktokv.com/v1/ Frame 33C3 21 B
1011 B 215ms
208ms XHR
application/json 2.17.22.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.553/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.22.24 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-22-24.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: 948190a15ae7d94bc1d62d16316370c5365c520310b32a4e3719a93d9a05f78f

Request headers

Referer: https://www.tiktok.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Sat, 14 Oct 2023 03:02:30 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Parent-Response-Time: 192,2.17.22.20
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=179, origin; dur=14, inner; dur=1
Content-Length: 21
Pragma: no-cache
Server: TLB
X-Tt-Logid: 202310140302295D1A5E5C7F51BFCC98A1
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.tiktok.com
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 14,184.25.157.161
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139c56feddd0b1fe7ee0d5d37cdc1ba8689d976100fbbfd62591e75b77fc857554ccfeb24bd5024201a610b7f572c461a65123b902a25c979008b7f15aad3d010af63a525179e4c9799fd0b2098f26ac231ac1e5ac987ed3cbfc6d0d3596aa4153b4
Expires: 0

OPTIONS
H/1.1 200
OK list
mcs-va-useast2a.tiktokv.com/v1/ Frame 0
0 111ms
111ms Preflight 2.17.22.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.22.24 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-22-24.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: TLB
Server-Timing: inner; dur=2 cdn-cache; desc=MISS, edge; dur=0, origin; dur=88
X-Origin-Response-Time: 88,2.17.22.20
X-Tt-Logid: 20231014030229CF561140DE0D69CC2654
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139c7d5aed2069c0b0378acdbe3ce3ea3d73a4e8f9dc0fd9a8b95e2249322df633cca1c844117572ec704f6b6f53ffe7bc99c8c0c6e2ad00e5f947a449e36b0f81e27a4406d1a4cfba3388973732314b1d5b
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6CF3 13 KB
5 KB 31ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://get.aidrestore.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 20656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Oct 2023 21:18:14 GMT
expires: Sat, 12 Oct 2024 21:18:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AA81 829 B
982 B 42ms
32ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

247833fd800b77ae536ad12fca19bb3db247a0ac21592aaef6c68c39c106d299

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5Dxz_QcJEYfMFv6_q7giiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://get.aidrestore.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-5Dxz_QcJEYfMFv6_q7giiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 03:02:30 GMT
expires: Sat, 14 Oct 2023 03:02:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK resource Show response
mssdk-va.byteoversea.com/web/ Frame 33C3 223 B
2 KB 736ms
637ms XHR
application/json 23.36.162.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mssdk-va.byteoversea.com/web/resource?eq=3Ks8aUhrIu9sbD-6hb6VZn0As4eTmId4fTKVWG9tUoHP/lWgMoZnMSz0VsQwx3nOTjlRxoWFqUGD/zHJoBQmNC-V9Swok1l0
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.553/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-219.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: 8db29e39860f19cafcdb7dc925c19de075abee842e86962b6eadd1f0fc7a63c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

X-Akamai-Request-ID: 2fdc57a.3b7a4232
Date: Sat, 14 Oct 2023 03:02:31 GMT
Content-Encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Cache: TCP_MISS from a23-206-213-219.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
X-Parent-Response-Time: 627,23.206.213.219
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=539, inner; dur=536
Content-Length: 230
X-Ms-Token: RNwIge6uiDsyqgr-ccRsC6G74g90JK90DoeP4C9CHvaBgrtzMFQzdIrsMWqHKW15KCAaS6IozHNTX153syagiDptS3K-fWMpAA438y-Al2k=
Pragma: no-cache
Server: TLB
X-Tt-Logid: 20231014030229C25D9607F47AF7EC3D6C
X-Cache-Remote: TCP_MISS from a23-36-66-20.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Expose-Headers: x-ms-token,x-ms-resp
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 540,23.36.66.20
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139c279296281b3aaa01ede20c60d97d30456e739508d572b985bba8e762c3c87396778bdb8cf45966b165035b18ac45fe09489e43dce034f0030c1c9730fe21ddde4dbc7dbbdd54ebb8beadc24c1d0ff37917d18a8efc106066291d6c2a2e4ad2ca
Access-Control-Allow-Headers: x-mssdk-info,x-ms-req
Expires: Sat, 14 Oct 2023 03:02:31 GMT

GET
H2 200 1 Show response
servicer.idealmedia.io/1438379/ 5 KB
2 KB 75ms
60ms Script
application/x-javascript 2606:4700::6813:9722
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.idealmedia.io/1438379/1?mp4=1&ap=1&w=1296&h=277&sz=300x219&szp=1,2,3,4&szl=1,2,3,4&cols=4&sessionId=652a04c6-06140&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&cbuster=1697252550557756216918&pvid=18b2c22a36dae978c1f&implVersion=11&cxurl=https%3A%2F%2Ffakty.com.ua%2Fua%2Fukraine%2Fsuspilstvo%2F20231013-dopomoga-ukrayinczyam-yaki-zalyshylysya-v-ukrayini-chy-vyplachuyetsya-ta-yak-vidriznyty-vid-shahrajstva%2F&scum=%3F0&scuw=%3F0&uniqId=0165b&childs=1438380,1438657,1438662&niet=4g&nisd=false&pv=5&lct=1696982400&jsv=es6&pageView=1&dpr=1&ref=&tfre=3919

Requested by

Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/f/a/fakty.ictv.ua.1438379.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9722 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0b7da848f190d3140cc4c1731426b5e7fa1e731da6b275c80e8934d98c351fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:30 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 815c95791b956946-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AA81 0
0 68ms
64ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310110101&jk=3655793237012901&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H2 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6CF3 37 KB
15 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 17:02:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Oct 2024 17:02:41 GMT

GET
H2 200 / Show response
www.tiktok.com/api/recommend/embed_videos/ Frame 33C3 40 KB
13 KB 1089ms
1088ms Fetch
application/json 2.16.238.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tiktok.com/api/recommend/embed_videos/?aid=1284&count=24&secUid=MS4wLjABAAAAykLKWt1v4jIr-hnated1-LZjti9SRReO0a92gUrF7vJn9wO7Oj2YG-AxF_4we_xs&lang=en-US&msToken=&X-Bogus=DFSzswSOAC0ANnp8tTaDO-Veovhj&_signature=_02B4Z6wo00001rtgI2AAAIDDNe3l1WWjR4a7YCfAAMv-d5
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.553/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-9.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: 3e170063d878f769c0ab2fe073f6200f5100380e34e1cd98f67b42edf22a21e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktok.com/embed/v2/7285969595880475910?lang=en-US&referrer=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&embedFrom=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: c2656cd
date: Sat, 14 Oct 2023 03:02:31 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
bd-tt-error-code: 0
tt_stable: 1
x-cache: TCP_MISS from a2-16-239-9.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
server-timing: inner; dur=978, cdn-cache; desc=MISS, edge; dur=0, origin; dur=1075
pragma: no-cache
server: TLB
x-tt-logid: 20231014030229684139A8BDCA5319C9CD
content-type: application/json; charset=utf-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 1075,2.16.239.9
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139c1f7ef53cd7fe632b27936d3cc6e134233a62aac0e7b36d3ef420e5a4bc8fd42f55e0ef0b57b02add494be5d2254885c8cab4525d30483917f4eddaf4fec336e8a3844df970e6a6185b237ab5bd62a63b
expires: Sat, 14 Oct 2023 03:02:31 GMT

GET
H2 200 img-embed-controller-play-50633fd697e3a54c76c42c2a03aab3ea.svg
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/ Frame 33C3 1 KB
1 KB 12ms
11ms Image
image/svg+xml 184.24.77.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/img-embed-controller-play-50633fd697e3a54c76c42c2a03aab3ea.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-6.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1487bfed1f532d8cff7ec61ac6bb53dc91e8745905444ba4fdb237eb19071cf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: dbcecd6
date: Sat, 14 Oct 2023 03:02:30 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: UGM/1pfjpUx2xCwqA6qz6g==
x-cache: TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 569
last-modified: Fri, 18 Aug 2023 09:06:04 GMT
opc-request-id: iad-1:qfFS3BiMaLkDSsbIDtXPsB_HQOnikI3SfHEi22TI1fgXlEHcAZVJJqwp0N6mqXjY
x-api-id: native
etag: 86abffbf-41cd-4560-8528-68b1d12f643c
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: image/svg+xml
version-id: a68f504c-432d-48f4-a96a-8159167c4d4b
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Nov 2023 03:02:30 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 60D2 0
54 B 234ms
232ms Ping
image/gif 2a00:1450:4019:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lnpgch0q&c=2474829761964&slotId=1237414880982&fas=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4019:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK list
mcs-va-useast2a.tiktokv.com/v1/ Frame 33C3 0
0 133ms
103ms Ping
application/json 2.17.22.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/tiktok-embed.module.0beb9a8cc31ba28fc6d9.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.22.24 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-22-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tiktok.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H/1.1 200
OK list
mcs-va-useast2a.tiktokv.com/v1/ Frame 33C3 0
0 131ms
102ms Ping
application/json 2.17.22.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/tiktok-embed.module.0beb9a8cc31ba28fc6d9.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.22.24 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-22-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tiktok.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H/1.1 200
OK list Show response
mcs-va-useast2a.tiktokv.com/v1/ Frame 33C3 21 B
1007 B 104ms
103ms XHR
application/json 2.17.22.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.553/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.22.24 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-22-24.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: 787abd6ff6fcd7934e6aa6c400ed253127ca1c23f1f5f1d77843e0f76afe06bf

Request headers

Referer: https://www.tiktok.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Sat, 14 Oct 2023 03:02:31 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Parent-Response-Time: 89,2.17.22.20
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=4, inner; dur=1
Content-Length: 21
Pragma: no-cache
Server: TLB
X-Tt-Logid: 202310140302305D1A5E5C7F51BFCC98A7
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.tiktok.com
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 4,184.25.157.161
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139c56feddd0b1fe7ee0d5d37cdc1ba8689d976100fbbfd62591e75b77fc857554ccfeb24bd5024201a610b7f572c461a65123b902a25c979008b7f15aad3d010af654c0513e0b21ad86f24deed1a653a82b9abbeba82e86983e016fcb092c20273c
Expires: 0

OPTIONS
H/1.1 200
OK list
mcs-va-useast2a.tiktokv.com/v1/ Frame 0
0 100ms
100ms Preflight 2.17.22.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.22.24 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-22-24.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: TLB
Server-Timing: inner; dur=2 cdn-cache; desc=MISS, edge; dur=0, origin; dur=87
X-Origin-Response-Time: 87,2.17.22.20
X-Tt-Logid: 20231014030229CF561140DE0D69CC2659
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139c7d5aed2069c0b0378acdbe3ce3ea3d73a4e8f9dc0fd9a8b95e2249322df633cca1c844117572ec704f6b6f53ffe7bc99413a8c66a162c070e4e121f930d0002f80d8a646a062164eb537e37e9530fc0c
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H/1.1 200
OK / Show response
s.adtelligent.com/ Frame 60D2 23 KB
2 KB 21ms
21ms XHR
text/xml 2a0c:5c87:5236:0:a236:9fff:fe1b:b5cc
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/?sv_content_id=459050&site_full_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&width=400&height=250&aid=806472&top_domain=get.aidrestore.com&multi-ads=1&rawg=1&pods=10&minbitrate=240&maxbitrate=720
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5236:0:a236:9fff:fe1b:b5cc Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 75548f6f9def97a9d3418586ed74ff0d4893cd6c18ff8463a26a62ba85a3ca9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:30 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 1650

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMC84MDA4NTAvYWZmM...
s-img.idealmedia.io/g/17374441/370x209/-/ 4 KB
4 KB 84ms
33ms Image
image/webp 2606:4700::6813:9822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.idealmedia.io/g/17374441/370x209/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMC84MDA4NTAvYWZmMjBiMjkwYjBjMmJmNjc4MjU0NmE5YWE1OGI2MTIuanBn.webp?v=1697252550-qlTRavPqfoRLlh4GkoilLhRukYlX5p_7U-YgQ87p9Cg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb3a6ec39f712794344a7947b9aee57bec50fc446a9cf85adfd835ae967094f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://get.aidrestore.com/
Origin: https://get.aidrestore.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: EXPIRED
x-mg-request-uuid: 7a2db50f-f76f-4d92-b278-8a55a383b270
alt-svc: h3=":443"; ma=86400
content-length: 4150
last-modified: Mon, 09 Oct 2023 16:30:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 815c957bb9831a49-FRA
expires: Sun, 15 Oct 2023 03:02:31 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNjAwLHlfNDAxL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTEwL...
s-img.idealmedia.io/g/17432065/370x209/-/ 19 KB
19 KB 98ms
47ms Image
image/webp 2606:4700::6813:9822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.idealmedia.io/g/17432065/370x209/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNjAwLHlfNDAxL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTEwLzgyMTYxOS85ZTQ1NDYyODFkMmJhYjFkOTU0ODU3NjNiYzg5OGIwZi5wbmc.webp?v=1697252550-uCRvjpxgw3T1k-K0stts_gDNv6-yWd_RYvsN7yBLrgg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5743a640f5838518f2e9642b50e20d0df49991d91de1a491ac946c73e52cca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://get.aidrestore.com/
Origin: https://get.aidrestore.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: EXPIRED
x-mg-request-uuid: d88a90a7-d352-4830-bf46-f66836177d80
alt-svc: h3=":443"; ma=86400
content-length: 19214
last-modified: Thu, 12 Oct 2023 17:34:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 815c957bb9821a49-FRA
expires: Sun, 15 Oct 2023 03:02:31 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8zNjk0MDMvZjliN...
s-img.idealmedia.io/g/16842659/370x209/-/ 7 KB
7 KB 85ms
34ms Image
image/webp 2606:4700::6813:9822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.idealmedia.io/g/16842659/370x209/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8zNjk0MDMvZjliNmZiZDY4NjUxOTI2ZGY2ZGFjZDU2MmJjMTU0MGYucG5n.webp?v=1697252550-icaF-FK7L1iSN9ngF9W_nxSqRlQ5W0PBIS8oOhX9kqE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d07ca5ea64fc30cf056556997721e30cd72321a323821404901646eb9c64008

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://get.aidrestore.com/
Origin: https://get.aidrestore.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
x-mg-request-uuid: 9e5fdde9-d36b-4481-bb0f-5f472cf988d5
alt-svc: h3=":443"; ma=86400
content-length: 6804
last-modified: Thu, 28 Sep 2023 11:24:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 815c957bb9811a49-FRA
expires: Sun, 15 Oct 2023 03:02:31 GMT

GET
H2 206 75f11ebb8da053584e28cadafe9740d3.mp4
cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-07/369403/ 312 KB
313 KB 73ms
21ms Media
video/mp4 2606:4700:4400::ac40:9281
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-07/369403/75f11ebb8da053584e28cadafe9740d3.mp4?v=1697252550-bp9u4uKVj4xzIwQVPDbb7TrAIvDYGoFqyqo4aE1ekMI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9281 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c793bed96a1cbf28467d383a3c9c82ecaab7261887bf1f87fd67ae97cbc90502

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.aidrestore.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 14 Oct 2023 03:02:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 509595
Content-Range: bytes 0-319206/319207
server-timing: cld-fastly;mitm=cpo;dur=31;cpu=1;start=2023-07-19T15:00:59.184Z;desc=miss,rtt;dur=0,cloudinary;dur=23;start=2023-07-19T15:00:59.190Z
alt-svc: h3=":443"; ma=86400
Content-Length: 319207
last-modified: Wed, 19 Jul 2023 15:00:59 GMT
server: cloudflare
etag: "2fc3e9eb5efd4827d2af74d89f423d5f"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31536000, no-transform, immutable
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 815c957bcd57199b-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 43ms
42ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22906616360%2C58302844%2Ffakty.com.ua%2Fvideo%2Fmed&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252550984&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td4_tt1_pd4_la4000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 49ms
44ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22906616360%2C58302844%2Ffakty.com.ua%2Fvideo%2Fhigh&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252550987&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td4_tt1_pd4_la4000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
143 B 232ms
225ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F58302844%2Fat_fakty_oct&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252550990&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td4_tt1_pd4_la4000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 55ms
49ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22906616360%2C58302844%2Ffakty.com.ua%2Fvideo%2Flow&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252550992&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td4_tt1_pd4_la4000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 52ms
48ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F8570%2C58302844%2Fbidmatic%2Ffakty.com.ua&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252550995&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td4_tt1_pd4_la4000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 49ms
48ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22724712014%2C58302844%2Fca-video-pub-9857612698505806-tag%2FAdtelligent_C1_1x1v&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252550999&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td4_tt1_pd4_la4000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 49ms
47ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F8570%2C58302844%2Fbidmatic%2Ffakty.com.ua_mid&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252551002&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td4_tt1_pd4_la4000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

20ms
18ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
an-x-request-uuid: de119d13-0e04-4af8-8ed3-35f16da684a4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
103 B

24ms
19ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H2
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

18ms
18ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
an-x-request-uuid: 83c57e96-8ed5-48af-b7e4-f1173c1c7edf
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

19ms
19ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
an-x-request-uuid: 9cd7024e-f146-4f75-ba32-ccdf8abe95e2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
103 B

28ms
23ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H2
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

20ms
18ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
an-x-request-uuid: db007404-c3f9-4467-bec5-c435deaca742
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

20ms
18ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
an-x-request-uuid: fdb746dd-d318-4436-8007-c01917a95adb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
103 B

24ms
20ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H2
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

19ms
18ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
an-x-request-uuid: d919a4d6-6b47-463f-b2e0-bedaf11bf1b4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

17ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
an-x-request-uuid: 081bbf81-531b-4dc9-8992-b945bbab6504
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

20ms
20ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

18ms
18ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
an-x-request-uuid: 63b382e5-536e-4e5f-ba49-6890183779a9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

17ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
an-x-request-uuid: 63295173-f69c-4f91-b136-923e920bb105
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

20ms
19ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

17ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
an-x-request-uuid: 15f19b27-2301-433d-a939-f32daaa8f1ce
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

18ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
an-x-request-uuid: c2019208-51b6-4146-a361-c2784d1353bb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

29ms
28ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

33ms
21ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
an-x-request-uuid: a5fdaf5b-8d62-4e20-a804-eff8cc6b1607
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 counter.php
autocounter.idealmedia.io/autocreative/ 0
66 B 279ms
254ms Image
image/gif 2606:4700::6813:9722
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autocounter.idealmedia.io/autocreative/counter.php?id=465430&pid=51266&referer=&cxurl=https://fakty.com.ua/ua/ukraine/suspilstvo/20231013-dopomoga-ukrayinczyam-yaki-zalyshylysya-v-ukrayini-chy-vyplachuyetsya-ta-yak-vidriznyty-vid-shahrajstva/&h2=lhYiY_ofmgUB0niIDuRJVw37fxoOnrDH2eShcbwW0Pk*&cbuster=1697252551090961874771

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9722 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 815c957c7d796946-FRA
alt-svc: h3=":443"; ma=86400
content-type: image/gif

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6CF3 0
10 B 16ms
14ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GQH2SQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 webmssdk_ex.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/ttweb_webmssdk_ex/1.0.0.63/ Frame 33C3 409 KB
130 KB 8ms
7ms Script
application/javascript 184.24.77.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/ttweb_webmssdk_ex/1.0.0.63/webmssdk_ex.js
Requested by: Host: sf16-secsdk.ttwstatic.com
URL: https://sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/webmssdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-6.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3092d518851dbfb0f62fb54828de6377929d8280e0037d11b1c9c3931a1089d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: dbcee42
date: Sat, 14 Oct 2023 03:02:31 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: JOY5i10QgUHN/Pm1oN7JQg==
x-cache: TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
x-parent-response-time: 13,23.33.32.244
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 132588
last-modified: Fri, 16 Jun 2023 05:21:54 GMT
opc-request-id: iad-1:4v8yN94Krvu21A_UsHSXUfiyYBd8Zqh_suW2OY39t5Tqt7S-zCMA7ZikOf0oQFRj
x-api-id: native
etag: e40a7621-2775-455f-b406-bb1cc47ba38c
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 95f3a350-ab1d-468d-b639-5b320546947c
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Nov 2023 03:02:31 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

41ms
21ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
an-x-request-uuid: 2e8a1ac5-b361-4bc5-ba43-f21b3359b9e2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

20ms
18ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

41ms
20ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
an-x-request-uuid: 3841ad05-a446-4573-8da5-7420f44ff85b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 browser-settings
mon-va.byteoversea.com/monitor_web/settings/ Frame 0
0 118ms
118ms Preflight
application/json 88.221.110.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=webmssdk&store=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.110.123 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-110-123.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-origin: https://www.tiktok.com
access-control-max-age: 600
access-control-request-method: POST,GET,OPTIONS
cache-control: public, max-age=600
content-encoding: gzip
content-length: 387
content-type: application/json; charset=utf-8
date: Sat, 14 Oct 2023 03:02:31 GMT
server: TLB
server-timing: cdn-cache; desc=MISS, edge; dur=82, origin; dur=13 inner; dur=1
upstream-caught: 1697252551365917
vary: Origin, Accept-Encoding
x-akamai-request-id: 11a41472.ff1f930
x-cache: TCP_MISS from a88-221-110-119.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-cache-remote: TCP_MISS from a23-43-56-119.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-origin-response-time: 13,23.43.56.119
x-parent-response-time: 94,88.221.110.119
x-tt-logid: 202310140302304C9A7D0D26E5A72A258E
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139c55214ecefb98db89d3a33426c4360e2c309a96ce9debfdf2957531f0b5b77f477ae4b9881ef7cf49d95cdfffde15c1b69414427b4b51975e7fdc2d6e163a2f79aa4e93c1e8cd6fce483ce6af4adec95ed2312ca7254d0300613790b20eafcca6
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H2 200 browser-settings Show response
mon-va.byteoversea.com/monitor_web/settings/ Frame 33C3 1 KB
1 KB 120ms
113ms XHR
application/json 88.221.110.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=webmssdk&store=1
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.553/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.110.123 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-110-123.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: a7ddea37ae56f107f6edf488f071ea6f12b0965d8deb896ad3fd1de505662483

Request headers

Referer: https://www.tiktok.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json

Response headers

x-akamai-request-id: 11a832ec.ff1f9b9
date: Sat, 14 Oct 2023 03:02:31 GMT
access-control-request-method: POST,GET,OPTIONS
content-encoding: gzip
upstream-caught: 1697252551502050
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a88-221-110-119.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-parent-response-time: 100,88.221.110.119
server-timing: cdn-cache; desc=MISS, edge; dur=82, origin; dur=18, inner; dur=1
content-length: 383
server: TLB
x-tt-logid: 202310140302300A0385A71712B9056981
x-cache-remote: TCP_MISS from a23-43-56-119.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
access-control-max-age: 600
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tiktok.com
cache-control: public, max-age=600
access-control-allow-credentials: true
x-origin-response-time: 19,23.43.56.119
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139c55214ecefb98db89d3a33426c4360e2c309a96ce9debfdf2957531f0b5b77f477542abca2ad5d58132dc4820fcb047904ec4a9496729ed7538ed5e3481955d78c92759d6a2fda028c3c83c008f4c51625d8213a0d4d93cfb890b57bc9866d4f5
access-control-allow-headers: Content-Type

GET
H2 200 common-monitors.1.5.0.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/slardar/fe/sdk-web/plugins/ Frame 33C3 19 KB
8 KB 8ms
7ms Script
application/javascript 184.24.77.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/slardar/fe/sdk-web/plugins/common-monitors.1.5.0.js
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/ttweb_webmssdk_ex/1.0.0.63/webmssdk_ex.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-6.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7520bda9576b519df3561d67722d95bea0bfb8f644b8b83b38b663138d62cd68

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: dbceee2
date: Sat, 14 Oct 2023 03:02:31 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: lJMNanjiQY7KAJ1oFCsUBQ==
x-cache: TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 7318
last-modified: Wed, 15 Feb 2023 03:17:11 GMT
opc-request-id: iad-1:a9Odx4trFHhAUHQHvPMsQRl-eFx9sgq0TArq-lOEkI_BwaZxcN8bWaD5NarH-_TF
x-api-id: native
etag: f69b14ef-715b-4897-9d2b-f2811c896f09
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: bf1061da-7f62-45be-8168-83d7b672961a
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 13 Nov 2023 03:02:31 GMT

GET
DATA 200
OK truncated
/ Frame 33C3 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2

200

activityi;dc_pre=CO7PsbvG9IEDFVaQ_Qcd5o4Cww;src=6517501;type=invmedia;cat=t4azj4zi;qty=1;cost=get.aidrestore.com;ord=%2Fw1%2Findex.html;auiddc=1754772136.1697252547;gtm=45He3ab0;uaa=;uab=;uafvl=;ua... Show response
6517501.fls.doubleclick.net/ Frame 1848
Redirect Chain

https://6517501.fls.doubleclick.net/activityi;src=6517501;type=invmedia;cat=t4azj4zi;qty=1;cost=get.aidrestore.com;ord=%2Fw1%2Findex.html;auiddc=1754772136.1697252547;gtm=45He3ab0;uaa=;uab=;uafvl=;...
https://6517501.fls.doubleclick.net/activityi;dc_pre=CO7PsbvG9IEDFVaQ_Qcd5o4Cww;src=6517501;type=invmedia;cat=t4azj4zi;qty=1;cost=get.aidrestore.com;ord=%2Fw1%2Findex.html;auiddc=1754772136.1697252...

504 B
389 B

40ms
38ms

Document
text/html

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6517501.fls.doubleclick.net/activityi;dc_pre=CO7PsbvG9IEDFVaQ_Qcd5o4Cww;src=6517501;type=invmedia;cat=t4azj4zi;qty=1;cost=get.aidrestore.com;ord=%2Fw1%2Findex.html;auiddc=1754772136.1697252547;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html?

Requested by

Host: get.aidrestore.com
URL: https://get.aidrestore.com/w1/js/gtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f6.1e100.net

Software

cafe /

Resource Hash

6d4bfe066ed177c4142585619c61a567a3452d2a690020ed7e0a968d8a973b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://get.aidrestore.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 279
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 03:02:31 GMT
expires: Sat, 14 Oct 2023 03:02:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 03:02:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6517501.fls.doubleclick.net/activityi;dc_pre=CO7PsbvG9IEDFVaQ_Qcd5o4Cww;src=6517501;type=invmedia;cat=t4azj4zi;qty=1;cost=get.aidrestore.com;ord=%2Fw1%2Findex.html;auiddc=1754772136.1697252547;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-8&value=
https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-8&value=&_bee_ppp=1

43 B
796 B

33ms
32ms

Image
image/gif

52.31.110.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-8&value=&_bee_ppp=1

Protocol

HTTP/1.1

Server

52.31.110.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-110-112.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
Date: Sat, 14 Oct 2023 03:02:31 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-8&value=&_bee_ppp=1
Date: Sat, 14 Oct 2023 03:02:31 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK /
d.adtelligent.com/segments/ 43 B
312 B 126ms
20ms Image
image/gif 2a0c:5c87:5205::2
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtelligent.com/segments/?id=115
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5205::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:30 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://get.aidrestore.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=7200
Content-Length: 43

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
24ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=478695864&t=event&ni=1&_s=1&dl=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%86%D1%8F%D0%BC%2C%20%D1%8F%D0%BA%D1%96%20%D0%B7%D0%B0%D0%BB%D0%B8%D1%88%D0%B8%D0%BB%D0%B8%D1%81%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%3A%20%D1%88%D0%B0%D1%85%D1%80%D0%B0%D0%B9%D1%81%D1%8C%D0%BA%D1%96%20%D1%81%D1%85%D0%B5%D0%BC%D0%B8%202023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=adBlocker&ea=active&el=%2Fw1%2Findex.html&_u=aCHAAEABAAQCAGAAI~&jid=&gjid=&cid=1932489114.1697252548&tid=UA-126238864-1&_gid=1528576055.1697252548&gtm=45He3ab0n81KMS7G77&z=425099597

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Oct 2023 08:16:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 67571
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CO7PsbvG9IEDFVaQ_Qcd5o4Cww;src=6517501;type=invmedia;cat=t4azj4zi;qty=1;cost=get.aidrestore.com;ord=%2Fw1%2Findex.html;auiddc=*;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epv...
adservice.google.com/ddm/fls/z/ Frame 1848 42 B
401 B 127ms
68ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CO7PsbvG9IEDFVaQ_Qcd5o4Cww;src=6517501;type=invmedia;cat=t4azj4zi;qty=1;cost=get.aidrestore.com;ord=%2Fw1%2Findex.html;auiddc=*;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html

Requested by

Host: 6517501.fls.doubleclick.net
URL: https://6517501.fls.doubleclick.net/activityi;dc_pre=CO7PsbvG9IEDFVaQ_Qcd5o4Cww;src=6517501;type=invmedia;cat=t4azj4zi;qty=1;cost=get.aidrestore.com;ord=%2Fw1%2Findex.html;auiddc=1754772136.1697252547;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6517501.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
s.adtelligent.com/ Frame 60D2 23 KB
2 KB 21ms
21ms XHR
text/xml 2a0c:5c87:5236:0:a236:9fff:fe1b:b5cc
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/?sv_content_id=459050&site_full_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&width=400&height=250&aid=806472&top_domain=get.aidrestore.com&multi-ads=1&rawg=1&pods=10&minbitrate=240&maxbitrate=720
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5236:0:a236:9fff:fe1b:b5cc Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 08eb398951b430f85a1e6a49b7225dcc35857f428d1c052bc604fa4c51a637e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:31 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 1631

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 52ms
51ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22906616360%2C58302844%2Ffakty.com.ua%2Fvideo%2Flow&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252551860&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td5_tt2_pd5_la5000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 43ms
42ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22906616360%2C58302844%2Ffakty.com.ua%2Fvideo%2Fmed&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252551862&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td5_tt2_pd5_la5000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 46ms
46ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22906616360%2C58302844%2Ffakty.com.ua%2Fvideo%2Fhigh&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252551864&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td5_tt2_pd5_la5000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 46ms
46ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F8570%2C58302844%2Fbidmatic%2Ffakty.com.ua_mid&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252551866&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td5_tt2_pd5_la5000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 49ms
49ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22724712014%2C58302844%2Fca-video-pub-9857612698505806-tag%2FAdtelligent_C1_1x1v&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252551868&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td5_tt2_pd5_la5000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 47ms
46ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F8570%2C58302844%2Fbidmatic%2Ffakty.com.ua&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252551870&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td5_tt2_pd5_la5000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
143 B 253ms
251ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F58302844%2Fat_fakty_oct&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252551873&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td5_tt2_pd5_la5000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
59ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310110101&jk=3655793237012901&bg=!RkWlRQrNAAbFpEfJ5aQ7ADQBe5WfOPulOqQTVV5h8N0rQ1EmzTHZBhW8HCG_rAeLePlNZHV0LxwphXMQVF3WOvx8NBw0AgAAAZNSAAAACmgBBwoAS_5ZxHiR4Q_iYxFeiEtfSGqqVntdozHJfPzMmRd5yiV9M5QdBTYs3kbj18yARd2hYoh2YiaVraGW0T7EUYTvwbZ6bC2xaJDxRanybpkC8prQOXU6V9HzErAHRbt71K-afyISKiTZhszwG4zbWnFwi399r-JSLzLtKXu1YkOlr2ThtSO9qNQxCCSmi1coV0TRs8b8mDdQZLFaVAqc1oBU5cITgr7HuPRvVEmmR158WbYu56zS7sTEKiIqwRkOS7GskY5cvBcB4yYKTVDUXFyvXS9w4MgcUEiuwqu3CsGEfZVGl7XZWdiQx8emkrd0bCbjfaz6TzzSL4saRGV9XS5r6mXBU847mB1dRMPPF1qbBPC_F_ShFUfl4HJ20ZbDSAbYtB6QFnpevR_bnRF8PHt8IPCZ_ZIlBsAxjsxd6ceyXb8TzPGJiAvJudcC5OY2Wgswgz_HRn6dfM3zgsKQcXCDil-dzmLMhZomc1ssHQarhJgMevTs37sYyTP4zdLJZFu7NUtaKgePwA3Pio-kx_JvgqamR8gODH_1ugsSh_XzPPs9fH9CA8Otgtnp7yC7YWQwlMIqnXr2byvqW9fCh1JeyjWpzZopoqJLPUj7_9Q0VyB9ulwCjg1wMQzYVwJZEj9OQx2v4A-OyunFnx4UTysQ4B_z35QJjJg6AHHJs0wCMEdJ-7e1eSoD3rr259PymtfOTMGQWOh9If7mhJxADs1e-IvTufZm1jP0WzvOEe3GgVA1h5Qnf6-s6d8723_Ijntr9ON_Uzxkz272cUH30n55_U6oqMpxpx0ZIg7Xq7PTTqpdp0FU-KnR9iuukeP7EvLEtWPqqnrQhstmjKrsu-7S4uHosVYoJj0qD2pE6Xk-vFUvlR03BECnSrWA6ah78N1fR4hgpXoD9WwfaurnqOuyv2QEZVACvoR2DK6v1eRbqg7ltZ5rIUvszE6mWU5Dm5_JuUoCBm9KxLz7MOvOF8wT_2LuxZExGknoUH4xcpfnVjg5P_4xHtCD9J5Ns7n03OSATqMFWHaCvvaAieayRu57XyKMaM42y4-bYUjRy_jPZ9dDC7iOotGYI7xOyFjsnHjcT3TsTxbjg_BvQ2wY5Mr8kPE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

19ms
18ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
an-x-request-uuid: 7150c500-0b19-4c49-8a31-f2ec2614d014
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

33ms
24ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

18ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
an-x-request-uuid: f994707c-2807-4935-befb-a0925257f60d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

19ms
19ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
an-x-request-uuid: afcc75c5-f94b-4d23-919c-79568ee79483
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

33ms
24ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

33ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: e2a853a5-49ce-4cb3-8da9-fecd458b6ae7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

25ms
22ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

17ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: 5ae4eed2-d4b5-4660-85ea-cf4505e2696c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

18ms
18ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: 3a6d3355-66af-42fd-b9d4-da406821f571
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

24ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: d41863a5-ce3a-40f2-8822-25e41d3816b1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

18ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: 67cc8057-dd6b-4fec-8919-3d70bf40b5a3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

25ms
21ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

25ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: dd5ba146-3c40-46a0-970c-708ac57a5414
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

24ms
22ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

26ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: aa832ed5-26aa-4143-b394-04a9aee6ccd1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 e748dfdea9774d6ebf6d6826e8047f59_1696794034
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame 33C3 149 KB
150 KB 44ms
8ms Image
image/jpeg 184.24.77.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/e748dfdea9774d6ebf6d6826e8047f59_1696794034?x-expires=1697425200&x-signature=zmziLt9efI2fwzUkIJhGanVl5dY%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-28.deploy.static.akamaitechnologies.com
Software: TLB / ImageX
Resource Hash: 4a4a437a83282a3c2c07876afb07ed026a8fa5f9ee3fae1547deaaf9c3110339

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: d6daf2b
date: Sat, 14 Oct 2023 03:02:31 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
x-tt-trace-id: 00-10d06a361064208d9adc08462a0e04d1-10d06a361064208d-01
nw-session-id: 202310081942547832572F70C7A8B79533s4ljr31df
x-powered-by: ImageX
x-cache: TCP_MEM_HIT from a23-54-207-28.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-bdcdn-cache-status: TCP_MISS
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1498624
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=53
x-length: 152697
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 152697
last-modified: Sun, 08 Oct 2023 19:42:55 GMT
server: TLB
x-tt-logid: 202310081942547832572F70C7A8B79533
x-response-date: Sun, 08 Oct 2023 19:42:55 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-10-08T19:42:55.833120532Z 48
x-request-ip: fdbd:dccd:cdc2:1104:0:1c87::
cache-control: max-age=31077634
x-response-cinfo: fdbd:dccd:cdc2:1104:0:1c87::
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *
x-tt-trace-host: 01bd8d764568c3f5d8f9c6455bf2af8e549d6e36e0a3714a26e39ccd135a45b7a25125a9f5c388daa456ef029ba018d99afc7f43ca99dd6f9d62bf0b6feb74a646b4e9a309bb6fee37d22da97c568bc725729465cc854b63ed92039a5e6c43d662bdbec2f59e9f8051a6b83a8408bc5a3781be91d264768b3eff89a2e4c66abca4

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

33ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: 95639146-d173-474a-b951-f13e4f4c54b3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

19ms
18ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:31 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

19ms
18ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: 5d2262eb-54a3-44bd-b98c-90280abeb001
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 img-embed-previous-ad15e871ecc7afadf24624d1f5681da5.svg
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/ Frame 33C3 576 B
1 KB 10ms
9ms Image
image/svg+xml 184.24.77.6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/img-embed-previous-ad15e871ecc7afadf24624d1f5681da5.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-6.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6793fa2f8d1a76e1ff51f8a83ecf5aa7ebbdc5f422196c1cdcda31f496d4d41e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: dbcf230
date: Sat, 14 Oct 2023 03:02:31 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: rRXocezHr63yRiTR9WgdpQ==
x-cache: TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 353
last-modified: Fri, 18 Aug 2023 09:06:04 GMT
opc-request-id: iad-1:hG93TwtaH4m4PWElS0GTMtVFWTA53ebm-oJRC450g3XMIeMKGjPQe3DMe9d_iz31
x-api-id: native
etag: b6f7cf67-6854-4be3-86b7-2da90c3e42ed
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: image/svg+xml
version-id: 65ee749f-be13-4277-bc32-b277deece9ae
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Nov 2023 03:02:31 GMT

GET
H2 200 TikTokFont-Bold.woff2
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/ Frame 33C3 57 KB
58 KB 9ms
8ms Font
font/woff2 2.21.20.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/TikTokFont-Bold.woff2?_default_font=1&v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-206.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5ac2037030385ad8cf10e486b44475d778eef2e2a377751fbf3c938fd3991b1c

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: b553b9a
date: Sat, 14 Oct 2023 03:02:31 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: XlPtJQhqqg0zNxAbdBRmrg==
x-cache: TCP_MEM_HIT from a23-206-213-78.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 58172
x-tos-request-id: f77d9655ef4892626455ef48-af54d05
x-tos-response-time: Sat, 06 May 2023 06:10:16 GMT
last-modified: Fri, 05 May 2023 11:48:04 GMT
server: nginx
x-tt-logid: 202305060610158FB20C99481ECB6ACC6E
etag: "CMGqjOWN3v4CEAE="
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1128488
access-control-allow-credentials: false
x-tt-trace-host: 018d69c6fd68364d7aa8df878b86598f5ee0770a39dd07c2cc923ae9bd8d770aaa035d77c15638749b7465e43a50ea20a6633bd141fa6c3d6df951cb80c2b2bc5d6977839dbb56e95f3bef3dd4ab229792546878bf764889c8ab0c26c96ad73e4b00e6038ba9f8212cd92ace2629fda740b7552e02cc9bd3c926c3aa3c34f8d7b46f4c113f91d9d5323463819feb84e64a
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 206
Partial Content /
v16-web-newkey.tiktokcdn.com/fde3151e0e1f8e2ca860cbedf42ff73a/652a59a1/video/tos/useast2a/tos-useast2a-ve-0068-euttp/oY60QcefTYPKwAkGDgnAIPIORXlQCB5EbwDMbX/ Frame 33C3 3 MB
0 111ms
19ms Media
video/mp4 2.16.100.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://v16-web-newkey.tiktokcdn.com/fde3151e0e1f8e2ca860cbedf42ff73a/652a59a1/video/tos/useast2a/tos-useast2a-ve-0068-euttp/oY60QcefTYPKwAkGDgnAIPIORXlQCB5EbwDMbX/?a=1988&ch=0&cr=3&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C3&cv=1&br=1820&bt=910&bti=NDU3ZjAwOg%3D%3D&cs=0&ds=3&ft=ApKJEBeUq8ZmoLGc.Q_vjSAyLAhLrus&mime_type=video_mp4&qs=0&rc=Mzw5ZDk0ZWVmNGk5NmY5OkBpMzNzdTo6ZmxqbjMzZjczM0BhNS5jLmAyNjAxYC8yMF5iYSM0aC0ycjRnNGVgLS1kMWNzcw%3D%3D&l=20231014030229684139A8BDCA5319C9CD&btag=e00090000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.100.171 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-100-171.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range: bytes=0-

Response headers

X-Akamai-Request-ID: 4f209d0
Date: Sat, 14 Oct 2023 03:02:32 GMT
X-Expires-MS: 1696794810801
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
X-Cache: TCP_HIT from a2-16-100-167.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
X-Bdcdn-Cache-Status: TCP_HIT
Content-Range: bytes 0-14318741/14318742
Connection: keep-alive
Server-Timing: cdn-cache; desc=HIT, edge; dur=2, inner; dur=13
Content-Length: 14318742
X-Storagegw-Request-Id: 20231008194321510CFB315420B4F4B128
Last-Modified: Sun, 08 Oct 2023 19:41:12 GMT
Server: TLB
X-TT-LOGID: 202310081953288B58716172AF63F00CED
ETag: "3df38bee0b2a57441e51c4ad69c90419"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Sun, 08 Oct 2023 19:43:22 GMT
x-request-ip: fdbd:dccd:cdc2:13d3:0:13e::
X-Origin-Response-Time: 36,23.43.56.159
x-response-cinfo: fdbd:dccd:cdc2:13d3:0:13e::
x-tt-trace-host: 0146027c2092bcd6d0fb6e4c44cd47f47da256d511edcaae76d9d1ac305c7caa5a9c36602457d57f7b4065340f0c985b197c6a4c19514999a1f60ae9b7bbfa39e51cadc4e4af083ed424c68f36cab0ff548eef3110fc8ee8ec82aa646066f0ed448f8f20e5e028a3944dc279ecdb3a24d29968b79ad0c9a9f900beab462d2bb05fda4e1c78f5bca4a83334d5bf49787af63429b206dade9ac7ba753542381fc4f4
Accept-Ranges: bytes
x-response-cache: edge_hit
Cache-Control: max-age=2592000

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

26ms
26ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: 43d2abf2-4e68-4337-950c-49660e9f6a57
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

25ms
25ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:31 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

26ms
25ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: 0c3cdb9d-3f34-4f7a-bf09-4c99bd25bc44
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 204 /
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 0
0 115ms
114ms Preflight 88.221.110.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=tiktok_web_embed
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.110.123 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-110-123.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
access-control-max-age: 600
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 03:02:32 GMT
server: TLB
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=12 inner; dur=3
x-akamai-request-id: 459f1c62.ff1fcce
x-cache: TCP_MISS from a88-221-110-119.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-cache-remote: TCP_MISS from a23-43-56-173.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
x-origin-response-time: 12,23.43.56.173
x-parent-response-time: 101,88.221.110.119
x-tt-logid: 2023101403023133B27481878E8912C7A2
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139c55214ecefb98db89d3a33426c4360e2c304590ab35f517c99f4d27aaf27358c0d0974b79c2af0e924540c5b7e859d69fb8c78eff1615df61ba973d991331794c898bf079fc968376b0b7a49aa851b9256dad590f0dcce0602b965a7c2d70ce27
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H2 204 / Show response
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 33C3 0
855 B 266ms
266ms XHR
application/json 88.221.110.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=tiktok_web_embed
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.553/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.110.123 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-110-123.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tiktok.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json

Response headers

x-akamai-request-id: 341bd979.ff1fd52
date: Sat, 14 Oct 2023 03:02:32 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a88-221-110-119.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-parent-response-time: 252,88.221.110.119
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=MISS, edge; dur=239, origin; dur=13, inner; dur=3
server: TLB
x-tt-logid: 20231014030231B2A017944512611434F1
x-cache-remote: TCP_MISS from a23-43-56-116.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
access-control-max-age: 600
access-control-allow-methods: POST, OPTIONS, GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-origin-response-time: 13,23.43.56.116
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139c55214ecefb98db89d3a33426c4360e2c7ea88c4900343977c8ec77cad431eda4993cc2767d766674964f65741313257c1d2f0d089080f352040606af2f784de98ccdccebd2e6a95232eaf6aeb28f3eebc909fd319c9238fd0ade7d497613698d
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV

GET
H/1.1

200
OK

player Show response
live-ictv-02.mw-01.cosmonova-broadcast.tv/ Frame 8AD3
Redirect Chain

https://live-ictv.mw-01.cosmonova-broadcast.tv/player?autoplay=true
https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true

6 KB
6 KB

294ms
48ms

Document
text/html

95.67.21.157
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.67.21.157 Kyiv, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: news-one-hls4.cosmonova.net.ua
Software: fasthttp /
Resource Hash: 7fb5c5c1f21c6ce7d4674394eee8f6b382c65598d02eac7146963abf4da8608c

Request headers

Referer: https://get.aidrestore.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 5853
Content-Type: text/html
Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: fasthttp

Redirect headers

content-length: 161
content-type: text/html
date: Sat, 14 Oct 2023 03:02:32 GMT
location: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
server: nginx/1.14.2

OPTIONS
H2 204 /
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 0
0 109ms
109ms Preflight 88.221.110.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=webmssdk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.110.123 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-110-123.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
access-control-max-age: 600
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 03:02:32 GMT
server: TLB
server-timing: cdn-cache; desc=MISS, edge; dur=81, origin; dur=14 inner; dur=4
x-akamai-request-id: 10e279e3.ff1fe02
x-cache: TCP_MISS from a88-221-110-119.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-cache-remote: TCP_MISS from a23-43-56-135.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-origin-response-time: 14,23.43.56.135
x-parent-response-time: 94,88.221.110.119
x-tt-logid: 20231014030231337C4F55FAA7AF264C2D
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139c55214ecefb98db89d3a33426c4360e2ca130550376e6ed287e7cda0da5c6fbec63258e14e3074ebbf3e4a5b62636ebb7dd1d9c1d46a28203ab92b701feeb99ec76db6c83b78dad0556b4c9cd2547366120cd10be230f2b905011d808c4802946
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H2 204 / Show response
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 33C3 0
853 B 108ms
107ms XHR
application/json 88.221.110.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=webmssdk
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.553/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.110.123 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-110-123.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tiktok.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json

Response headers

x-akamai-request-id: 11a833cd.ff1fe5b
date: Sat, 14 Oct 2023 03:02:32 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a88-221-110-119.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-parent-response-time: 91,88.221.110.119
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=MISS, edge; dur=81, origin; dur=11, inner; dur=3
server: TLB
x-tt-logid: 202310140302310CA2C308ED44033ABD04
x-cache-remote: TCP_MISS from a23-43-56-119.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
access-control-max-age: 600
access-control-allow-methods: POST, OPTIONS, GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-origin-response-time: 11,23.43.56.119
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139c55214ecefb98db89d3a33426c4360e2c309a96ce9debfdf2957531f0b5b77f471c25d738e9a97ca1399361005181f5951c854ec160503be28e22f517fd36bf29d505d4da0937bd32897025b524b84129c7c6562f1bbe62f747ac5ed81aeff4b2
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV

GET
H/1.1 200
OK / Show response
s.adtelligent.com/ Frame 60D2 23 KB
2 KB 25ms
25ms XHR
text/xml 2a0c:5c87:5236:0:a236:9fff:fe1b:b5cc
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/?sv_content_id=459050&site_full_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&width=400&height=250&aid=806472&top_domain=get.aidrestore.com&multi-ads=1&rawg=1&pods=10&minbitrate=240&maxbitrate=720
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5236:0:a236:9fff:fe1b:b5cc Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: bcb7aa122ab0fdef3cd8219ffcf7dacb1127469f6f2a3b7dd39cff3650d3c449

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:31 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 1718

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 48ms
48ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F8570%2C58302844%2Fbidmatic%2Ffakty.com.ua&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252552696&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td6_tt3_pd6_la6000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 48ms
47ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22906616360%2C58302844%2Ffakty.com.ua%2Fvideo%2Flow&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252552698&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td6_tt3_pd6_la6000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 48ms
47ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22906616360%2C58302844%2Ffakty.com.ua%2Fvideo%2Fmed&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252552700&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td6_tt3_pd6_la6000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 46ms
45ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F8570%2C58302844%2Fbidmatic%2Ffakty.com.ua_mid&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252552701&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td6_tt3_pd6_la6000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
143 B 248ms
248ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F58302844%2Fat_fakty_oct&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252552703&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td6_tt3_pd6_la6000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 48ms
47ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22724712014%2C58302844%2Fca-video-pub-9857612698505806-tag%2FAdtelligent_C1_1x1v&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252552705&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td6_tt3_pd6_la6000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 48ms
48ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22906616360%2C58302844%2Ffakty.com.ua%2Fvideo%2Fhigh&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252552708&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td6_tt3_pd6_la6000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

23ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: 1de4e058-95ae-4457-92d6-23e6ffe94160
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

21ms
20ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

17ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: d0a71649-c099-424c-997b-20846180e2f4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

25ms
20ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: cec01578-36d7-417c-a2bb-a5c7674f04fa
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

20ms
19ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

25ms
20ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: eda46e81-69f3-4ff8-8caf-a4e9175bbaad
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

19ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: 8de55802-1418-43fb-9a03-9512f11b5598
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

21ms
19ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

19ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: dbd1a7cc-22d6-4a25-a47b-2d105e91df1c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

20ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: 70f93027-b80a-40aa-b2af-f074c0494de6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

24ms
22ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

17ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: 7cc6c101-5522-40da-9a7c-e750a772c0b6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

17ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: 0106b3a7-d287-4832-a061-ef724225d9d5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

25ms
21ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

18ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: bb071af7-8611-4407-b73c-ec79d3a22f71
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

19ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: cf438aa3-6e15-458d-b78a-4722fb15ec20
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

25ms
19ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

18ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: 66a9494a-43e9-4e67-99d6-90f13fde8b28
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

18ms
17ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

17ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: 25d167df-10b4-4318-b25c-4ea836cc59c7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

17ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:32 GMT
an-x-request-uuid: 37b14544-88e4-470c-afc7-ab8721958ad7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 17ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-57RZ078QNH&gtm=45je3ab0&_p=478695864&cid=1932489114.1697252548&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1697252547&sct=1&seg=0&dl=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dt=%D0%94%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%86%D1%8F%D0%BC%2C%20%D1%8F%D0%BA%D1%96%20%D0%B7%D0%B0%D0%BB%D0%B8%D1%88%D0%B8%D0%BB%D0%B8%D1%81%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%3A%20%D1%88%D0%B0%D1%85%D1%80%D0%B0%D0%B9%D1%81%D1%8C%D0%BA%D1%96%20%D1%81%D1%85%D0%B5%D0%BC%D0%B8%202023&en=adblock&ep.article_date=2023-10-13&_et=14
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-57RZ078QNH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.aidrestore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.aidrestore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK style.css
live-ictv-02.mw-01.cosmonova-broadcast.tv/static/css/ Frame 8AD3 5 KB
5 KB 43ms
42ms Stylesheet
text/css 95.67.21.157
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/css/style.css?v=3.9.7
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.67.21.157 Kyiv, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: news-one-hls4.cosmonova.net.ua
Software: fasthttp /
Resource Hash: 47ca9ff5e5d3c4a3ca42d3cb20d29c6dfd5a6e04c10e1abff2c1ab33c1d2c31c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Last-Modified: Fri, 08 Oct 2021 07:27:59 GMT
Server: fasthttp
Accept-Ranges: bytes
Content-Length: 4659
Content-Type: text/css; charset=utf-8

GET
H/1.1 200
OK video-js.min.css
live-ictv-02.mw-01.cosmonova-broadcast.tv/static/css/ Frame 8AD3 39 KB
39 KB 85ms
41ms Stylesheet
text/css 95.67.21.157
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/css/video-js.min.css?v=3.9.7
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.67.21.157 Kyiv, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: news-one-hls4.cosmonova.net.ua
Software: fasthttp /
Resource Hash: ca0820a63d0f72f2ecc25d055b7c11b38015d108deb19483da303b28b331ee9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Last-Modified: Mon, 05 Jul 2021 12:59:29 GMT
Server: fasthttp
Accept-Ranges: bytes
Content-Length: 40159
Content-Type: text/css; charset=utf-8

GET
H/1.1 200
OK videojs-max-quality-selector.css
live-ictv-02.mw-01.cosmonova-broadcast.tv/static/css/ Frame 8AD3 960 B
1 KB 123ms
40ms Stylesheet
text/css 95.67.21.157
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/css/videojs-max-quality-selector.css?v=3.9.7
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.67.21.157 Kyiv, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: news-one-hls4.cosmonova.net.ua
Software: fasthttp /
Resource Hash: 3ddb8380ccd9f6363f3405f93fcd4a9ea184e41ec0afd86b601eb09d512fc539

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Last-Modified: Mon, 05 Jul 2021 12:59:29 GMT
Server: fasthttp
Accept-Ranges: bytes
Content-Length: 960
Content-Type: text/css; charset=utf-8

GET
H/1.1 200
OK videojs.vast.vpaid.min.css
live-ictv-02.mw-01.cosmonova-broadcast.tv/static/css/ Frame 8AD3 2 KB
2 KB 133ms
40ms Stylesheet
text/css 95.67.21.157
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/css/videojs.vast.vpaid.min.css?v=3.9.7
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.67.21.157 Kyiv, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: news-one-hls4.cosmonova.net.ua
Software: fasthttp /
Resource Hash: 265cfd4e7cf6e19df72e987d49834238c8a08cf0b1a29943428f2a8c038d81fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Last-Modified: Fri, 08 Oct 2021 07:27:59 GMT
Server: fasthttp
Accept-Ranges: bytes
Content-Length: 1991
Content-Type: text/css; charset=utf-8

GET
H/1.1 200
OK facebook.svg
live-ictv-02.mw-01.cosmonova-broadcast.tv/static/img/ Frame 8AD3 3 KB
3 KB 138ms
40ms Image
image/svg+xml 95.67.21.157
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/img/facebook.svg
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.67.21.157 Kyiv, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: news-one-hls4.cosmonova.net.ua
Software: fasthttp /
Resource Hash: aea91dbfe71cc8b28ffd85be6f56ae2ae5ea38738412be3aed367ca309ed1fcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Last-Modified: Mon, 05 Jul 2021 12:59:29 GMT
Server: fasthttp
Accept-Ranges: bytes
Content-Length: 2744
Content-Type: image/svg+xml

GET
H/1.1 200
OK youtube.svg
live-ictv-02.mw-01.cosmonova-broadcast.tv/static/img/ Frame 8AD3 4 KB
4 KB 139ms
41ms Image
image/svg+xml 95.67.21.157
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/img/youtube.svg
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.67.21.157 Kyiv, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: news-one-hls4.cosmonova.net.ua
Software: fasthttp /
Resource Hash: ea23c355e90abfb08c2dc82dfe1ded590268401fa6615b8ea2d3f80d5cfe86e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Last-Modified: Mon, 05 Jul 2021 12:59:29 GMT
Server: fasthttp
Accept-Ranges: bytes
Content-Length: 4117
Content-Type: image/svg+xml

GET
H/1.1 200
OK apple.svg
live-ictv-02.mw-01.cosmonova-broadcast.tv/static/img/ Frame 8AD3 3 KB
3 KB 41ms
40ms Image
image/svg+xml 95.67.21.157
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/img/apple.svg
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.67.21.157 Kyiv, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: news-one-hls4.cosmonova.net.ua
Software: fasthttp /
Resource Hash: 798d22c9c2387399b84903c46c89ee2962b89b7d3f615abd5e34c36eecdfdbfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Last-Modified: Mon, 05 Jul 2021 12:59:29 GMT
Server: fasthttp
Accept-Ranges: bytes
Content-Length: 3210
Content-Type: image/svg+xml

GET
H/1.1 200
OK login.svg
live-ictv-02.mw-01.cosmonova-broadcast.tv/static/img/ Frame 8AD3 3 KB
3 KB 43ms
42ms Image
image/svg+xml 95.67.21.157
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/img/login.svg
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.67.21.157 Kyiv, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: news-one-hls4.cosmonova.net.ua
Software: fasthttp /
Resource Hash: 46b1a9d0a7c7ef21acaf8dea42010bf0ec7fb6ee41b4908e096b9e5159c813de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Last-Modified: Mon, 05 Jul 2021 12:59:29 GMT
Server: fasthttp
Accept-Ranges: bytes
Content-Length: 2794
Content-Type: image/svg+xml

GET
H/1.1 200
OK video.min.js Show response
live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/ Frame 8AD3 545 KB
545 KB 127ms
41ms Script
text/javascript 95.67.21.157
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/video.min.js?v=3.9.7
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.67.21.157 Kyiv, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: news-one-hls4.cosmonova.net.ua
Software: fasthttp /
Resource Hash: 92976cb106e8f7ad8112d192a6159b08b31838bb76fb271ede2e87e80f654055

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Last-Modified: Mon, 05 Jul 2021 12:59:29 GMT
Server: fasthttp
Accept-Ranges: bytes
Content-Length: 557568
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK videojs-contrib-quality-levels.min.js Show response
live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/ Frame 8AD3 3 KB
3 KB 41ms
40ms Script
text/javascript 95.67.21.157
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/videojs-contrib-quality-levels.min.js?v=3.9.7
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.67.21.157 Kyiv, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: news-one-hls4.cosmonova.net.ua
Software: fasthttp /
Resource Hash: ed2211063010466708a4737203d986534b7cf827143c19941b7ccbd36d214a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Last-Modified: Mon, 05 Jul 2021 12:59:29 GMT
Server: fasthttp
Accept-Ranges: bytes
Content-Length: 2728
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK videojs-max-quality-selector.js Show response
live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/ Frame 8AD3 7 KB
7 KB 42ms
41ms Script
text/javascript 95.67.21.157
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/videojs-max-quality-selector.js?v=3.9.7
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.67.21.157 Kyiv, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: news-one-hls4.cosmonova.net.ua
Software: fasthttp /
Resource Hash: c4c0dbd56ce4aa05934063e014daca865dd381ed92fc34902031752ac29b21c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Last-Modified: Mon, 05 Jul 2021 12:59:29 GMT
Server: fasthttp
Accept-Ranges: bytes
Content-Length: 7323
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK videojs_5.vast.vpaid.min.js Show response
live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/ Frame 8AD3 104 KB
104 KB 40ms
40ms Script
text/javascript 95.67.21.157
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/videojs_5.vast.vpaid.min.js?v=3.9.7
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.67.21.157 Kyiv, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: news-one-hls4.cosmonova.net.ua
Software: fasthttp /
Resource Hash: 752defaa2948795aae8f114822045300f32a91ae8e256e66719ad4a17c7dd0f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Last-Modified: Fri, 08 Oct 2021 07:27:59 GMT
Server: fasthttp
Accept-Ranges: bytes
Content-Length: 106284
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK app.min.js Show response
live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/ Frame 8AD3 16 KB
16 KB 42ms
42ms Script
text/javascript 95.67.21.157
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/app.min.js?v=3.9.7
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.67.21.157 Kyiv, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: news-one-hls4.cosmonova.net.ua
Software: fasthttp /
Resource Hash: 1d9f90ee3dd7bc95a5d1ccca7cdfd6590e47f237cdf86f44198ccc8a3ffa056e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Last-Modified: Wed, 28 Jun 2023 14:27:29 GMT
Server: fasthttp
Accept-Ranges: bytes
Content-Length: 16066
Content-Type: text/javascript; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 8AD3 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK report Show response
mssdk-va.tiktok.com/web/ Frame 33C3 44 B
1 KB 179ms
131ms XHR
text/plain 23.36.162.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mssdk-va.tiktok.com/web/report?msToken=&X-Bogus=DFSzswVOQDG5Zp5ztTaDTPVeovgE
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.553/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-200.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: b097fc471c067f5960fbf018f38f1e00396bb71612d79be26976b8f18cf8da26

Request headers

Referer: https://www.tiktok.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

X-Akamai-Request-ID: a5b322c9
Date: Sat, 14 Oct 2023 03:02:33 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Cache: TCP_MISS from a23-206-213-200.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
Server-Timing: inner; dur=38, cdn-cache; desc=MISS, edge; dur=0, origin; dur=124
Connection: keep-alive
Content-Length: 44
X-Ms-Token: QCcS_H7cJBgVqiItIg31-xKKzDNH61LOxPNTjshBE7SeZoXHSDLoe1lH8xO7wxUGIDVVNXSb16G2u4nS_LXavHAdnCFF8i1vKZjawwvcAsDl-ahgWuig
Pragma: no-cache
Server: TLB
X-Tt-Logid: 2023101403023285B28D9C1A5D97327B96
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Expose-Headers: x-ms-token,x-ms-resp
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 124,23.206.213.200
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139c371d31fd9c2537099cce10b5868da145bc44e6de00cd358b263c2f49305ca8dd6e55d24d56072b4c9d6c7cc4ebf571b6a8390f276d936257d4ba02e59e493436373ee411491bc517c397781e5f1bb2de
Access-Control-Allow-Headers: x-mssdk-info,x-ms-req
Expires: Sat, 14 Oct 2023 03:02:33 GMT

GET
H2 200 / Show response
analytics.cosmonova.net/js/ Frame 8AD3 64 KB
21 KB 259ms
80ms Script
application/javascript 95.67.6.36
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.cosmonova.net/js/
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/app.min.js?v=3.9.7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.67.6.36 Kyiv, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS
Software: nginx/1.14.2 / PHP/7.4.13
Resource Hash: d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:33 GMT
content-encoding: gzip
last-modified: Thu, 31 Aug 2023 13:49:56 GMT
server: nginx/1.14.2
x-powered-by: PHP/7.4.13
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, must-revalidate
content-disposition: inline; filename=matomo.js
content-length: 21420
expires: Tue, 24 Oct 2023 03:02:33 GMT

GET
H2 200 3b3cc708-2975-47f1-b1bb-2fbf829e58ea.jpg
live-ictv.cdn-01.cosmonova.net.ua/vod/main/72a6b012-36e8-4776-b331-9a9e5682c787/ Frame 8AD3 29 KB
30 KB 445ms
187ms Image
image/jpeg 95.67.116.178
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-ictv.cdn-01.cosmonova.net.ua/vod/main/72a6b012-36e8-4776-b331-9a9e5682c787/3b3cc708-2975-47f1-b1bb-2fbf829e58ea.jpg?x=EFqbE7M-ryqOLraMQbdGRw
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 95.67.116.178 Irpin, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: shpromoushn1.cosmonova.net.ua
Software: nginx/1.19.6 /
Resource Hash: c2df89191160fa68f2787c549ac0c3a93a185d5e1347a14927bd280b7d6496ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:33 GMT
last-modified: Thu, 30 Mar 2023 15:58:38 GMT
server: nginx/1.19.6
etag: "6425b1ae-7555"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 30037

GET
DATA 200
OK truncated
/ Frame 8AD3 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://live-ictv-02.mw-01.cosmonova-broadcast.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H/1.1 200
OK / Show response
s.adtelligent.com/ Frame 60D2 23 KB
2 KB 22ms
21ms XHR
text/xml 2a0c:5c87:5236:0:a236:9fff:fe1b:b5cc
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/?sv_content_id=459050&site_full_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&width=400&height=250&aid=806472&top_domain=get.aidrestore.com&multi-ads=1&rawg=1&pods=10&minbitrate=240&maxbitrate=720
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5236:0:a236:9fff:fe1b:b5cc Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: a42d640dc340d4ed80df1fc5540048e91057b00bce17d2ba587f2d78ba9fb3c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:32 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 1591

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 45ms
45ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22906616360%2C58302844%2Ffakty.com.ua%2Fvideo%2Flow&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252553723&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td7_tt4_pd7_la7000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 45ms
44ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22906616360%2C58302844%2Ffakty.com.ua%2Fvideo%2Fmed&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252553726&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td7_tt4_pd7_la7000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 44ms
44ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22906616360%2C58302844%2Ffakty.com.ua%2Fvideo%2Fhigh&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252553729&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td7_tt4_pd7_la7000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 44ms
44ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F8570%2C58302844%2Fbidmatic%2Ffakty.com.ua_mid&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252553732&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td7_tt4_pd7_la7000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 44ms
44ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22724712014%2C58302844%2Fca-video-pub-9857612698505806-tag%2FAdtelligent_C1_1x1v&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252553734&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td7_tt4_pd7_la7000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 47ms
47ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F8570%2C58302844%2Fbidmatic%2Ffakty.com.ua&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252553737&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td7_tt4_pd7_la7000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
143 B 206ms
204ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F58302844%2Fat_fakty_oct&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=454057032598734&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252553741&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td7_tt4_pd7_la7000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK master.m3u8 Show response
live-ictv-02.mw-01.cosmonova-broadcast.tv/ Frame 8AD3 935 B
1 KB 42ms
42ms XHR
application/vnd.apple.mpegurl 95.67.21.157
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/master.m3u8?key=Lc1kXIfkFzSrv0gBwLs1
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/video.min.js?v=3.9.7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.67.21.157 Kyiv, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: news-one-hls4.cosmonova.net.ua
Software: fasthttp /
Resource Hash: e01eb749e755784605efbc23b891ff3ba9d645bb24b603697e315c16076e539c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 14 Oct 2023 03:02:33 GMT
Access-Control-Allow-Credentials: true
Server: fasthttp
Content-Length: 935
Content-Type: application/vnd.apple.mpegurl

GET
BLOB 200
OK 3bf78f7a-a3e7-4798-bfec-e8bb835e236d
https://live-ictv-02.mw-01.cosmonova-broadcast.tv/ Frame 8AD3 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://live-ictv-02.mw-01.cosmonova-broadcast.tv/3bf78f7a-a3e7-4798-bfec-e8bb835e236d
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c7ffc01cef95bfad089258bb39a526664df2a843e805d74d373c3071aaa2ed0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 5497
Content-Type: application/javascript

GET
BLOB 200
OK 3ddeb765-ec27-478b-aa91-67836ea1dad5
https://live-ictv-02.mw-01.cosmonova-broadcast.tv/ Frame 8AD3 75 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://live-ictv-02.mw-01.cosmonova-broadcast.tv/3ddeb765-ec27-478b-aa91-67836ea1dad5
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba99b322bb33b25c14acad374a4f2ff955a7867e0cb9dd77bf610881fa7b8fb4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 76406
Content-Type: application/javascript

GET
BLOB 200
OK eea4a2e5-d2e1-42e1-a51a-e2543bfb8f6e
https://live-ictv-02.mw-01.cosmonova-broadcast.tv/ Frame 8AD3 75 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://live-ictv-02.mw-01.cosmonova-broadcast.tv/eea4a2e5-d2e1-42e1-a51a-e2543bfb8f6e
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba99b322bb33b25c14acad374a4f2ff955a7867e0cb9dd77bf610881fa7b8fb4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 76406
Content-Type: application/javascript

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

22ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:33 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:33 GMT
an-x-request-uuid: 5b8aac57-43dc-4a42-ab65-a5a948ca6bb3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

24ms
20ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:33 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:33 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

22ms
18ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:33 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:33 GMT
an-x-request-uuid: 878aca14-0312-4494-b361-a428f0d77957
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

23ms
18ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:33 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:33 GMT
an-x-request-uuid: f6ef36b7-f403-42bb-abf4-6c1cba69eaed
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

19ms
18ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:33 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:33 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

23ms
18ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:33 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:33 GMT
an-x-request-uuid: 1b4e7b18-6ce8-4c1c-b093-40450a2b68e8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

25ms
24ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:33 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:33 GMT
an-x-request-uuid: 7d1fb546-90c7-433f-a137-8a220aa1a646
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

18ms
17ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:33 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:33 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

17ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:33 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:33 GMT
an-x-request-uuid: cb4f1704-163f-4111-acc9-eeb8ce6db524
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

24ms
23ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:33 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:33 GMT
an-x-request-uuid: 62ff0810-74f0-4ec1-b72a-a297b2dc2ae9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

22ms
21ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:33 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:33 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

23ms
22ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:33 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:33 GMT
an-x-request-uuid: ef4c5ed2-14b2-4101-8502-f544a1283679
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

23ms
22ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:33 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:33 GMT
an-x-request-uuid: a7d287ee-0fad-45e8-9c6d-51f7f2fda4e2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

20ms
20ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:33 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:33 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

22ms
22ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:33 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:33 GMT
an-x-request-uuid: 318a0031-ec38-4025-aabc-7d2e32fb5e4a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

18ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:33 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:33 GMT
an-x-request-uuid: ffcff2f5-cc65-41ee-8dbc-d2b5256bebf4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

25ms
20ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:33 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:33 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

18ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:33 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:33 GMT
an-x-request-uuid: d9631f28-fd0b-4166-bf6f-612d7d7953c9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ICTV_video_low_.m3u8 Show response
live-ictv-02.mw-01.cosmonova-broadcast.tv/ Frame 8AD3 569 B
781 B 43ms
42ms XHR
application/vnd.apple.mpegurl 95.67.21.157
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/ICTV_video_low_.m3u8?key=Lc1kXIfkFzSrv0gBwLs1
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/video.min.js?v=3.9.7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.67.21.157 Kyiv, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: news-one-hls4.cosmonova.net.ua
Software: fasthttp /
Resource Hash: 0efd224d2e47c15c4b9c563f2004fd97a96b635073158a8135cb55c017570700

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 14 Oct 2023 03:02:33 GMT
Access-Control-Allow-Credentials: true
Server: fasthttp
Content-Length: 569
Content-Type: application/vnd.apple.mpegurl

GET
H/1.1 200
OK ICTV_audio_ukr_low_.m3u8 Show response
live-ictv-02.mw-01.cosmonova-broadcast.tv/ Frame 8AD3 585 B
797 B 44ms
41ms XHR
application/vnd.apple.mpegurl 95.67.21.157
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/ICTV_audio_ukr_low_.m3u8?key=Lc1kXIfkFzSrv0gBwLs1
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/video.min.js?v=3.9.7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.67.21.157 Kyiv, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: news-one-hls4.cosmonova.net.ua
Software: fasthttp /
Resource Hash: fe195aa91d880ebd436a3fbf8740dfd8549940d3aa277124406f3e13b267b71e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 14 Oct 2023 03:02:33 GMT
Access-Control-Allow-Credentials: true
Server: fasthttp
Content-Length: 585
Content-Type: application/vnd.apple.mpegurl

GET
H2 200 ICTV_video_low_52360.ts Show response
live-ictv.cdn-03.cosmonova.net.ua/hls/main/ICTV/ Frame 8AD3 463 KB
463 KB 489ms
260ms XHR
video/mp2t 95.67.116.179
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv.cdn-03.cosmonova.net.ua/hls/main/ICTV/ICTV_video_low_52360.ts?x=X5l9jCMsGB29F7NJQWbbRw
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/video.min.js?v=3.9.7
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 95.67.116.179 Irpin, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: shpromoushn2.cosmonova.net.ua
Software: nginx/1.19.6 /
Resource Hash: 83c7a4e13dbe7a711b0575c322c375f2717132312127ea688b30aff0831274c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:34 GMT
last-modified: Sat, 14 Oct 2023 03:02:17 GMT
server: nginx/1.19.6
etag: "652a04b9-73aa0"
content-type: video/mp2t
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 473760

POST
H2 204 /
analytics.cosmonova.net/js/ Frame 8AD3 0
150 B 121ms
120ms Ping
text/plain 95.67.6.36
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.cosmonova.net/js/?action_name=&idsite=2&rec=1&r=441833&h=5&m=2&s=33&url=https%3A%2F%2Flive-ictv-02.mw-01.cosmonova-broadcast.tv%2Fplayer%3Fautoplay%3Dtrue&urlref=https%3A%2F%2Fget.aidrestore.com%2F&_id=8cb2b2f35d5cc63f&_idn=1&send_image=0&_refts=1697252554&_ref=https%3A%2F%2Fget.aidrestore.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=kWdEcg&pf_net=247&pf_srv=47&pf_tfr=1&pf_dm1=511&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: analytics.cosmonova.net
URL: https://analytics.cosmonova.net/js/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.67.6.36 Kyiv, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS
Software: nginx/1.14.2 / PHP/7.4.13
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://live-ictv-02.mw-01.cosmonova-broadcast.tv
date: Sat, 14 Oct 2023 03:02:34 GMT
access-control-allow-credentials: true
server: nginx/1.14.2
x-powered-by: PHP/7.4.13

GET
H2 200 ICTV_audio_ukr_low_52360.ts Show response
live-ictv.cdn-03.cosmonova.net.ua/hls/main/ICTV/ Frame 8AD3 51 KB
52 KB 280ms
84ms XHR
video/mp2t 95.67.116.179
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv.cdn-03.cosmonova.net.ua/hls/main/ICTV/ICTV_audio_ukr_low_52360.ts?x=cRgiZN5aGd4-ytDDsX1PlQ
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/video.min.js?v=3.9.7
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 95.67.116.179 Irpin, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: shpromoushn2.cosmonova.net.ua
Software: nginx/1.19.6 /
Resource Hash: 87a3e8409701453bb601a62c9e978e383425a1014eeb86cd5b10769491e90ba7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:34 GMT
last-modified: Sat, 14 Oct 2023 03:02:17 GMT
server: nginx/1.19.6
etag: "652a04b9-cda0"
content-type: video/mp2t
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 52640

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

29ms
28ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:33 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:34 GMT
an-x-request-uuid: 1ea79640-bfe4-4c15-aa4f-a05d7d60d265
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

49ms
44ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:34 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:33 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

29ms
29ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:33 GMT
Server: Adtelligent
Etag: abc2268011750c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:34 GMT
an-x-request-uuid: d11bff83-6b71-4e9a-b932-8ce4737a225c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 /
mon.tiktokv.com/monitor_browser/collect/batch/ Frame 33C3 0
0 109ms
106ms Fetch
application/json 88.221.110.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mon.tiktokv.com/monitor_browser/collect/batch/
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.553/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.110.74 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-110-74.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json

Response headers

x-akamai-request-id: e9542b5.198efd1
date: Sat, 14 Oct 2023 03:02:35 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a88-221-110-70.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
x-parent-response-time: 93,88.221.110.70
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=MISS, edge; dur=80, origin; dur=14, inner; dur=3
server: TLB
x-tt-logid: 2023101403023451CD4A41DA6DEB376946
x-cache-remote: TCP_MISS from a23-43-56-140.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
access-control-max-age: 600
access-control-allow-methods: POST, OPTIONS, GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-origin-response-time: 14,23.43.56.140
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139cc73f7c256f311d5827c041e1a75d9797a9c8dbdf64cc6188023b91e1808d262cf8aaeda71554e977e52d47ccfb7d840e125036ae551561bc8b6edc3e04eb366e612ec9016cd92d80b50705c6737dd07a9dabe2e7a1e48f2ef6e20dcc15062423
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV

POST
H/1.1 200
OK report Show response
mssdk-va.tiktok.com/web/ Frame 33C3 44 B
2 KB 170ms
169ms XHR
text/plain 23.36.162.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mssdk-va.tiktok.com/web/report?msToken=&X-Bogus=DFSzswVOQDVqzr5ztTaDT-VeovZx
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.553/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-200.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: b097fc471c067f5960fbf018f38f1e00396bb71612d79be26976b8f18cf8da26

Request headers

Referer: https://www.tiktok.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

X-Akamai-Request-ID: 8679cd4.a5b3238a
Date: Sat, 14 Oct 2023 03:02:34 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Cache: TCP_MISS from a23-206-213-200.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
X-Parent-Response-Time: 159,23.206.213.200
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=73, inner; dur=70
Content-Length: 44
X-Ms-Token: k2OCLQZNliseI601mUdniwVYGv401_CSwfaGZgxSXV4j-eL7XsZeLeZAzq3dwjwPJxeB0cVyC_-SeXnrRFYEpfPZja0BrphS-eDfSv0Bee-PI7rSn-g0
Pragma: no-cache
Server: TLB
X-Tt-Logid: 2023101403023398B2E355A0604F0ED5E5
X-Cache-Remote: TCP_MISS from a23-220-104-205.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Expose-Headers: x-ms-token,x-ms-resp
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 73,23.220.104.205
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139c371d31fd9c2537099cce10b5868da14589de366991a422b2fcbf7c8ac6c9577e64425910def76504fee73339e719100e99a6464e006e6f954a2aedcb4ee21827e62f0c7fc0bf6d52ca4309b9b9497efebb621c72c0452ffa9e4b1148305efff1
Access-Control-Allow-Headers: x-mssdk-info,x-ms-req
Expires: Sat, 14 Oct 2023 03:02:34 GMT

GET
H/1.1 200
OK / Show response
s.adtelligent.com/ Frame 60D2 23 KB
2 KB 24ms
24ms XHR
text/xml 2a0c:5c87:5236:0:a236:9fff:fe1b:b5cc
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/?sv_content_id=459050&site_full_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&width=400&height=250&aid=806472&top_domain=get.aidrestore.com&multi-ads=1&rawg=1&pods=10&minbitrate=240&maxbitrate=720
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5236:0:a236:9fff:fe1b:b5cc Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: ae5c0caafe32f95d54cf598339614f4612448e531a9210640196961273411a4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:33 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 1645

GET
H2 200 ICTV_audio_ukr_low_52361.ts Show response
live-ictv.cdn-03.cosmonova.net.ua/hls/main/ICTV/ Frame 8AD3 51 KB
51 KB 87ms
87ms XHR
video/mp2t 95.67.116.179
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv.cdn-03.cosmonova.net.ua/hls/main/ICTV/ICTV_audio_ukr_low_52361.ts?x=pnsC7n7CkLEAK8MjyhSMAQ
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/video.min.js?v=3.9.7
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 95.67.116.179 Irpin, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: shpromoushn2.cosmonova.net.ua
Software: nginx/1.19.6 /
Resource Hash: 4e03740b66e0021e553fd2c582c71cc1e2a53fa7999ef0cf3be8af6a3bcae35f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:34 GMT
last-modified: Sat, 14 Oct 2023 03:02:21 GMT
server: nginx/1.19.6
etag: "652a04bd-cb6c"
content-type: video/mp2t
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 52076

OPTIONS
H2 204 /
mon.tiktokv.com/monitor_browser/collect/batch/ Frame 0
0 630ms
113ms Preflight 88.221.110.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mon.tiktokv.com/monitor_browser/collect/batch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.110.74 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-110-74.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
access-control-max-age: 600
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 03:02:35 GMT
server: TLB
server-timing: cdn-cache; desc=MISS, edge; dur=82, origin; dur=13 inner; dur=3
x-akamai-request-id: 10b477c5.198efaf
x-cache: TCP_MISS from a88-221-110-70.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
x-cache-remote: TCP_MISS from a23-43-56-151.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-origin-response-time: 13,23.43.56.151
x-parent-response-time: 95,88.221.110.70
x-tt-logid: 20231014030233A0C452228F91F3362F0C
x-tt-trace-host: 0108537ecf4ccba81adec80671096b139cc73f7c256f311d5827c041e1a75d979706627f442653c05bd6b34c3e942e540c1b2a3c6e223d87cad84c645051f3bb2dd7ebf1f84aab400b935f5faa0a44fa601cdd2b17ba8335e88e624d61b44801a358297868921775ebe34fed10f562a111
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 55ms
49ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22906616360%2C58302844%2Ffakty.com.ua%2Fvideo%2Fhigh&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4307919109590544&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252554961&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td8_tt5_pd8_la8000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 52ms
46ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22724712014%2C58302844%2Fca-video-pub-9857612698505806-tag%2FAdtelligent_C1_1x1v&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4307919109590544&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252554964&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td8_tt5_pd8_la8000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 55ms
46ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F8570%2C58302844%2Fbidmatic%2Ffakty.com.ua_mid&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4307919109590544&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252554966&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td8_tt5_pd8_la8000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 59ms
50ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F8570%2C58302844%2Fbidmatic%2Ffakty.com.ua&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4307919109590544&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252554968&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td8_tt5_pd8_la8000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
143 B 226ms
219ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F58302844%2Fat_fakty_oct&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4307919109590544&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252554970&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td8_tt5_pd8_la8000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 49ms
44ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22906616360%2C58302844%2Ffakty.com.ua%2Fvideo%2Fmed&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4307919109590544&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252554973&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td8_tt5_pd8_la8000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 60D2 156 B
142 B 71ms
46ms XHR
text/xml 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F22906616360%2C58302844%2Ffakty.com.ua%2Fvideo%2Flow&description_url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&tfcd=0&npa=0&sz=1x1%7C400x300%7C444x250%7C480x360%7C600x252%7C640x360%7C640x480%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4307919109590544&ad_type=audio_video&cust_params=strategy%3D&media_url=https%3A%2F%2Ffiles.bidmatic.io%2Fvideo-service%2Fdada366b63c78a6bf291cceb3e5f46ff.mp4&vad_type=linear&sdkv=h.3.595.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=4144679779&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&sid=64ADACBB-B51E-4325-8FF5-519CD02BAD0D&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797965%2C44801604&url=https%3A%2F%2Fget.aidrestore.com%2Fw1%2Findex.html&dlt=1697252546572&idt=2944&dt=1697252554975&cookie=ID%3Dacd6303b414344e3%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA&gpic=UID%3D00000c97b0ad1893%3AT%3D1697252548%3ART%3D1697252548%3AS%3DALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg&scor=3368618546975339&ged=ve4_td8_tt5_pd8_la8000_er1515.484.1871.1116_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ICTV_audio_ukr_low_52362.ts Show response
live-ictv.cdn-03.cosmonova.net.ua/hls/main/ICTV/ Frame 8AD3 51 KB
52 KB 100ms
83ms XHR
video/mp2t 95.67.116.179
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv.cdn-03.cosmonova.net.ua/hls/main/ICTV/ICTV_audio_ukr_low_52362.ts?x=BLn5sCYTnsnUG_1vosr7lw
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/video.min.js?v=3.9.7
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 95.67.116.179 Irpin, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: shpromoushn2.cosmonova.net.ua
Software: nginx/1.19.6 /
Resource Hash: e30b313fa4a5393e5a1d15ed3cf331349e32584227654320d0a58daa3a14d490

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:35 GMT
last-modified: Sat, 14 Oct 2023 03:02:24 GMT
server: nginx/1.19.6
etag: "652a04c0-cda0"
content-type: video/mp2t
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 52640

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

24ms
21ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:34 GMT
Server: Adtelligent
Etag: d6e2268011850c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:35 GMT
an-x-request-uuid: 59b21933-f69a-4a2f-aec2-f35fb7a06d04
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

20ms
19ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:35 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:34 GMT
Server: Adtelligent
Etag: d6e2268011850c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

24ms
19ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:34 GMT
Server: Adtelligent
Etag: d6e2268011850c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:35 GMT
an-x-request-uuid: 7b8aa9f8-865c-4df0-a5ba-afbae7e81f9f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

24ms
21ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:34 GMT
Server: Adtelligent
Etag: d6e2268011850c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:35 GMT
an-x-request-uuid: 157e535a-8309-495c-a023-b3cd31992601
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

22ms
21ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:35 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:34 GMT
Server: Adtelligent
Etag: d6e2268011850c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

25ms
19ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:34 GMT
Server: Adtelligent
Etag: d6e2268011850c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:35 GMT
an-x-request-uuid: 347aaf7a-448d-4ed8-a289-825e0369ba6c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

20ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:34 GMT
Server: Adtelligent
Etag: d6e2268011850c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:35 GMT
an-x-request-uuid: 496063b0-0fe0-4f90-bb28-8107b5167abc
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

25ms
20ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:35 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:34 GMT
Server: Adtelligent
Etag: d6e2268011850c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

20ms
18ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:34 GMT
Server: Adtelligent
Etag: d6e2268011850c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:35 GMT
an-x-request-uuid: 27b2bf68-d654-4615-89c3-8247b514860c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

20ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:34 GMT
Server: Adtelligent
Etag: d6e2268011850c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:35 GMT
an-x-request-uuid: 42a4e9ba-b39d-4b69-ae04-ae140348d65d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

21ms
18ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:34 GMT
Server: Adtelligent
Etag: d6e2268011850c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:35 GMT
an-x-request-uuid: caf5bf4f-63cb-478c-8f2d-817dba39c6c8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

24ms
20ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:35 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:34 GMT
Server: Adtelligent
Etag: d6e2268011850c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

17ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:34 GMT
Server: Adtelligent
Etag: d6e2268011850c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:35 GMT
an-x-request-uuid: fa33a430-7e10-4756-9ff9-6b1066cfb6c7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

25ms
21ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:35 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:34 GMT
Server: Adtelligent
Etag: d6e2268011850c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

17ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:34 GMT
Server: Adtelligent
Etag: d6e2268011850c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:35 GMT
an-x-request-uuid: 636c9946-977b-45ff-86a0-efac1229ee17
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

18ms
18ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:34 GMT
Server: Adtelligent
Etag: d6e2268011850c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:35 GMT
an-x-request-uuid: 9efc08e8-e895-4120-b547-806969a1cac6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

23ms
21ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:35 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:34 GMT
Server: Adtelligent
Etag: d6e2268011850c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

18ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:34 GMT
Server: Adtelligent
Etag: d6e2268011850c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:35 GMT
an-x-request-uuid: 3d337068-658d-46f1-9172-d6638952e2ea
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ICTV_audio_ukr_low_52363.ts Show response
live-ictv.cdn-03.cosmonova.net.ua/hls/main/ICTV/ Frame 8AD3 51 KB
51 KB 85ms
84ms XHR
video/mp2t 95.67.116.179
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv.cdn-03.cosmonova.net.ua/hls/main/ICTV/ICTV_audio_ukr_low_52363.ts?x=zXu71MbAjKKYqxuyPIMToQ
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/video.min.js?v=3.9.7
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 95.67.116.179 Irpin, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: shpromoushn2.cosmonova.net.ua
Software: nginx/1.19.6 /
Resource Hash: 47cf724a03e0903a996c75f997b08f636934ddd28848dfdbae0ca55827338585

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:35 GMT
last-modified: Sat, 14 Oct 2023 03:02:28 GMT
server: nginx/1.19.6
etag: "652a04c4-cce4"
content-type: video/mp2t
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 52452

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0

43 B
320 B

17ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:35 GMT
Server: Adtelligent
Etag: d6e2268011850c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:35 GMT
an-x-request-uuid: 678fea23-55b2-42e0-a1db-ac12f8c5f580
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

prebid Show response
rtb.openx.net/sync/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.openx.net%2Fsync%2Fprebid%3Fgdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26r%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync...
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D

43 B
58 B

28ms
27ms

Fetch
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Protocol: H3
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:35 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

Location: https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
Date: Sat, 14 Oct 2023 03:02:34 GMT
Server: Adtelligent
Etag: d6e2268011850c1d
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 60D2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0

43 B
320 B

17ms
17ms

Fetch
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:02:35 GMT
Server: Adtelligent
Etag: d6e2268011850c1d
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 03:02:35 GMT
an-x-request-uuid: f790cb1c-a119-4813-867d-a80025b677cc
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
x-proxy-origin: 178.162.209.136; 178.162.209.136; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ICTV_video_low_52361.ts Show response
live-ictv.cdn-03.cosmonova.net.ua/hls/main/ICTV/ Frame 8AD3 460 KB
460 KB 90ms
87ms XHR
video/mp2t 95.67.116.179
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv.cdn-03.cosmonova.net.ua/hls/main/ICTV/ICTV_video_low_52361.ts?x=IxXRctcNDwRHqoAcU8ctSQ
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/video.min.js?v=3.9.7
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 95.67.116.179 Irpin, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: shpromoushn2.cosmonova.net.ua
Software: nginx/1.19.6 /
Resource Hash: d435327d2b0de67e1043e104e53657c63d443fa14aa5bf11bf916cb04d6a9ab0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:35 GMT
last-modified: Sat, 14 Oct 2023 03:02:21 GMT
server: nginx/1.19.6
etag: "652a04bd-72e24"
content-type: video/mp2t
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 470564

GET
H2 200 ICTV_video_low_52362.ts Show response
live-ictv.cdn-03.cosmonova.net.ua/hls/main/ICTV/ Frame 8AD3 462 KB
462 KB 90ms
90ms XHR
video/mp2t 95.67.116.179
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv.cdn-03.cosmonova.net.ua/hls/main/ICTV/ICTV_video_low_52362.ts?x=iZ_8P-brzj6kvQLOdP94Iw
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/video.min.js?v=3.9.7
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 95.67.116.179 Irpin, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: shpromoushn2.cosmonova.net.ua
Software: nginx/1.19.6 /
Resource Hash: a5487f3313aa5596105b724cb1c3780e0f8d366dd267b9ce151be67730b95aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:35 GMT
last-modified: Sat, 14 Oct 2023 03:02:24 GMT
server: nginx/1.19.6
etag: "652a04c0-73638"
content-type: video/mp2t
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 472632

GET
H2 200 ICTV_video_low_52363.ts Show response
live-ictv.cdn-03.cosmonova.net.ua/hls/main/ICTV/ Frame 8AD3 480 KB
480 KB 84ms
84ms XHR
video/mp2t 95.67.116.179
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv.cdn-03.cosmonova.net.ua/hls/main/ICTV/ICTV_video_low_52363.ts?x=QQCJoquPQyXxhYkzlMtEXg
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/video.min.js?v=3.9.7
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 95.67.116.179 Irpin, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: shpromoushn2.cosmonova.net.ua
Software: nginx/1.19.6 /
Resource Hash: b1ce8b770417c09e1bc6bbb3c943237ad76dd445614f66d47f7e1a4a2cc34785

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:35 GMT
last-modified: Sat, 14 Oct 2023 03:02:29 GMT
server: nginx/1.19.6
etag: "652a04c5-77e30"
content-type: video/mp2t
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 491056

GET
H/1.1 200
OK ICTV_video_low_.m3u8 Show response
live-ictv-02.mw-01.cosmonova-broadcast.tv/ Frame 8AD3 569 B
781 B 44ms
44ms XHR
application/vnd.apple.mpegurl 95.67.21.157
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/ICTV_video_low_.m3u8?key=Lc1kXIfkFzSrv0gBwLs1
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/video.min.js?v=3.9.7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.67.21.157 Kyiv, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: news-one-hls4.cosmonova.net.ua
Software: fasthttp /
Resource Hash: c30a4fd1c29f97a7bf74bbe9b69baac489722ce3f06968f7537ee0d56227bdee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 14 Oct 2023 03:02:37 GMT
Access-Control-Allow-Credentials: true
Server: fasthttp
Content-Length: 569
Content-Type: application/vnd.apple.mpegurl

GET
H/1.1 200
OK ICTV_audio_ukr_low_.m3u8 Show response
live-ictv-02.mw-01.cosmonova-broadcast.tv/ Frame 8AD3 585 B
797 B 44ms
40ms XHR
application/vnd.apple.mpegurl 95.67.21.157
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/ICTV_audio_ukr_low_.m3u8?key=Lc1kXIfkFzSrv0gBwLs1
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/video.min.js?v=3.9.7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.67.21.157 Kyiv, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: news-one-hls4.cosmonova.net.ua
Software: fasthttp /
Resource Hash: 23b81f55e6fd4215f7c8fd7c0a7a2f5ef6aff57637efb0463352c4a31298d63d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/player?autoplay=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 14 Oct 2023 03:02:37 GMT
Access-Control-Allow-Credentials: true
Server: fasthttp
Content-Length: 585
Content-Type: application/vnd.apple.mpegurl

GET
H2 200 ICTV_video_low_52364.ts Show response
live-ictv.cdn-03.cosmonova.net.ua/hls/main/ICTV/ Frame 8AD3 460 KB
460 KB 170ms
170ms XHR
video/mp2t 95.67.116.179
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv.cdn-03.cosmonova.net.ua/hls/main/ICTV/ICTV_video_low_52364.ts?x=rh6xzpWH2nLscM6WwL7AcA
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/video.min.js?v=3.9.7
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 95.67.116.179 Irpin, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: shpromoushn2.cosmonova.net.ua
Software: nginx/1.19.6 /
Resource Hash: bf7c29ba6b114fccc56922ddf59a221d92542b388cf4a2b26ba34b2831901ad0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:37 GMT
last-modified: Sat, 14 Oct 2023 03:02:32 GMT
server: nginx/1.19.6
etag: "652a04c8-72e24"
content-type: video/mp2t
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 470564

GET
H2 200 ICTV_audio_ukr_low_52364.ts Show response
live-ictv.cdn-03.cosmonova.net.ua/hls/main/ICTV/ Frame 8AD3 52 KB
52 KB 469ms
468ms XHR
video/mp2t 95.67.116.179
COSMONOVA-AS Cosm...

General

Check archive.org

Show headers Download Go to

Full URL: https://live-ictv.cdn-03.cosmonova.net.ua/hls/main/ICTV/ICTV_audio_ukr_low_52364.ts?x=3R1WHejDkTObM3hNktH32w
Requested by: Host: live-ictv-02.mw-01.cosmonova-broadcast.tv
URL: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/static/js/video.min.js?v=3.9.7
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 95.67.116.179 Irpin, Ukraine, ASN34867 (COSMONOVA-AS Cosmonova LLC, UA),
Reverse DNS: shpromoushn2.cosmonova.net.ua
Software: nginx/1.19.6 /
Resource Hash: fd76979513895f43c55c613bb702d9674ff27e3f765ac9ada8661736dd9905a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-ictv-02.mw-01.cosmonova-broadcast.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 03:02:37 GMT
last-modified: Sat, 14 Oct 2023 03:02:32 GMT
server: nginx/1.19.6
etag: "652a04c8-cf18"
content-type: video/mp2t
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 53016

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fakty.com.ua
URL: https://fakty.com.ua/wp-content/themes/fkt/dist/fonts/Inter-Regular.woff2

Domain: fakty.com.ua
URL: https://fakty.com.ua/wp-content/themes/fkt/dist/fonts/Inter-SemiBold.woff2

Domain: fakty.com.ua
URL: https://fakty.com.ua/wp-content/themes/fkt/dist/fonts/Inter-Bold.woff2

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
get.aidrestore.com/w1	1970-01-20 15:28:12	Name: PHPREFS Value: full
.aidrestore.com/	1970-01-20 17:37:08	Name: _gcl_au Value: 1.1.1754772136.1697252547
.piano.io/	1970-01-20 15:27:34	Name: __cf_bm Value: 96_VCKgXISYX8US1T8S9ZPDxCm9YMFN7GbKOfF9bXbM-1697252547-0-ATQhBjqK8MCWf3N4WDbywYN0NvEyRjIYnOaXGWVHh6VUNaWLgGVcp+YtXaOE/CYd3vi3AoBD+pai1I3SNEWE9yM=
.aidrestore.com/	1970-01-21 00:56:20	Name: __gfp_64b Value: A9WMkTe34gQzDpb9E.CWCcySafd8yjC5.FOAYhTEnqz.N7\|1697252547
.hit.gemius.pl/	1970-01-20 15:37:37	Name: Gtest Value: KlSggMaGQMQGHdc8-7L18MRUssGMXP8c25nSG9jAgiD8XBG.
.aidrestore.com/	1970-01-21 01:03:32	Name: _ga_57RZ078QNH Value: GS1.1.1697252547.1.0.1697252548.59.0.0
get.aidrestore.com/	1970-01-20 16:10:44	Name: _pbjs_userid_consent_data Value: 3524755945110770
.aidrestore.com/	1970-01-21 00:13:08	Name: _pubcid Value: c2aeff74-3809-4eb4-800f-5c58769e3dba
.hit.gemius.pl/	1970-01-21 00:56:20	Name: Gdyn Value: KlG30MaGQMQGHdc8-7L18MRUssGMM14iL6nxmGB1tR9tl5aUGsRPtP7iGKGGqryigGlGEoG2GxGxDSy8kABUGGMS
.doubleclick.net/	1970-01-21 00:49:08	Name: IDE Value: AHWqTUlhpC7SroDlykhqA9LDVX4KAgVe0xMNDFNlsqiYSUPwI0TcYsAx9_19vCM6fko
.tiktok.com/	1970-01-21 00:05:56	Name: ttwid Value: 1%7C3To2J2AxTuLN0pbbBOTMpGIbNEn2Z3UFFo7nGC7Vv14%7C1697252548%7Ca0f6094dd4eadeb5172b79d1bff37e607a8c9a396b10a65eaba087f425e0ec11
.aidrestore.com/	1970-01-20 15:27:36	Name: AMP_TOKEN Value: %24NOT_FOUND
.get.aidrestore.com/	1970-01-21 01:03:32	Name: _ga Value: GA1.3.1932489114.1697252548
.get.aidrestore.com/	1970-01-20 15:28:58	Name: _gid Value: GA1.3.1528576055.1697252548
.get.aidrestore.com/	1970-01-20 15:27:32	Name: _dc_gtm_UA-126238864-1 Value: 1
.aidrestore.com/	1970-01-21 01:03:32	Name: _ga Value: GA1.2.1932489114.1697252548
.aidrestore.com/	1970-01-20 15:28:58	Name: _gid Value: GA1.2.1528576055.1697252548
.aidrestore.com/	1970-01-20 15:27:32	Name: _gat_UA-126238864-2 Value: 1
.aidrestore.com/	1970-01-20 15:27:32	Name: _gat_UA-126238864-1 Value: 1
.aidrestore.com/	1970-01-21 00:49:08	Name: __gads Value: ID=acd6303b414344e3:T=1697252548:RT=1697252548:S=ALNI_MZR2hXy5EHqdDRA17syxlMX_Wn6MA
.aidrestore.com/	1970-01-21 00:49:08	Name: __gpi Value: UID=00000c97b0ad1893:T=1697252548:RT=1697252548:S=ALNI_MYINFaMm0ER0RwJaUnI6Fqr78_Egg
a4p.adpartner.pro/	1970-01-20 16:53:56	Name: apuid Value: 12b7c219-3fca-48ad-a1e2-9610e239dd69
.adtelligent.com/	1970-01-20 16:56:49	Name: vmuid Value: 5c68ccd97b028698
.trafmag.com/	1970-01-21 01:03:32	Name: vid Value: 1310713663674769
.adtelligent.com/	1970-01-20 16:56:49	Name: a307558 Value: 12b7c219-3fca-48ad-a1e2-9610e239dd69
.aidrestore.com/	1970-01-21 01:03:32	Name: _ga_XWZZ6T1NQW Value: GS1.2.1697252549.1.0.1697252549.0.0.0
cookies.nextmillmedia.com/	1970-01-20 15:37:37	Name: NMUID Value: csuid_53c2c722-b608-4718-8e2d-06ea7e99fa4c
get.aidrestore.com/	1969-12-31 23:59:59	Name: IdealmediaStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1438379%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221697252550942%22%7D%7D
.byteoversea.com/	1970-01-20 15:41:56	Name: msToken Value: RNwIge6uiDsyqgr-ccRsC6G74g90JK90DoeP4C9CHvaBgrtzMFQzdIrsMWqHKW15KCAaS6IozHNTX153syagiDptS3K-fWMpAA438y-Al2k=
.bidr.io/	1970-01-21 00:56:06	Name: bito Value: AABR607KVAoAABi_MhXaZQ
.bidr.io/	1970-01-21 00:56:06	Name: bitoIsSecure Value: ok
live-ictv-02.mw-01.cosmonova-broadcast.tv/	1969-12-31 23:59:59	Name: sessionid Value: nZyHoOKollSuxUfbpoibaBcqrMgQWWNB
.tiktok.com/	1970-01-20 15:41:56	Name: msToken Value: k2OCLQZNliseI601mUdniwVYGv401_CSwfaGZgxSXV4j-eL7XsZeLeZAzq3dwjwPJxeB0cVyC_-SeXnrRFYEpfPZja0BrphS-eDfSv0Bee-PI7rSn-g0

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://get.aidrestore.com/w1/js/gpt.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://get.aidrestore.com/w1/js/gpt.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	error	URL: https://get.aidrestore.com/w1/index.html Message: Access to font at 'https://fakty.com.ua/wp-content/themes/fkt/dist/fonts/Inter-SemiBold.woff2' from origin 'https://get.aidrestore.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fakty.com.ua/wp-content/themes/fkt/dist/fonts/Inter-SemiBold.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://get.aidrestore.com/w1/index.html Message: Access to font at 'https://fakty.com.ua/wp-content/themes/fkt/dist/fonts/Inter-Bold.woff2' from origin 'https://get.aidrestore.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fakty.com.ua/wp-content/themes/fkt/dist/fonts/Inter-Bold.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://get.aidrestore.com/w1/index.html Message: Access to font at 'https://fakty.com.ua/wp-content/themes/fkt/dist/fonts/Inter-Regular.woff2' from origin 'https://get.aidrestore.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fakty.com.ua/wp-content/themes/fkt/dist/fonts/Inter-Regular.woff2 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://get.aidrestore.com/publisher/fusion/lucid/data/29?email=&visitor=&stored_visitor=&pnespid= Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 504) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://bid.adsinteractive.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D750634%26extuid%3D%24AUID%26gpp%3D%7Bgpp%7D%26gpp_sid%3D%7Bgpp_sid%7D Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.553/index.js(Line 3) Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

55a57e9b44b0c73b88dfae876d3445f5.safeframe.googlesyndication.com
6517501.fls.doubleclick.net
a4p.adpartner.pro
aax.amazon-adsystem.com
adservice.google.com
ampcid.google.com
ampcid.google.de
analytics.cosmonova.net
ap.lijit.com
api-esp-eu.piano.io
autocounter.idealmedia.io
aux-log.adtelligent.com
bid.adsinteractive.com
c.amazon-adsystem.com
c.idealmedia.io
cdn.fakty.com.ua
cdn.onthe.io
cdn.plyr.io
cdnstat.net
cl.imghosts.com
code.jquery.com
config.aps.amazon-adsystem.com
cookies.nextmillmedia.com
csi.gstatic.com
d.adtelligent.com
fakty.com.ua
files.bidmatic.io
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
get.aidrestore.com
ghb.adtelligent.com
googleads.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
jsc.idealmedia.io
lf16-tiktok-common.ibytedtos.com
lf16-tiktok-web.ttwstatic.com
live-ictv-02.mw-01.cosmonova-broadcast.tv
live-ictv.cdn-01.cosmonova.net.ua
live-ictv.cdn-03.cosmonova.net.ua
live-ictv.mw-01.cosmonova-broadcast.tv
ls.hit.gemius.pl
mcs-va-useast2a.tiktokv.com
mon-va.byteoversea.com
mon.tiktokv.com
mssdk-va.byteoversea.com
mssdk-va.tiktok.com
p16-sign-useast2a.tiktokcdn.com
p16-sign-va.tiktokcdn.com
pagead2.googlesyndication.com
player.adtcdn.com
player.adtelligent.com
player.bidmatic.io
region1.analytics.google.com
region1.google-analytics.com
rtb.openx.net
s-img.idealmedia.io
s.adtelligent.com
s0.2mdn.net
securepubads.g.doubleclick.net
segment.prod.bidr.io
servicer.idealmedia.io
sf16-secsdk.ttwstatic.com
sf16-short-va.bytedapm.com
sf16-website-login.neutral.ttwstatic.com
stats.g.doubleclick.net
sync.adtelligent.com
t.trafmag.com
tpc.googlesyndication.com
v16-web-newkey.tiktokcdn.com
v19-web-newkey.tiktokcdn.com
vmweb-va.byteoversea.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.tiktok.com
fakty.com.ua
108.138.1.25
108.138.9.235
116.203.212.0
142.250.186.130
146.59.30.96
146.75.118.113
157.245.23.44
172.217.18.6
184.24.77.28
184.24.77.6
185.83.71.234
185.89.211.12
188.114.97.3
193.200.65.5
2.16.1.35
2.16.100.171
2.16.238.148
2.16.238.9
2.16.62.75
2.17.22.24
2.21.20.206
2.21.20.216
2001:4860:4802:32::36
216.52.2.86
23.20.186.144
23.36.162.200
23.36.162.219
2606:4700:20::ac43:4468
2606:4700:21::681b:c358
2606:4700:4400::ac40:9281
2606:4700::6811:c276
2606:4700::6813:9722
2606:4700::6813:9822
2a00:1450:4001:803::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2001
2a00:1450:4001:829::2006
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2002
2a00:1450:400c:c0a::9b
2a00:1450:4019:800::2003
2a02:4780:9:1024:0:1d4a:9c7f:4
2a04:4e42:200::649
2a06:98c1:3121::3
2a0c:5c87:5205::2
2a0c:5c87:5236:0:a236:9fff:fe1b:b5cc
2a0c:5c87:5239::2
35.227.252.103
45.133.44.3
45.133.44.4
51.83.220.94
52.31.110.112
54.37.238.28
67.220.182.50
88.221.110.123
88.221.110.74
95.67.116.178
95.67.116.179
95.67.21.154
95.67.21.157
95.67.6.36
99.86.4.128
01a8aa0fca750ca898766fddf3439d468cf0f1442f73fa6c9de1ae8460796816
03bdc578df22c63b243c4f3e898dd7d083c65b24205260541b0abc072cc38e5a
04d10348c58f3bb013b99ca02fd501a614a50290547bc52f2187a4fb1e6cfd62
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08eb398951b430f85a1e6a49b7225dcc35857f428d1c052bc604fa4c51a637e7
0aa826bcffa98b1dde25c4c6a3ad104ddaf7fd0241c229e5b13a8149aa6e164c
0d1bbddcc8c3e9a620da765ca70c17199e87ed9e46be40d2e9aeda1f42c3796b
0efd224d2e47c15c4b9c563f2004fd97a96b635073158a8135cb55c017570700
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
1423256e88ae5abfc93d256b2b9af5155d8c7738a2a7387ced72f8947366be63
1487bfed1f532d8cff7ec61ac6bb53dc91e8745905444ba4fdb237eb19071cf0
18e951b83864d4449c50d525059d590050472172b9bc5da318117d5063c191d1
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1c7ffc01cef95bfad089258bb39a526664df2a843e805d74d373c3071aaa2ed0
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d21c7c4a5231e2baf41c4c0f580cd87bb0536d8feb0e20be417870875c99963
1d9f90ee3dd7bc95a5d1ccca7cdfd6590e47f237cdf86f44198ccc8a3ffa056e
226097c62636778bbb3c6432474c9cc7aa391fb57d7daac19b72b01cdd2b6ecf
23162f6e2b9ad48c0c58da1ec5a40f250d5cfcb13f8ff666bb096502c4a44d63
23b81f55e6fd4215f7c8fd7c0a7a2f5ef6aff57637efb0463352c4a31298d63d
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e
247833fd800b77ae536ad12fca19bb3db247a0ac21592aaef6c68c39c106d299
25ed710c5c08b3eb5102ecbba0e12a27431aea1743cd5934ca1304293df57fcf
265cfd4e7cf6e19df72e987d49834238c8a08cf0b1a29943428f2a8c038d81fb
26785e70600dba464ae93812a1a1b53e29312999886d3f7dae11c9684bc2ae28
276f6d51adcb28b24b4b9cf939ed6e09b7599397a806a78b699280256b5f83c0
2895e5ed5c744e60706d7b9ca2659c79555abd6a8a876b547b82bb89299fc6a3
2bf1afac1d651978906520edd4162be71de95b96047e42a14f87151a1cfb92cb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eada3ce12521827f8b5f3ec2b1091f5d90d1839f3c1da4552e93775d416c9ba
3092d518851dbfb0f62fb54828de6377929d8280e0037d11b1c9c3931a1089d9
33aa4f83800a699238869702a6a56ec611684fb3592e42f5165d3cdf1b877773
34260d62205054960d6ece5faf62f1f2dab3312fc1d80edd6fffa76d8949098e
342b70afd8bfc82906c029aa5c8017bd9f184d3799acdd845e8be57772825e01
358c537a7111049614be1a5320eff95ea8fc7a0a696be8ca8aba53715d1559e8
373d207f564c4107239edf636155370438a37dd81fa768e86c35f8474318d145
3b8d5b8fbc1d13a05f2a9e393e66a77fdb69f0418a6c0c7802541b8ce06a8a1a
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
3ddb8380ccd9f6363f3405f93fcd4a9ea184e41ec0afd86b601eb09d512fc539
3e170063d878f769c0ab2fe073f6200f5100380e34e1cd98f67b42edf22a21e3
3f874f5d64bf52611e97f98c9f8e869354837cbb961dac846aa356d237c98055
40b67984996e8900f9ac7c38ec2954f50c7394411c3d785d9eb1ae4f419cc2dc
4152910b13961b0102aa8bcf50d5f02c7def843989cfd0f146d98cc6baa4cec7
41f4986a05b867fd17b4569e8ed575ccb37a5e225373dd081d6eb425a97209b0
437fb8f9e914698b2ec863a3c7159d9117c3f7b4ee4f08bf55e5db086b4b8628
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b1a9d0a7c7ef21acaf8dea42010bf0ec7fb6ee41b4908e096b9e5159c813de
47ca9ff5e5d3c4a3ca42d3cb20d29c6dfd5a6e04c10e1abff2c1ab33c1d2c31c
47cf724a03e0903a996c75f997b08f636934ddd28848dfdbae0ca55827338585
4818ea917355765ed93ec2cbf3c8d833117550d025e3c37cc4461f18c4b31d81
49223159698b68891323f82dd08cdfa99876675b3933ebf3b243df54a31a2552
49757859a79c25a49934f727085e702048990a46173a21a76cd0bcbdcecf72b1
4a4a437a83282a3c2c07876afb07ed026a8fa5f9ee3fae1547deaaf9c3110339
4a661eca2ceef3564880a93b74708422f6c8c35e1b3d2aa33ee3698df6939780
4d07ca5ea64fc30cf056556997721e30cd72321a323821404901646eb9c64008
4e03740b66e0021e553fd2c582c71cc1e2a53fa7999ef0cf3be8af6a3bcae35f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5125c532a41778eccf863693f51dc85812af45d0bcf028c8b077cb678a96e550
52a37b3a78eb5b59df3bdb129b9115c6fed9bec6ca62b55ae56d8c2701de5972
5427b201e73d5c81238ce14de4badd9d0a724e8f7cbe55f61e2b03d5d7cdf74d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5689e516ed10f452b02fa2e9064f81961c2eb78521d8353d02a6f1acb46dda2b
5747997d80825cbafcdbe5ab97d7b5502c06b1aae85fed9610845348b3da4d98
5ac2037030385ad8cf10e486b44475d778eef2e2a377751fbf3c938fd3991b1c
5bc5737d832b26ccb0f1f4d51999f8bc42eaa2a7935d920f6186ee9c6e580a9f
5e49da4053e090df0cae812179c65e9b49915e8081655d92eacdaeadfd2b49be
5e4c349c87b338421cf6f805efb8cacda5b466b12d1678dae2dac913528b3572
5f5beabf59a0f4c1c28f05dd34047cd1f401f146b85eebbaa7ab8d971f075e64
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
64264260a51de96cea8d2583d39bfe8455cde9c1f4257707a7b8905c00d716e8
6793fa2f8d1a76e1ff51f8a83ecf5aa7ebbdc5f422196c1cdcda31f496d4d41e
6820dc5a852a390b26eaa791f6f9f9b976fa0ba6c17412089b25946d7d9de99c
683333e3e22d42e0b0e9e769a8e2dae6904ea75670b8fedfcf18c50fbddbcd69
69113c0e84a726b187354203565f678b58b6163701efec6e6380ef02a52792b3
6939afaeb559a7dd48bf40e39170c0f5ca2125984aeaca978d9491801f717bb9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb8d4d7ea931562e91509fc2ef781a07e3057d01db71802b5f8ddf39eba5502
6d4633126f96b944cb7d1beee10a7b2602ec2bc6e9e0fe8d350e6dd7acaad8fa
6d4bfe066ed177c4142585619c61a567a3452d2a690020ed7e0a968d8a973b1a
7088bb37c1b84631bc9be0e40fdf6672a55f05cf6672be6d972039c269d4ca60
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
735aeb40df368e4e7476c6a0fbc6bb19e1bc3b57ae2ce6deb58e68c6968fcb6d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7520bda9576b519df3561d67722d95bea0bfb8f644b8b83b38b663138d62cd68
752defaa2948795aae8f114822045300f32a91ae8e256e66719ad4a17c7dd0f7
75548f6f9def97a9d3418586ed74ff0d4893cd6c18ff8463a26a62ba85a3ca9a
7656678023208dea7de0ed07aceb3d4f5edf6171f002e97b792618863323a10b
787abd6ff6fcd7934e6aa6c400ed253127ca1c23f1f5f1d77843e0f76afe06bf
7941202bc792f9125d713040a0c460c06fc48eda478112850490c19048978237
798d22c9c2387399b84903c46c89ee2962b89b7d3f615abd5e34c36eecdfdbfb
7d8998f6ba1d244231957cd560b2e8294d631f5b9442460b75d1d2251bcbe110
7fb5c5c1f21c6ce7d4674394eee8f6b382c65598d02eac7146963abf4da8608c
82140abb49d323ef675484f9ab07527f7ec42f1abba9710fdeed2cf036891956
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c7a4e13dbe7a711b0575c322c375f2717132312127ea688b30aff0831274c6
8492b4530a342b62ac26ceecd894cbee838d6f8140f2645b15aa75905bcdbb33
87a3e8409701453bb601a62c9e978e383425a1014eeb86cd5b10769491e90ba7
89330d11a8f55e01099ad6c42811784812a7633b989f5da7004929814f838269
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8b62de03068904e1e690299925e027ad3cbdb24caefb76c40622d4d24dee8768
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8db29e39860f19cafcdb7dc925c19de075abee842e86962b6eadd1f0fc7a63c6
8dbbc199d667fe79425f746a9a4a3be0af7e42d75ce2082710948faf007b079c
9262e839f4c7c9b5e1cb0deba52da92e24a970538d9cc27a50d209c9dd626319
92976cb106e8f7ad8112d192a6159b08b31838bb76fb271ede2e87e80f654055
948190a15ae7d94bc1d62d16316370c5365c520310b32a4e3719a93d9a05f78f
948eaba16b885ca4a8cb13f0c402e5f5a4cddcf030e4f301d189ecae1fbe9c22
9505938b9a195a344f5ac26e5b162d75f4014b93f8aa1a8181180ee017191239
96496b75f7f73ce0b91a714e861fbadc655056c0d47d85c71d17c4a7e8c2e10d
97ba96015f89109ed49c2f6c3dccc4f0ddd168c8adb8de8d2f25f1898a212bc4
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9e37790c25ccfead1b161fdc61be45f9d8f5954ffb428d8ba66d434d86db15d8
a0406a8ea4f9ad15938e0dffcac791c69f3e645e4fad41a60ee21ec6b5d61094
a42d640dc340d4ed80df1fc5540048e91057b00bce17d2ba587f2d78ba9fb3c7
a5487f3313aa5596105b724cb1c3780e0f8d366dd267b9ce151be67730b95aaf
a7ddea37ae56f107f6edf488f071ea6f12b0965d8deb896ad3fd1de505662483
a86c3552c9a2a6744d4f086449a0edb001e9189dc70c2b37d849f6473ddbf725
a9f2f7ad522f41e86ac8dbc907d37db9cd7bdd5f3c9dc4dec9b3f7deb48ffe59
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac1c7a65b75de20df65470d4902f38023bc4a0e046929e0ba63c071aafcd11bf
ae5c0caafe32f95d54cf598339614f4612448e531a9210640196961273411a4c
aea91dbfe71cc8b28ffd85be6f56ae2ae5ea38738412be3aed367ca309ed1fcb
aeb326fe39cd7c553456564c31fa935d11b567785d9bbaa9ba60225e9319528b
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b097fc471c067f5960fbf018f38f1e00396bb71612d79be26976b8f18cf8da26
b1ce8b770417c09e1bc6bbb3c943237ad76dd445614f66d47f7e1a4a2cc34785
b214dc82c962420f9799acf1593704684728591457a7aa6e5c66d90e5ad99ff8
b396d8a5787ac71f0a45383d1973e561aa7ce4622e704ec11f59c3cd8be89bbf
b4065e452222f471b3c4af12dc6e58e7782cfbff0f639b1a4bf1d2ac23525f17
b4d1c0ff466f2f792783cfeed6069dbafd435f92237841e554b4dc673b00545c
b528d86a58ebfafb02b2243357d9d379d4377b06b38fa70ebfd37d699d61c928
ba77d701b3b7bf79c34f1b48230081f7e2bfac2981f66e897fb5d93f65a711b7
ba99b322bb33b25c14acad374a4f2ff955a7867e0cb9dd77bf610881fa7b8fb4
badcecc1ba070d3798e5baa16b846ff09359d82fa168c0ec66210d3d4265e35e
bba353679a3866d7ab5a3312dade07c3fded2e626423ed686a76b7496b0d0242
bcb7aa122ab0fdef3cd8219ffcf7dacb1127469f6f2a3b7dd39cff3650d3c449
bdb4df87183382ee675e7b7abeddcad14ca9823c25c3c7594d3804ad7f4ce475
bf7c29ba6b114fccc56922ddf59a221d92542b388cf4a2b26ba34b2831901ad0
c0b1c3c6995c24eabd1a6fcc4f00523e022b546cf1fa4fce6c30d04763244d1b
c0b7da848f190d3140cc4c1731426b5e7fa1e731da6b275c80e8934d98c351fc
c2df89191160fa68f2787c549ac0c3a93a185d5e1347a14927bd280b7d6496ab
c30a4fd1c29f97a7bf74bbe9b69baac489722ce3f06968f7537ee0d56227bdee
c4c0dbd56ce4aa05934063e014daca865dd381ed92fc34902031752ac29b21c6
c5743a640f5838518f2e9642b50e20d0df49991d91de1a491ac946c73e52cca9
c591934172d5a7679c8d5bb51ea2f631f7e3839626f5e186bcf05034878b76c9
c59a3960888d96b3748601b9b77df171bafa3d53289ec4b8b6db3d474e9a39e1
c6f39b8414c617d4b4cf01b8f7601075fa792741e64c536b899ed8343451abd3
c793bed96a1cbf28467d383a3c9c82ecaab7261887bf1f87fd67ae97cbc90502
c84c4aad06938ac68ac600fd49f8aabab04dd2d01c709ce5a60e1c6032dfa709
ca0820a63d0f72f2ecc25d055b7c11b38015d108deb19483da303b28b331ee9b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d29c7fb7752595a7345a95774182e54d31d1002ee13169be7af77f9b9c52314a
d435327d2b0de67e1043e104e53657c63d443fa14aa5bf11bf916cb04d6a9ab0
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
d858782d53337cb280fd29487a8c25544984a1abc8619d4fc3535e4458101d1f
d9afabf4a36224312d137fd3a3e1b0131935b4ea0cac1efe0bd3fe1c73ac1c2f
dbdf0e4d620bf3b669c47bdf60885c03a80275cac576951a9cb863d6e37854db
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd91c48149a390760c11b12d3e05f0e1ca24129eab37a03cb9a27cd33b35f449
ddf9968abe307e0e2e966fe44ec381516ad99d9073203dec541e0e7b9904710d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e01eb749e755784605efbc23b891ff3ba9d645bb24b603697e315c16076e539c
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e2a55d8b61c7ca7f343862f3899b5ca2c24a7946ddf5d99c462e3b4fb60ce32c
e30b313fa4a5393e5a1d15ed3cf331349e32584227654320d0a58daa3a14d490
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40392e86c82f3bce196182c21ed8467cca4aea225e451db8fd16ca727fa52d8
e4b78af54754716d1fd791a952b01db1fa5f0004bdf25efcf7f85661fad58e53
e9de6cf1275e2335cae4231d25e6119cd5bb53cfadd831de5cdfc411de862c6b
ea23c355e90abfb08c2dc82dfe1ded590268401fa6615b8ea2d3f80d5cfe86e6
ed217f84a2f42753409477460b63ce2ed71c6447b9ec89aa0abde7f42ae5bcf6
ed2211063010466708a4737203d986534b7cf827143c19941b7ccbd36d214a5c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7e81de40cfacd52d4f50a4b106812f54199b6863c0f38d23d30beaa13ece77
f274477a928cb073850e676de511dea27235c39219ccded0a5e9d341717bab0b
f4852c9989535b26a978711ee9cd8e88638600d206e25a00fd49355b14736ba6
f53f372f689059afb73db548dec6c019104427f7796e7c352b394a5c1666dc22
f5e7ba83ca1221101feed3ba5bd80960a68e576235091899ecbbd7918df577ae
fb3a6ec39f712794344a7947b9aee57bec50fc446a9cf85adfd835ae967094f7
fc2b61cf28583354672e9ceb5b4c4d8e182e8e9e2003df6fa8723a1dc459fbd3
fd76979513895f43c55c613bb702d9674ff27e3f765ac9ada8661736dd9905a8
fe195aa91d880ebd436a3fbf8740dfd8549940d3aa277124406f3e13b267b71e

get.aidrestore.com Open in urlscan Pro 2a02:4780:9:1024:0:1d4a:9c7f:4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

401 Requests

65 %HTTPS

42 %IPv6

42 Domains

79 Subdomains

69 IPs

10 Countries

8192 kBTransfer

20175 kBSize

33 Cookies

135 Outgoing links

Page URL History

Redirected requests

401 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

get.aidrestore.com Open in urlscan Pro
2a02:4780:9:1024:0:1d4a:9c7f:4 Public Scan

Screenshot
Live screenshot

Full Image

401
Requests

65 %
HTTPS

42 %
IPv6

42
Domains

79
Subdomains

69
IPs

10
Countries

8192 kB
Transfer

20175 kB
Size

33
Cookies

401 HTTP transactions
9 data transactions