urlscan.io logo urlscan.io
SecurityTrails logo

vsim.ua Open in urlscan Pro
2606:4700:3035::ac43:d201  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://vsim.ua/
Effective URL: https://vsim.ua/
Submission: On November 22 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 105 IPs in 14 countries across 107 domains to perform 344 HTTP transactions. The main IP is 2606:4700:3035::ac43:d201, located in United States and belongs to CLOUDFLARENET, US. The main domain is vsim.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 9th 2022. Valid for: a year.
This is the only time vsim.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
64 2606:4700:303... 13335 (CLOUDFLAR...)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a03:2880:f01... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
11 45.133.44.4 7018 (ATT-INTER...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 2a00:1450:400... 15169 (GOOGLE)
1 45.133.44.3 39572 (ADVANCEDH...)
2 31.41.216.82 42655 (BESTHOSTI...)
4 2a03:2880:f11... 32934 (FACEBOOK)
5 2a0c:5c81:514... 55081 (24SHELLS)
1 35.214.184.209 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2602:803:c003... 26667 (RUBICONPR...)
1 2 185.172.90.252 49981 (WORLDSTREAM)
1 185.64.189.112 62713 (AS-PUBMATIC)
3 51.75.86.98 16276 (OVH)
1 2a02:2638::24 44788 (ASN-CRITE...)
2 3 185.184.8.90 204995 (RTB-HOUSE...)
11 52.30.129.185 16509 (AMAZON-02)
1 172.64.154.237 13335 (CLOUDFLAR...)
3 35.157.246.167 16509 (AMAZON-02)
1 4 216.52.2.39 32475 (SINGLEHOP...)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 76.223.111.18 16509 (AMAZON-02)
1 1 51.83.220.94 16276 (OVH)
1 62.149.1.122 15497 (COLOCALL ...)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
9 14 172.217.18.98 15169 (GOOGLE)
3 11 185.80.39.216 27381 (CASALE-MEDIA)
5 7 37.252.171.85 29990 (ASN-APPNEX)
2 142.250.186.66 15169 (GOOGLE)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
3 178.250.0.157 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
4 162.19.138.120 16276 (OVH)
4 23.35.236.201 16625 (AKAMAI-AS)
1 13.32.99.30 16509 (AMAZON-02)
16 2606:4700:10:... 13335 (CLOUDFLAR...)
1 172.64.151.162 13335 (CLOUDFLAR...)
1 88.221.168.23 16625 (AKAMAI-AS)
6 23.203.77.3 16625 (AKAMAI-AS)
1 162.19.138.118 16276 (OVH)
1 4 104.18.33.19 13335 (CLOUDFLAR...)
2 3 35.227.248.159 15169 (GOOGLE)
3 5 37.157.4.28 198622 (ADFORM)
9 52.223.40.198 16509 (AMAZON-02)
1 2a04:4e42::300 54113 (FASTLY)
1 2600:1f16:e61... 16509 (AMAZON-02)
2 3 185.64.189.115 62713 (AS-PUBMATIC)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
3 4 176.34.205.255 16509 (AMAZON-02)
2 3 34.254.143.3 16509 (AMAZON-02)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
2 2 34.111.131.239 396982 (GOOGLE-CL...)
2 3 185.86.137.132 201081 (SMARTADSE...)
2 54.195.100.225 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
7 7 18.156.0.31 16509 (AMAZON-02)
1 1 35.157.204.17 16509 (AMAZON-02)
1 34.98.67.61 396982 (GOOGLE-CL...)
2 54.246.4.228 ()
1 168.119.79.223 24940 (HETZNER-AS)
6 7 151.101.194.49 54113 (FASTLY)
1 1 13.32.99.109 16509 (AMAZON-02)
1 1 34.199.232.33 14618 (AMAZON-AES)
4 7 52.95.126.138 16509 (AMAZON-02)
1 2 88.221.168.166 16625 (AKAMAI-AS)
1 1 3.248.82.49 16509 (AMAZON-02)
7 10 69.173.144.139 26667 (RUBICONPR...)
7 7 18.192.2.142 16509 (AMAZON-02)
1 34.252.123.138 16509 (AMAZON-02)
1 2 185.86.139.104 201081 (SMARTADSE...)
2 2 96.16.141.156 16625 (AKAMAI-AS)
1 2600:9000:223... 16509 (AMAZON-02)
6 6 213.19.147.45 26120 (RHYTHMONE)
3 3 193.0.160.128 54312 (ROCKETFUEL)
1 69.166.1.12 27630 (AS-XFERNET)
1 1 147.75.85.234 54825 (PACKET)
1 1 54.204.140.125 14618 (AMAZON-AES)
4 7 52.46.143.56 16509 (AMAZON-02)
1 5 2a05:d018:d29... 16509 (AMAZON-02)
1 185.183.112.155 60350 (VP)
2 2 35.157.189.90 16509 (AMAZON-02)
1 104.18.36.94 13335 (CLOUDFLAR...)
3 3 37.252.171.149 29990 (ASN-APPNEX)
4 4 103.229.205.242 ()
4 6 54.72.173.47 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
10 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.165 1299 (TWELVE99 ...)
5 185.64.190.80 62713 (AS-PUBMATIC)
2 2 178.250.0.163 44788 (ASN-CRITE...)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 2 52.86.222.203 14618 (AMAZON-AES)
1 35.214.223.115 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 5.161.47.120 213230 (HETZNER-C...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 141.95.171.140 16276 (OVH)
2 2 141.94.171.213 16276 (OVH)
1 63.251.232.165 32475 (SINGLEHOP...)
2 185.64.190.81 62713 (AS-PUBMATIC)
1 1 141.94.170.64 16276 (OVH)
1 34.91.62.186 396982 (GOOGLE-CL...)
2 2 52.17.151.21 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 66.155.71.150 13768 (COGECO-PEER1)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 159.65.196.12 ()
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 16 34.247.233.198 16509 (AMAZON-02)
2 2 35.156.17.110 16509 (AMAZON-02)
2 2 64.202.112.127 22075 (AS-OUTBRAIN)
1 1 198.148.27.140 19189 (PULSEPOINT)
3 4 70.42.32.63 22075 (AS-OUTBRAIN)
2 2 35.244.159.8 15169 (GOOGLE)
1 1 54.175.24.238 14618 (AMAZON-AES)
1 132.226.63.138 31898 (ORACLE-BM...)
1 38.91.45.7 398989 (DEEPINTENT)
2 2 99.81.20.134 16509 (AMAZON-02)
1 1 20.127.253.7 ()
2 2 18.158.8.202 16509 (AMAZON-02)
1 1 202.241.208.55 ()
1 185.255.84.152 200271 (IGUANE-)
1 8.43.72.97 ()
344 105
1    2606:4700:3035::6815:3aed (United States)

ASN13335 (CLOUDFLARENET, US)
vsim.ua
64    2606:4700:3035::ac43:d201 (United States)

ASN13335 (CLOUDFLARENET, US)
vsim.ua
3    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
6    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
3    2a00:1450:4001:829::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
11    45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
cdn.gravitec.net
player.adtelligent.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
6    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
id.gravitec.net
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
cdn.gravitec.media
2    31.41.216.82 (Ukraine)

ASN42655 (BESTHOSTING-AS, UA)
PTR: dedic.dc.besthosting.ua
tracker_beam.20minut.ua
4    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
1    35.214.184.209 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 209.184.214.35.bc.googleusercontent.com
api.gravitec.media
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
1    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    185.172.90.252 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
1    2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
11    52.30.129.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
3    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
4    216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
ce.lijit.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro
a4p.adpartner.pro
1    62.149.1.122 (Vyshhorod, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
sync.adtelligent.com
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
adservice.google.com
10    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com
10    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
7    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
14    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
cm.g.doubleclick.net
11    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
7    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
4    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    13.32.99.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-30.fra60.r.cloudfront.net
public.servenobid.com
16    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    88.221.168.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-23.deploy.static.akamaitechnologies.com
contextual.media.net
6    23.203.77.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-77-3.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
lb.eu-1-id5-sync.com
4    104.18.33.19 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
3    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
5    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
9    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f16:e61:3f01:4121:4821:f664:be (Columbus, United States)

ASN16509 (AMAZON-02, US)
dmp.v.fwmrm.net
3    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2a05:d018:24:b002:eb7b:3a65:f7da:a48f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
4    176.34.205.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-205-255.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
loada.exelator.com
2    85.114.159.118 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
3    185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
rtb-csync.smartadserver.com
2    54.195.100.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-100-225.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
7    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    35.157.204.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-204-17.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    54.246.4.228 (None, )

ASN- ()
beacon.krxd.net
1    168.119.79.223 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.223.79.119.168.clients.your-server.de
sync.richaudience.com
7    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    13.32.99.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-109.fra60.r.cloudfront.net
engine.widespace.com
1    34.199.232.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-232-33.compute-1.amazonaws.com
usermatch.krxd.net
7    52.95.126.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    88.221.168.166 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-166.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
1    3.248.82.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-82-49.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
10    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
7    18.192.2.142 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-2-142.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    34.252.123.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-123-138.eu-west-1.compute.amazonaws.com
g2.gumgum.com
2    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    96.16.141.156 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-141-156.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    2600:9000:223f:a00:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
6    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
3    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    54.204.140.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-140-125.compute-1.amazonaws.com
ssp.disqus.com
7    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    2a05:d018:d29:3601:aea4:a386:c0ef:3243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
2    35.157.189.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-189-90.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    104.18.36.94 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
3    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
4    103.229.205.242 (None, )

ASN- ()
sync.mathtag.com
6    54.72.173.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-173-47.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
10    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.165 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com
d5p.de17a.com
5    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    52.86.222.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-222-203.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    5.161.47.120 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.120.47.161.5.clients.your-server.de
matching.truffle.bid
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    141.95.171.140 (France)

ASN16276 (OVH, FR)
PTR: bixel-6.cloudy.ovh
green.erne.co
2    141.94.171.213 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh
pixel-eu.onaudience.com
1    63.251.232.165 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    141.94.170.64 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh
pixel.onaudience.com
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
2    52.17.151.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com
ads.avct.cloud
1    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    159.65.196.12 (None, )

ASN- ()
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
16    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
2    35.156.17.110 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-17-110.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
2    64.202.112.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    54.175.24.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-24-238.compute-1.amazonaws.com
sync.ipredictive.com
1    132.226.63.138 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    99.81.20.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-20-134.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    20.127.253.7 (None, )

ASN- ()
sync.inmobi.com
2    18.158.8.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-8-202.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
1    202.241.208.55 (None, )

ASN- ()
tg.socdm.com
1    185.255.84.152 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
1    8.43.72.97 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
Apex Domain
Subdomains		 Transfer
65 vsim.ua
vsim.ua
1 MB
26 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 294
226 KB
25 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449
ads.pubmatic.com — Cisco Umbrella Rank: 458
image6.pubmatic.com — Cisco Umbrella Rank: 662
simage2.pubmatic.com — Cisco Umbrella Rank: 671
image2.pubmatic.com — Cisco Umbrella Rank: 882
image4.pubmatic.com — Cisco Umbrella Rank: 822
44 KB
22 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
516 KB
21 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 439
eus.rubiconproject.com — Cisco Umbrella Rank: 541
pixel.rubiconproject.com — Cisco Umbrella Rank: 307
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 861
token.rubiconproject.com — Cisco Umbrella Rank: 544
pixel-us-east.rubiconproject.com
37 KB
17 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1324
usersync.gumgum.com — Cisco Umbrella Rank: 1898
6 KB
16 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 2717
mwzeom.zeotap.com — Cisco Umbrella Rank: 2386
4 KB
16 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1118
cms.analytics.yahoo.com — Cisco Umbrella Rank: 835
ups.analytics.yahoo.com — Cisco Umbrella Rank: 280
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
6 KB
16 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 491
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418
13 KB
14 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 915
s.amazon-adsystem.com — Cisco Umbrella Rank: 279
11 KB
12 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1592
public.servenobid.com — Cisco Umbrella Rank: 3158
8 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 209
secure.adnxs.com — Cisco Umbrella Rank: 426
8 KB
10 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 691
gum.criteo.com — Cisco Umbrella Rank: 390
mug.criteo.com — Cisco Umbrella Rank: 2725
dis.criteo.com — Cisco Umbrella Rank: 631
10 KB
10 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 6186
ghb.adtelligent.com — Cisco Umbrella Rank: 6055
sync.adtelligent.com — Cisco Umbrella Rank: 4017
192 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 341
2 KB
8 gravitec.net
cdn.gravitec.net — Cisco Umbrella Rank: 24308
id.gravitec.net — Cisco Umbrella Rank: 143378
58 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 281
3 KB
7 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 533
2 KB
7 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
752 KB
7 google.com
accounts.google.com — Cisco Umbrella Rank: 80
ampcid.google.com — Cisco Umbrella Rank: 2085
region1.analytics.google.com — Cisco Umbrella Rank: 4753
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
79 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 465
3 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 519
3 KB
5 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1338
ssbsync.smartadserver.com — Cisco Umbrella Rank: 807
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 607
2 KB
5 adform.net
dmp.adform.net — Cisco Umbrella Rank: 4100
c1.adform.net — Cisco Umbrella Rank: 582
2 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 774
1 KB
4 mathtag.com
sync.mathtag.com
3 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 197
4 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 479
3 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 599
ce.lijit.com — Cisco Umbrella Rank: 862
2 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
15 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 139
198 KB
3 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 13081
pixel.onaudience.com — Cisco Umbrella Rank: 3206
2 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 695
2 KB
3 krxd.net
beacon.krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1283
942 B
3 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7303
loada.exelator.com — Cisco Umbrella Rank: 25718
2 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 400
932 B
3 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6054
creativecdn.com — Cisco Umbrella Rank: 612
870 B
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 723
354 B
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 790
28 KB
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 942
530 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 645
623 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 407
430 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 531
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2194
1 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 2779
894 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 745
s.tribalfusion.com — Cisco Umbrella Rank: 1840
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 665
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4495
562 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 693
1 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 508
stags.bluekai.com
912 B
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 744
sync.crwdcntrl.net — Cisco Umbrella Rank: 714
531 B
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 24650
682 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1442
1 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1315
752 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 587
cdn.indexww.com — Cisco Umbrella Rank: 1490
2 KB
2 gstatic.com
fonts.gstatic.com
32 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 623
57 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
95 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 715
144 KB
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1201
contextual.media.net — Cisco Umbrella Rank: 535
8 KB
2 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 7264
1 KB
2 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3108
adservice.google.co.uk — Cisco Umbrella Rank: 5214
1 KB
2 20minut.ua
tracker_beam.20minut.ua
135 B
2 gravitec.media
cdn.gravitec.media — Cisco Umbrella Rank: 43529
api.gravitec.media — Cisco Umbrella Rank: 33842
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
125 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
20 KB
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 901
1 socdm.com
tg.socdm.com
698 B
1 inmobi.com
sync.inmobi.com
619 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 801
44 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1152
293 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 830
465 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 510
388 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 355
705 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3659
465 B
1 bidtheatre.com
match.adsby.bidtheatre.com
534 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 708
518 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 559
191 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3009
104 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 752
612 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1298
283 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 16063
367 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5822
280 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6159
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 840
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 615
589 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 9541
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1358
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1589
286 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 881
191 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 857
498 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 495495
483 B
1 imrworldwide.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com — Cisco Umbrella Rank: 44056
215 B
1 widespace.com
engine.widespace.com — Cisco Umbrella Rank: 64662
483 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1870
359 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 929
356 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 434
529 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 10937
411 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 636
161 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1158
394 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 KB
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 8982
259 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 339
140 B
1 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2169
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 976
43 KB
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 leokross.com Failed
leokross.com Failed
344 107
Domain Requested by
65 vsim.ua 1 redirects vsim.ua
16 usersync.gumgum.com 1 redirects g2.gumgum.com
15 mwzeom.zeotap.com spl.zeotap.com
14 cm.g.doubleclick.net 9 redirects googleads.g.doubleclick.net
spl.zeotap.com
g2.gumgum.com
11 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
11 ads.servenobid.com player.adtelligent.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
ssbsync.smartadserver.com
10 simage2.pubmatic.com ads.pubmatic.com
10 tpc.googlesyndication.com securepubads.g.doubleclick.net
3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com
tpc.googlesyndication.com
10 pagead2.googlesyndication.com securepubads.g.doubleclick.net
3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
9 match.adsrvr.org spl.zeotap.com
public.servenobid.com
ssum-sec.casalemedia.com
ads.pubmatic.com
g2.gumgum.com
ssbsync.smartadserver.com
7 s.amazon-adsystem.com 4 redirects ssum-sec.casalemedia.com
7 x.bidswitch.net 7 redirects
7 aax-eu.amazon-adsystem.com 4 redirects spl.zeotap.com
ads.pubmatic.com
7 sync-tm.everesttech.net 6 redirects ads.pubmatic.com
7 ups.analytics.yahoo.com 7 redirects
7 ib.adnxs.com 5 redirects googleads.g.doubleclick.net
spl.zeotap.com
7 s0.2mdn.net vsim.ua
s0.2mdn.net
7 cdn.gravitec.net vsim.ua
cdn.gravitec.net
6 match.prod.bidr.io 4 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
6 sync.1rx.io 6 redirects
6 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
6 eus.rubiconproject.com player.adtelligent.com
eus.rubiconproject.com
public.servenobid.com
g2.gumgum.com
6 securepubads.g.doubleclick.net vsim.ua
securepubads.g.doubleclick.net
www.googletagservices.com
5 image2.pubmatic.com ads.pubmatic.com
5 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
g2.gumgum.com
5 ghb.adtelligent.com player.adtelligent.com
4 sync.outbrain.com 3 redirects g2.gumgum.com
4 token.rubiconproject.com 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 sync.mathtag.com 4 redirects
4 dpm.demdex.net 3 redirects ssum-sec.casalemedia.com
4 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
4 ads.pubmatic.com player.adtelligent.com
public.servenobid.com
ads.pubmatic.com
g2.gumgum.com
4 id5-sync.com player.adtelligent.com
g2.gumgum.com
ssbsync.smartadserver.com
4 gum.criteo.com 2 redirects static.criteo.net
4 www.facebook.com connect.facebook.net
4 player.adtelligent.com vsim.ua
player.adtelligent.com
4 connect.facebook.net vsim.ua
connect.facebook.net
3 secure.adnxs.com 3 redirects
3 p.rfihub.com 3 redirects
3 image6.pubmatic.com 2 redirects ads.pubmatic.com
3 pixel.tapad.com 2 redirects spl.zeotap.com
3 mug.criteo.com
3 ap.lijit.com player.adtelligent.com
public.servenobid.com
3 c2shb.ssp.yahoo.com player.adtelligent.com
3 onetag-sys.com player.adtelligent.com
public.servenobid.com
3 accounts.google.com vsim.ua
accounts.google.com
3 unpkg.com 2 redirects
2 creativecdn.com 2 redirects
2 cs.emxdgt.com 2 redirects
2 ad.360yield.com 2 redirects
2 us-u.openx.net 2 redirects
2 b1sync.zemanta.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 ads.avct.cloud 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 loada.exelator.com 2 redirects
2 pixel-eu.onaudience.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 dis.criteo.com 2 redirects
2 d5p.de17a.com 2 redirects
2 pm.w55c.net 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 beacon.krxd.net spl.zeotap.com
2 sync.smartadserver.com 2 redirects
2 idsync.frontend.weborama.fr 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 sync.tidaltv.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 static.criteo.net player.adtelligent.com
static.criteo.net
2 googleads4.g.doubleclick.net vsim.ua
2 googleads.g.doubleclick.net 3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com
vsim.ua
2 www.googletagservices.com securepubads.g.doubleclick.net
3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com
2 3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 static.xx.fbcdn.net www.facebook.com
2 pbjs.e-planning.net 1 redirects
2 fastlane.rubiconproject.com player.adtelligent.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 tracker_beam.20minut.ua vsim.ua
2 www.googletagmanager.com vsim.ua
www.googletagmanager.com
2 www.google-analytics.com vsim.ua
www.google-analytics.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 rtb-csync.smartadserver.com ssbsync.smartadserver.com
1 visitor.omnitagjs.com ssbsync.smartadserver.com
1 tg.socdm.com 1 redirects
1 sync.inmobi.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 bh.contextweb.com 1 redirects
1 stags.bluekai.com 1 redirects
1 px.ads.linkedin.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 pixel-sync.sitescout.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 pixel.onaudience.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 csync.loopme.me ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 sync.adotmob.com ssum-sec.casalemedia.com
1 ssp.disqus.com 1 redirects
1 prebid.a-mo.net 1 redirects
1 sync.go.sonobi.com public.servenobid.com
1 ce.lijit.com 1 redirects
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 engine.widespace.com 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 bcp.crwdcntrl.net spl.zeotap.com
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 dmp.adform.net spl.zeotap.com
1 lb.eu-1-id5-sync.com player.adtelligent.com
1 contextual.media.net player.adtelligent.com
1 js-sec.indexww.com player.adtelligent.com
1 spl.zeotap.com player.adtelligent.com
1 public.servenobid.com player.adtelligent.com
1 www.google.com tpc.googlesyndication.com
1 fonts.googleapis.com s0.2mdn.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.co.uk securepubads.g.doubleclick.net
1 sync.adtelligent.com
1 a4p.adpartner.pro 1 redirects
1 eb2.3lift.com player.adtelligent.com
1 prebid.media.net player.adtelligent.com
1 htlb.casalemedia.com player.adtelligent.com
1 prebid-eu.creativecdn.com player.adtelligent.com
1 bidder.criteo.com player.adtelligent.com
1 hbopenbid.pubmatic.com player.adtelligent.com
1 script.4dex.io player.adtelligent.com
1 www.google.co.uk
1 region1.analytics.google.com www.googletagmanager.com
1 api.gravitec.media cdn.gravitec.media
1 cdn.gravitec.media cdn.gravitec.net
1 ampcid.google.com www.google-analytics.com
1 id.gravitec.net cdn.gravitec.net
1 www.googleoptimize.com vsim.ua
0 cs.admanmedia.com Failed player.adtelligent.com
g2.gumgum.com
0 leokross.com Failed vsim.ua
344 158
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-09 -
2023-06-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-31 -
2022-11-29		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gravitec.net
AlphaSSL CA - SHA256 - G2		 2022-03-22 -
2023-04-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
player.adtelligent.com
R3		 2022-11-18 -
2023-02-16		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
cdn.gravitec.media
R3		 2022-09-22 -
2022-12-21		 3 months crt.sh
*.20minut.ua
Sectigo RSA Domain Validation Secure Server CA		 2021-10-18 -
2022-10-18		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-10-04 -
2023-01-02		 3 months crt.sh
api.gravitec.media
R3		 2022-10-14 -
2023-01-12		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.google.co.uk
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-09 -
2023-12-10		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-20 -
2023-10-19		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.minutemedia-prebid.com
Amazon		 2022-05-31 -
2023-06-29		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
sync.adotmob.com
R3		 2022-10-19 -
2023-01-17		 3 months crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
loopme.com
R3		 2022-09-26 -
2022-12-25		 3 months crt.sh
truffle.bid
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
*.iprom.net
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh

This page contains 64 frames:

Primary Page: https://vsim.ua/
Frame ID: 37A8C6BF657C43EAB54E24F3D8E0D295
Requests: 121 HTTP requests in this frame

Frame: https://vsim.ua/site_login/iframe
Frame ID: F1874BE0260A7FEB524EB7A847313218
Requests: 4 HTTP requests in this frame

Frame: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1669089600
Frame ID: 8903B2F1D527911E07BFBCB1C68F2634
Requests: 6 HTTP requests in this frame

Frame: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1669089600
Frame ID: D195A61C7A79D917B14D318BA3BCC4BC
Requests: 6 HTTP requests in this frame

Frame: https://id.gravitec.net/
Frame ID: 29559557010F6FABED29F307EBF57B42
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe356901380b14%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff1c04a0c5f5f5dc%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=250
Frame ID: CA4D897DB1DE793E1CE31929FABCD3DB
Requests: 3 HTTP requests in this frame

Frame: https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
Frame ID: E5A6779D3506504351363F6EDC81C4A3
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D738167%26extuid%3D%24UID
Frame ID: 16211B45C81CF46A5809E2CED4D8F92F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5FEB30D95473285DE84EEB077A5DB559
Requests: 1 HTTP requests in this frame

Frame: https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6324A7832597D35619BB3FE47C3E4735
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUbG0qKKaTzNojn1XelLCmtowbhKXUNJSQSQfyGucLlUE420ADS4t1mEe49AccdsiejKTmu_XBX2PQQF8I1NuCWv08Ak6ICMBna7NSAjFODjcYMRmsVWtFcFy1qrte96kKALt1_0OAQ7bxcXPhutUqwKDvoMfwiAg6WTEmBV3mzXiHkaexMfAd1MNvQOzYVf9XQvHWR9DQR6t_w3yV7HJ_9izm5xs-Dnh8casWodYCKOtkzye8TsAyfu6wbxsLu4tlJiUdy-2vaK702gUUdkCH_Pd89JIzeZxGjMCQtT7rvDZwbZehkhWOgOQ47wFdV-IIFYk&sai=AMfl-YS0uLrWgltvykIj-grG8mR9qdTGOvaERCow-DJ9TYFsI0la1mUhiiErH0pVRz2leAZL2Lqcy9S4GtACHnIpWehBEvQPTdagbiByApBFiORIASdImx5c3jT5BiVS7NsqY4ky1EBQXkXxw7wnLbnjU8o&sig=Cg0ArKJSzOAwdb4kyRNFEAE&uach_m=[UACH]&adurl=
Frame ID: 073C9BB070D95261929C0AE5C4C9DADB
Requests: 7 HTTP requests in this frame

Frame: https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D2BC6D0521C131A078E397253D071951
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYp8SmQjAB&v=APEucNW_VeYAQG9KxJ7oqx1Tb-OiE8M419eb1-CVENlTaNN5mt7s_b6-oIothGAuYQa1NHy3jvIZjBI53i9HMsJdBahzVGqcwa3FznHExdv7ZMfdO2AvKt9BnS0DgXfK1n2HJG7N4ZRcRRan_8DG1AtKA_UJX9_fRS42t-gubQ-xIgKa92y3x0c
Frame ID: 9A858B64E9AB16430C45CFD5A65283DB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AF62042DA37AC5777CA07160A21B04E6
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12702559889867613319/index.html
Frame ID: 5351ACF40F632CBB24B8C116859B7E32
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=vsim.ua
Frame ID: 304A3863C49935633D7DFDAD370E1985
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4180FD59E48051AD7D0D2AA6113DCF3E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E1D697B69EC471B3AA767BFB7DF7083F
Requests: 2 HTTP requests in this frame

Frame: https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
Frame ID: 4E74EDE25C60B0798F7903C306A6B1E8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Frame ID: D4E10FF1246BCF78558BA750D59B5524
Requests: 18 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1669098376125&gdpr=0
Frame ID: 48BFA093A57AC91737A5BF409598F90C
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 203CAC948F316FCB72B6518B2777266F
Requests: 11 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 9F2804232DD02634CF98E192ACE6DCA0
Requests: 31 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C2F5C4A0C51D92F544A85D13DEC39889
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU816538&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 7FB2B84E22EA6DF96E11815443ABB60E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: FFC68E1D2322070858574360EE9EB867
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A622564530BAD358C3A70B649FAEEDE4
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 9228A790F4F6917DC77155F065349A39
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 85BBC8F4D15DBC877A40752B8A077991
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 4EA0321ECA4D594C1597D3430A93055C
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: EF86A22AAE985707823EC6C089A65D5A
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: EAFC56E7AF6EC975FCA0C059D4621EFF
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 55210E91D457CEAEC1BE479F520EC881
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: F765371E781FC0FC06F34ECAC29B5BBC
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=55C44CE6-B7EB-4BC4-80E4-339E296A6928&gdpr=0&gdpr_consent=
Frame ID: 27B165E4B186B45AE725851E84F0E3E6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:610b637c-6b8c-4100-9798-9f27156ec81c&gdpr=0&gdpr_consent=
Frame ID: 31373FCB41AA76736EDC24058791CC02
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4282803907331353629
Frame ID: 2EF63676B0F561A812B8DBB99C91BEC8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 1686BBAB56FED336D54F91B013F20E9C
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=55C44CE6-B7EB-4BC4-80E4-339E296A6928&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: AE3CBAF677914B3DA4E3CF7E6E4FE82D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2956589636793389865&gdpr=0&gdpr_consent=
Frame ID: 7DC2BDF429F4E9C3061046388158CF59
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=RU5NsUUfQrBeHh_qFkhX4kUfH-ZeH0OxEElC1LWQ
Frame ID: CC83CB430C4435A5CF86B0642987DB78
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7168722951631337611&gdpr=0&gdpr_consent=
Frame ID: 1872B5E699DFC3FC2ADAFB5135123502
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 34960D8E3B6513A512DA6C5AAF589F53
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=efHenMQeRiJLOGH2afUxedmKxGM
Frame ID: 061DD6940C330DE9F4764D6A846B547D
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y3xriwAAALHDgQAW
Frame ID: 6DE97651250FDC737209EC3D016DDCAD
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: 4E7DE8EA0686F55D4D3A6B677C5832C8
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: DD1CB964823BE02C0C1C28512EA04AC4
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 33DF48175ADA27512B70E3FC43CB401F
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 030FBBD17700BA7406CF5F76FEC0C105
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7356187750
Frame ID: C6DC214FC18BE0091B3AA88F5CA52B5D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjYjhXnbYbVShQhYQ
Frame ID: 92753112063984B66D1B806FEE3FAB96
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 0AD71B7665C6899F6FC6D603FCBE07DF
Requests: 1 HTTP requests in this frame

Frame: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Frame ID: F067AB429EAE9BF7F833AA70BEE2A2A6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 7B6DBCD9F52B655F1DC3DACE8BAC08E2
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: F0C93171E92B7E3724048B4957D2B91C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=7dd9637c-6b8c-4100-8b89-a786fa776570&gdpr=0&gdpr_consent=
Frame ID: D164B2E4258D1497FA67291BDCD57E39
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y3xriwAJ5lscNwAT&gdpr=0&gdpr_consent=&_test=Y3xriwAJ5lscNwAT
Frame ID: 39AA3131CCB10A6AF5289C99C0B9F382
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yMmVjODU1ZS0yNzAwLTRhYjUtOTIxOC1iYjExMzU3Zjg0ZmE=&gdpr=0&gdpr_consent=
Frame ID: C87E891AA2EF93BFD437FA2EDDA40418
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=2956589636793389865brt51591669098379980988f1
Frame ID: FB4863D003DCB3713CF7EF5AB0F3AF81
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y3xrjMCo5s8AADmUF4sAAAAA
Frame ID: F21A3FD377F40A1376A6B82497EDAED1
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Frame ID: 6A6967E2A55105C95FA1F6CC89FE2BDF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y3xriXKz9flSJU7JTR71JgAA%263347
Frame ID: 9B7F21DC8CC05CC617813F00B11E97EF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=dzAvl8ok9QbcoKoF7EKp&pi=gumgum&tc=1
Frame ID: 962E0697304D8FBCA783410015CA42B0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 37981866AA4E3AEF544400697AAFED21
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Всім - Новини Хмельницького

Page URL History Show full URLs

  1. http://vsim.ua/ HTTP 301
    https://vsim.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

344
Requests

77 %
HTTPS

30 %
IPv6

107
Domains

158
Subdomains

105
IPs

14
Countries

4026 kB
Transfer

9622 kB
Size

147
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vsim.ua/ HTTP 301
    https://vsim.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://unpkg.com/imask HTTP 302
  • https://unpkg.com/imask@6.4.3 HTTP 302
  • https://unpkg.com/imask@6.4.3/dist/imask.js
Request Chain 105
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/vsim.ua/ROS?rnd=0.7077329279990474&e=300x250_0%3A300x250%2C300x400%2B1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.25.2&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&gdpr=0&e_pubcid=e4cbb508-838b-4d89-b211-5ca63600410d HTTP 302
  • https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.7077329279990474&e=300x250_0%3A300x250%2C300x400%2B1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.25.2&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&gdpr=0&e_pubcid=e4cbb508-838b-4d89-b211-5ca63600410d
Request Chain 122
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=46572021-51e9-4f95-8b06-bc9d5e4d73bf
Request Chain 154
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECTiWKOs9QJ8U09j4oOiRt8&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECTiWKOs9QJ8U09j4oOiRt8&google_cver=1&C=1
Request Chain 155
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y3xriXKz9flSJU7JTR71JQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECTiWKOs9QJ8U09j4oOiRt8&google_cver=1
Request Chain 156
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELOIxHSVcUWl2ArLFKEoSnc&google_cver=1
Request Chain 157
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk1NjU4OTYzNjc5MzM4OTg2NQ%3D%3D
Request Chain 173
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=vsim.ua&sn=ChromeSyncframe&so=0&topUrl=vsim.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=y_TMB3xPWjRsbHkrc0tTWWdIb2ZaU1B3b2wvdFowMnpPcWNSNVRpWW9TZzZwQWNYVmRiNHA4ME5RQ3BpTkZLYVpkUlhkMVB5M2VrY3dSa3llc3JMRVNlT3FCYklWNUlGcHBqcUtVU2RKYUl3SnhOY3Q5V0I3T1dwcURqSkNWc3ZzeG5Ca0VNVlZudFFVWTgrbi84UkdpSFdiWS9rMTdmUzlqU3h0OTlYUlh4aEQvQmdwTmhkMFRhY1Vnam5HZDdOa2tBSDNZSjRZZFY4Sm1ZRDZ0TWhGOS9xcDQzeVVweXVmT1ROWHhJRkVSc3k3NTY1L0NhUzRlMnNiTzFBVFp0TVh3bU53Y0xqRjJRZDdVYlo2YUUraXUwRU0xdz09fA&cppv=2
Request Chain 186
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=WOjZkHxodDM5VmtPWnhqN2FlUmt5NTZmcDFaZmVmNEc0cnZZNUJiRjNPcHE0NVJWNDBuc0xmWHhsS3dMbVByMXphRi93Sm95UE5aTWpVR3V5Q1hMR2cyK05jME9LYm5Mb0c3WkRJRngyNFh5ZjlrS2k4M1MyaDNqa2dHK1ltUlYzU2hydWk5K0lRWTVKME0wVWJjWXRsS1JORlRLRFZ1U3NIQStrdzcwVWpTZDMrcExhQ1hGbFVnaDhtODdHcXUzYlhGN1Mwa29laEI3S3RuazlJR0Y4T2JCdTlzS2tNOVFhN1loWlFORS9JMCtGNXpBWWtwWGFzOUtxZ2VJU2pWK3A1OVdDcHJFbGk2RGRKWXFVVzRRcVo2dlJWZz09fA&cppv=2
Request Chain 202
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7f05710b-71ee-444c-48e3-281599c01723%26reqId%3D976d067f-5f79-43d5-6f70-6d04fd71bccf%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7f05710b-71ee-444c-48e3-281599c01723%26reqId%3D976d067f-5f79-43d5-6f70-6d04fd71bccf%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=f20149ad-1a48-4ab1-9dbe-f1a52680f612&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Request Chain 207
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7f05710b-71ee-444c-48e3-281599c01723%26reqId%3D976d067f-5f79-43d5-6f70-6d04fd71bccf%26zdid%3D1361 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7f05710b-71ee-444c-48e3-281599c01723%26reqId%3D976d067f-5f79-43d5-6f70-6d04fd71bccf%26zdid%3D1361&rdf=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=55C44CE6-B7EB-4BC4-80E4-339E296A6928&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Request Chain 208
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=d390ceff-c1c9-418e-954e-3499d68cf197&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 209
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=7f05710b-71ee-444c-48e3-281599c01723&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7f05710b-71ee-444c-48e3-281599c01723%26reqId%3D976d067f-5f79-43d5-6f70-6d04fd71bccf%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=7f05710b-71ee-444c-48e3-281599c01723&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7f05710b-71ee-444c-48e3-281599c01723%26reqId%3D976d067f-5f79-43d5-6f70-6d04fd71bccf%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=27109401904770783323610277520197772849&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Request Chain 211
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7f05710b-71ee-444c-48e3-281599c01723%26reqId%3D976d067f-5f79-43d5-6f70-6d04fd71bccf%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7168722951630747787&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Request Chain 213
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=7f05710b-71ee-444c-48e3-281599c01723&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7f05710b-71ee-444c-48e3-281599c01723%26reqId%3D976d067f-5f79-43d5-6f70-6d04fd71bccf%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=7f05710b-71ee-444c-48e3-281599c01723&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7f05710b-71ee-444c-48e3-281599c01723%26reqId%3D976d067f-5f79-43d5-6f70-6d04fd71bccf%26zdid%3D1361&bounce=1&random=3730233429 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=ZUHdjeJjSaiOAYDoukjtC.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Request Chain 214
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7f05710b-71ee-444c-48e3-281599c01723%26reqId%3D976d067f-5f79-43d5-6f70-6d04fd71bccf%26zdid%3D1361 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361&cklb=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=
Request Chain 216
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-ne9Exh5E2orvpKzEa8YfZ4IMjldV8cdrBg--~A&zpartnerid=570&env=mWeb
Request Chain 217
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=icWJ9R5CXzD3o%2BzrkmOzB9zsUgIoecwY%2BS41iYitP1U%3D
Request Chain 221
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7f05710b-71ee-444c-48e3-281599c01723%26reqId%3D976d067f-5f79-43d5-6f70-6d04fd71bccf%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y3xriwAJ5lscNwAT&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Request Chain 222
  • https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.b7319be3-5a7f-49e0-9dc1-4e9497624c99&zdid=1361
Request Chain 223
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Request Chain 224
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7f05710b-71ee-444c-48e3-281599c01723&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7f05710b-71ee-444c-48e3-281599c01723&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361&dcc=t
Request Chain 226
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7f05710b-71ee-444c-48e3-281599c01723%26reqId%3D976d067f-5f79-43d5-6f70-6d04fd71bccf%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Request Chain 227
  • https://pixel.rubiconproject.com/token?pid=41544&puid=7f05710b-71ee-444c-48e3-281599c01723&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=LARU2TGV-B-BNSO&env=mWeb&zpartnerid=1770&gdpr=0
Request Chain 228
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=7f05710b-71ee-444c-48e3-281599c01723&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26gdpr%3D1%26gdpr_consent%3D%7Bconsent_string%7D%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7f05710b-71ee-444c-48e3-281599c01723%26reqId%3D976d067f-5f79-43d5-6f70-6d04fd71bccf%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=e235c23e-ae15-4462-a703-6e980a92b2b2&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Request Chain 236
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 239
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=2956589636793389865
Request Chain 240
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FsUCvBZHsW3IC6z2Quawi1D9
Request Chain 242
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1669098379720 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7103442912
Request Chain 243
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5141210822471222507
Request Chain 245
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=c88fa57e-361f-4da1-9afe-e5707d1bca6b&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 246
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-FT92SDhE2uFkvzp_jI5msoi0PeW36beBJhoQ06o-~A
Request Chain 247
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-722d943b-d41b-3e93-a769-2010ee5a012a
Request Chain 248
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-FT92SDhE2uFkvzp_jI5msoi0PeW36beBJhoQ06o-~A
Request Chain 251
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3xriXKz9flSJU7JTR71JgAADRMAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3xriXKz9flSJU7JTR71JgAADRMAAAAB&dcc=t
Request Chain 252
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3xriXKz9flSJU7JTR71JgAADRMAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ1H03CClWGGLioAg4wNwUU&google_cver=1
Request Chain 255
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588522214306720
Request Chain 256
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y3xriXKz9flSJU7JTR71JgAA%263347?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y3xriXKz9flSJU7JTR71JgAA%263347
Request Chain 257
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=rvvnn5sS1OXmJB5
Request Chain 259
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2956589636793389865
Request Chain 260
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=948e637c-6b8c-4d00-830e-ac687041833f
Request Chain 262
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y3xriwAAAC4NiwA7 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3xriwAAAC4NiwA7&_test=Y3xriwAAAC4NiwA7
Request Chain 263
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685624917709708
Request Chain 265
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3xriXKz9flSJU7JTR71JgAADRMAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3xriXKz9flSJU7JTR71JgAADRMAAAAB&dcc=t
Request Chain 268
  • https://c1.adform.net/serving/cookie/match?party=14&cid=55C44CE6-B7EB-4BC4-80E4-339E296A6928&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=55C44CE6-B7EB-4BC4-80E4-339E296A6928&gdpr=0&gdpr_consent=
Request Chain 269
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:610b637c-6b8c-4100-9798-9f27156ec81c&gdpr=0&gdpr_consent=
Request Chain 270
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4282803907331353629
Request Chain 271
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 272
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=55C44CE6-B7EB-4BC4-80E4-339E296A6928&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=55C44CE6-B7EB-4BC4-80E4-339E296A6928&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 273
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2956589636793389865&gdpr=0&gdpr_consent=
Request Chain 274
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=RU5NsUUfQrBeHh_qFkhX4kUfH-ZeH0OxEElC1LWQ
Request Chain 275
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7168722951631337611&gdpr=0&gdpr_consent=
Request Chain 276
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEbFkwN0ctTmNBQUJfYWVldjZMQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 277
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=efHenMQeRiJLOGH2afUxedmKxGM
Request Chain 278
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y3xriwAAALHDgQAW
Request Chain 280
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 283
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1669098379758 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7356187750
Request Chain 284
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DF1rNcAsvjYjhXnbYbVShQhYQ HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DF1rNcAsvjYjhXnbYbVShQhYQ&xl8blockcheck=1 HTTP 302
  • https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=f4bbc926189eba4319345ea9d6478370&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DF1rNcAsvjYjhXnbYbVShQhYQ HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjYjhXnbYbVShQhYQ
Request Chain 286
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VcRM5rfrS8SA5DOeKWppKA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 287
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7434637c-6b8c-4f00-b591-c63af60e8402
Request Chain 288
  • https://pixel.onaudience.com/?partner=214&mapped=55C44CE6-B7EB-4BC4-80E4-339E296A6928&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c3cb2e13158bdb3d/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Request Chain 289
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTVDNDRDRTYtQjdFQi00QkM0LTgwRTQtMzM5RTI5NkE2OTI4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 290
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM4ZYq7cKuE9XdzQZnO6F5I&google_cver=1
Request Chain 292
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8219110578663417217
Request Chain 294
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=a6a3f141-db91-47ba-baba-6cb258be1869&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e235c23e-ae15-4462-a703-6e980a92b2b2&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 296
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=55C44CE6-B7EB-4BC4-80E4-339E296A6928&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=55C44CE6-B7EB-4BC4-80E4-339E296A6928&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bMnFuKVE2uXL4XPYMJ97j8lqi2ekYL0-~A&gdpr=0&gdpr_consent=
Request Chain 299
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7340088740799050681&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 300
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9acebe15-93d0-422d-ae54-bf821aca8123&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 301
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2956589636793389865
Request Chain 303
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=cIu1SYUfTrGd2vY7GgVBmg&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=cIu1SYUfTrGd2vY7GgVBmg&gdpr=0
Request Chain 304
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjdmMDBmNTdmYjFkNGU4M2Y3MjM1OTA3OTlkNzVmYWFkZDRiOTFmNQ&gdpr=0
Request Chain 305
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LARU2TGV-B-BNSO&gdpr=0
Request Chain 306
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-csYTgU_SbiCUo8JgLVDBQ&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-csYTgU_SbiCUo8JgLVDBQ&gdpr=0
Request Chain 307
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFSVTJUR1YtQi1CTlNP&gdpr=0
Request Chain 308
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/OPg_5BXgm91NUqVazo0Y6g?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2925166907955467664
Request Chain 309
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECRC4QltFFfhQgY-hJrhDhw&google_cver=1
Request Chain 310
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=2956589636793389865
Request Chain 311
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_22ec855e-2700-4ab5-9218-bb11357f84fa&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_22ec855e-2700-4ab5-9218-bb11357f84fa&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e0e6f463-1591-4f86-8913-208893a78ba2&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=e235c23e-ae15-4462-a703-6e980a92b2b2
Request Chain 312
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-afddb1d3-1504-4144-4140-bee54711dc34$ip$217.138.196.99
Request Chain 313
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_22ec855e-2700-4ab5-9218-bb11357f84fa&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=lhRhJT_kvTnTIFLHTpZm&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT23DIKJUEUVC7NN3FI3SUJFDEYSCUOBNG2JTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT23DIKJUEUVC7NN3FI3SUJFDEYSCUOBNG2JTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=lhRhJT_kvTnTIFLHTpZm&us_privacy=1---
Request Chain 314
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5494976850
Request Chain 315
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=ibpGGaz9adT1&ev=1&pid=558355
Request Chain 316
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28Z89_TIpvmYvE2IHgulFyCb-HJ-mvCZ8daaWRrA8vY9pC70Ekg2DMjXkF5S5MPEuW%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28Z89_TIpvmYvE2IHgulFyCb-HJ-mvCZ8daaWRrA8vY9pC70Ekg2DMjXkF5S5MPEuW%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_22ec855e-2700-4ab5-9218-bb11357f84fa&obuid=ENC(Z89_TIpvmYvE2IHgulFyCb-HJ-mvCZ8daaWRrA8vY9pC70Ekg2DMjXkF5S5MPEuW) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3DZ89_TIpvmYvE2IHgulFyCb-HJ-mvCZ8daaWRrA8vY9pC70Ekg2DMjXkF5S5MPEuW%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26platformId%3DGUMGU18H7EL9NI653I7DPEH51%0A HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=criteo&uid=2a97cd70-2dc5-435b-aefb-4bbead8e8e58&obUid=Z89_TIpvmYvE2IHgulFyCb-HJ-mvCZ8daaWRrA8vY9pC70Ekg2DMjXkF5S5MPEuW&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&platformId=GUMGU18H7EL9NI653I7DPEH51
Request Chain 317
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=62ee2027-aa47-45cc-87e3-4a84055ee7d6
Request Chain 319
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=f23a0d78-6d5f-42d4-b0f9-7a31a2ccef14
Request Chain 322
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=89da22a7-8a8e-4951-b376-63d1372d85f8
Request Chain 323
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=3424312399685321405
Request Chain 325
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Request Chain 328
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=7dd9637c-6b8c-4100-8b89-a786fa776570&gdpr=0&gdpr_consent=
Request Chain 329
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y3xriwAJ5lscNwAT HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y3xriwAJ5lscNwAT&gdpr=0&gdpr_consent=&_test=Y3xriwAJ5lscNwAT
Request Chain 331
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=2956589636793389865&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=2956589636793389865brt51591669098379980988f1
Request Chain 332
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y3xrjMCo5s8AADmUF4sAAAAA
Request Chain 334
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y3xriXKz9flSJU7JTR71JgAA%263347
Request Chain 335
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=dzAvl8ok9QbcoKoF7EKp&pi=gumgum&tc=1
Request Chain 336
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 338
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1646830185
Request Chain 341
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADlY07G-NcAAB_aeev6LA&gdpr=0

344 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
vsim.ua/
Redirect Chain
  • http://vsim.ua/
  • https://vsim.ua/
180 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4911e9ac641a4e3ec510fe0adc58353be21fb997049d4574b0410ccaf139023e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, s-maxage=30
cf-cache-status
DYNAMIC
cf-ray
76df979a8d3d06a6-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 06:26:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rERip22qLdNPPmHnhL7vihuymODberAMOoOm9LyxFwloRPsaNv0Wm7SW2fZduvMKGjE0%2BUCJqtjZL7MY1isFLlfVPHBWDq02qVBJCuA8bkcGGkxCiuC68EhVwyXDNjPLDaQM4qaq"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache
BYPASS
x-dev
Desktop
x-stat
1

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
76df97995c6fdcaf-LHR
Connection
keep-alive
Content-Type
text/html
Date
Tue, 22 Nov 2022 06:26:12 GMT
Location
https://vsim.ua/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vL5prrlPL%2B%2F1Rf3TvrdVhY%2FQeXWj17aFD6WIAPGgFeCNF4zZACNcS%2BhSgAqTy3rSQBXBn%2FWJXtv5tlWEknqbsF2jyzTWZu5ox8xRcG29h7Et0h8l8Wg%2BanV6%2FhlVDHS5WhEzP3sX"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
3831ad9.css
vsim.ua/css/ 		630 KB
98 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/css/3831ad9.css?649f98ee
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e3a4e3aac810c6857f89eccb48c5417ae1ac2b466252741294b3674a40697eb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
581664
cf-polished
origSize=646956
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 15 Nov 2022 12:47:28 GMT
server
cloudflare
etag
W/"63738a60-9df2c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXt9GeXiYstfOISdeVdc7MFVUkSdpgJQ70hOuZ3VOqpcpUnyTOUY%2FhGZDukreIhchsWsrgr9Ufjsd6A%2FLpZkS5bmw5UOFzk3pnk%2FOuTTVfc43Ruqx%2FgI41Pe9afmKnUqsfUXFThU"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
76df97a65df006a6-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
Logo_new_vsim_v8.png
vsim.ua/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/img/Logo_new_vsim_v8.png
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8b9e3e8e1276c694f2cb8c6957a36d9d8ec542a8fd8d2166ed58d6897aaaa30

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2071946
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4716
last-modified
Wed, 19 Feb 2020 13:22:58 GMT
server
cloudflare
etag
"5e4d36b2-126c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uQAFjtzkgPt5JUmRfEsfSliX5Un8IBuv8K4g3BsxYAZxDrGTHGlnnahmmSobnSK%2BUjBOHOD%2FqxQgx%2FObMSkO4kwyyyVtuZvevGeTlPfEOqsZa9igz8EZg%2Br70DrIrVhhS1qRhfk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
76df97a65df106a6-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
news_today.svg
vsim.ua/html/20min-page/web/img/icon-title/ 		1 KB
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/html/20min-page/web/img/icon-title/news_today.svg
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd6bfabd983e40a92cd350180c9a98cd9e3f282335f73b2c2537ba3d4c9332d8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Feb 2020 13:22:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5e4d36b2-467"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkIGTt3ethsiFrP6ANCHg3pzNcJivZEvF2K%2FiJNFeOwXDI%2Bnc169cQVzWnm7p1DqdCTVpd5b%2FP7MTxdRFfFkc%2FftsqhKdweb%2BR0GxpD0rwowso4WDweLkc61D4JSn3WjC4AtNu3j"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
76df97a65df206a6-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
2ffb288b01e62323fba6f9c516649883310b012e.jpeg
vsim.ua/img/cache/reference/panel_link/0029/44/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/img/cache/reference/panel_link/0029/44/2ffb288b01e62323fba6f9c516649883310b012e.jpeg?hash=2022-10-31-13-26-52
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88b0fc3a3e6f93d2a2c3a067a55df5ec729f915c9502b3364bcce58f1cb9a17f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 31 Oct 2022 11:27:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"635fb107-2996"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qm8tLY%2FQ1WPi7hpb189yzHzr12sNq1EJAwYsjdHZ%2FdC0mbEWEqbm5VZym1yxzDu7MZSKYdVJvxtUj1sI4Qn%2BidFt%2BsGfefecJy2GF%2By7RztrEraEf91weoI8bgWYsm4FHNFxCum6"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
76df97a65df306a6-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10646
f5382d7d294a42cd552167d97e033f8d7c8ef3b0.jpeg
vsim.ua/img/cache/reference/panel_link/0024/75/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/img/cache/reference/panel_link/0024/75/f5382d7d294a42cd552167d97e033f8d7c8ef3b0.jpeg?hash=2021-10-11-12-24-48
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3303123e662ff6f0aab97d549ba72d289e29a064faa7b19211f681a10f48221b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 11 Oct 2021 09:24:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"616402e7-3925"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3gWl26BjrUCp6M7vOR7cV%2BZ3fommRQFC%2FmQOelCW5q79PyaGjORyDWyTzvAL%2FekqwXfYNIlvYWLf%2BXcLiQVrdCoEfe1KerRGhsjpHuKFMqdk7CeHpDDphf95fJLKjCVBJnQtilP"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
76df97a65df406a6-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14629
3a3e6097812f3a5e0784f2728ee992a773b286b8.jpeg
vsim.ua/img/cache/reference/panel_link/0023/71/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/img/cache/reference/panel_link/0023/71/3a3e6097812f3a5e0784f2728ee992a773b286b8.jpeg?hash=2021-06-23-20-19-41
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7b2c2ba81eef5c39dd8993cde57f790bdaf179e3d5a2132241b598233d13591

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 23 Jun 2021 17:19:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"60d36d33-124d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zm8Gk8DNwFjoCS8OAarJrTAa1V5tVnGBGUFRsuklR3OlUrheEEDAExNjFUecgj5KcZ%2ByQ4Qr3%2FHKNesgG0bQSo92xrfqMs4%2BC5XKDol1xbUOeiNMlZQKpjn8EuN5xI5%2Ban5TmiAx"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
76df97a65df506a6-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4685
8ffb14cb46cdb5fbc156e7ce18cb8c408f83e06e.jpeg
vsim.ua/img/cache/reference/panel_link/0026/31/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/img/cache/reference/panel_link/0026/31/8ffb14cb46cdb5fbc156e7ce18cb8c408f83e06e.jpeg?hash=2022-02-25-14-28-31
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf2c9137e521e1f030246115b742374c4594cc7facea8f516f19f44ffe05571

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 25 Feb 2022 12:28:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6218cb88-e27"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywKvwXWsJ2%2FGl0ksdz9%2BLQweryYRDvoQWXynRc%2BtW4kJs0E3q90XotT%2BZZNS%2BKt4n5724mbK%2BjAxvUv%2FkC4NLPnvegigQYICJLjc5vIb5D2JudtPYsJDbdtnFHSSrKeLpkZ01j0c"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
76df97a65df606a6-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3623
bg_img.jpg
vsim.ua/html/20min-page/web/img/ 		285 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/html/20min-page/web/img/bg_img.jpg
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12255186
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
285
last-modified
Wed, 19 Feb 2020 13:22:58 GMT
server
cloudflare
etag
"5e4d36b2-11d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4WM9cu59NlqJl3TNb%2BFFzQoT9n9zmgPJdBbTUTunJ6hiBSvvTE6Z6oGoIIJUhyg%2FQro8yydZK2EVYxhxVtfeZKP58Me3FvNG6WGCa4YsBjquLeCC9%2BOfljN3ztjWfa4MkVHMOsw"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
76df97a65df806a6-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
Often_comment.svg
vsim.ua/html/20min-page/web/img/icon-title/ 		929 B
963 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/html/20min-page/web/img/icon-title/Often_comment.svg
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e81753a8f9689cc6359d1219ef65e37e7827db414e82711378357de5377c18a7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Feb 2020 13:22:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5e4d36b2-3a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eAPZLSbPe9PG%2FibbIQ1lZjxrL26w34QRqfl090lFGCBamgeFccr7P8mwJhBqVpq6h97lWlNy5ydKgbSYMWhUejV950JuE4W61fUVTu3Q3YYOXdoNsgKihSZGO2yWLIauZ%2BEIaY5L"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
76df97a65dfa06a6-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bg_img.jpg
vsim.ua/html/20min-page/web/img/ 		285 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/html/20min-page/web/img/bg_img.jpg?649f98ee
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
581663
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
285
last-modified
Wed, 19 Feb 2020 13:22:58 GMT
server
cloudflare
etag
"5e4d36b2-11d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxExPOp285U5TAoLL6oxeok9g1xJCsofEg3XxH%2BBEuK41BN7Y5QcN6pCERQuT730ZBWXGagyfmARVL7pvs38BXXYKDO62J6shLaf2RaVgjkXh3zUOvUJFNha5Du%2BjXsybVw0oMXP"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
76df97a65dfd06a6-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
Newslater.svg
vsim.ua/bundles/twentyminutuamain/img/icon-title/ 		766 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/bundles/twentyminutuamain/img/icon-title/Newslater.svg?649f98ee
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f7395272e337bd77d47ff9ba8f42f01348f039527171842d0cd2f802e322721

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 19 Feb 2020 13:22:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5e4d36b1-2fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqceIcXWgyftx2Ewc7rWhfTNGi7r5uc6wuqqcKH5OGPW9nqTyYlsQfZAUJ1uaYtC6DVkWI%2FQGvNXZvNboA6c%2BEYqfyrN%2F5%2BrZAWC7X8eKop0mFW55RzI%2BNLmHv5ligoyKj7CjscN"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
76df97a68e1b06a6-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
iframe
vsim.ua/site_login/ Frame F187 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/site_login/iframe
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f58d69a479870f5f8d5e12fdb441edad4a723f84c755c806f9e67325baf242e6

Request headers

Referer
https://vsim.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
76df97a68e2206a6-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 06:26:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urn1sVy5OKIbF2MUb58j92DeJN91vlWN8LcgKFU80Eik6Su0EU8a3NCLv3kK9AETaMwiU79HI6XYGx%2BkihFqlSLITH9iotjJrhbMyUgFMipOVP3TTSSvG2GQ4S2EVFBASuMOL8Ek"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache
BYPASS
x-dev
Desktop
x-stat
1
EU_hor.png
vsim.ua/html/20min-page/web/img/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/html/20min-page/web/img/EU_hor.png
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0f3f63b8aa81276ab867ee8172db9e3f7a03df59f3c868670c35cd7c635c762

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12256316
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78494
last-modified
Wed, 27 Apr 2022 07:07:05 GMT
server
cloudflare
etag
"6268eb99-1329e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMO9wTLUPbZYx8frFS7Q8MezQ%2B8u8CmjDtGzDg5FqGNnAqnyNEJm9%2B2%2BGuikRA%2FNgSt9sJcfxSFxvRJDG9HcwmXofUyC%2Ff2F0HexdX3yPB2piAC9AybuKEDvaXr7H6R%2BpqUqSPhf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
76df97a68e2006a6-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
Vidrod%C5%BEennia-Logos-Horizontal-16-01.png
vsim.ua/html/20min-page/web/img/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/html/20min-page/web/img/Vidrod%C5%BEennia-Logos-Horizontal-16-01.png
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88b263a05e0fa2a8084852de8152c02ade2b1cb33a2d9bbb780a2d9561e48c63

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9489465
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13734
last-modified
Wed, 27 Apr 2022 07:07:05 GMT
server
cloudflare
etag
"6268eb99-35a6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4AtZYov85CijavpkEQIMjuXwLpQJDTQYxJz91mEagAiC0oHLnVrMpGscJkgymav6Y291mu1rfa0wGezBU9yV0ZZdjOtyCOaIsvjE66XokWnDF%2FeR4i%2BzeBP%2BAvbsyg9xcj%2B17%2B2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
76df97a68e2306a6-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
ANRVU_logo.jpg
vsim.ua/html/20min-page/web/img/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/html/20min-page/web/img/ANRVU_logo.jpg
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66fbe356f6e297ef03954cdb269883d5352c2463a0d3367ade4b077088658ab5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11395223
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
64782
last-modified
Wed, 13 Jul 2022 08:36:37 GMT
server
cloudflare
etag
"62ce8415-fd0e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Bk0fpzVweSFQABxhQq74dYWLTBOciGuuR0%2BHSCUvWbfxxkhhvEMWl0h3IR6LhJdT8C7K3QQ3S7MnZnxdCTqjsys%2FXsjNdvU1h4LkLGitPTpL0gCt8kICccGCJKtwj%2FEkOEWJwQx"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
76df97a68e2406a6-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
Push_notifacation.svg
vsim.ua/html/20min-page/web/img/sub_image/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/html/20min-page/web/img/sub_image/Push_notifacation.svg?649f98ee
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b50736d5ec0097525d6ff80d1b680bbbec44ada253b9f2c8171d76ec1350c28e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Feb 2020 13:22:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5e4d36b2-75a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qD%2BsNpqdQLDCCOPWWrP7D0DFhW1501lfzGl8OadTL%2BHwnKBAmRbPYBCEWhNj3EqH%2F8o59TACqYVSaRaF3oN131i2kd6qxk2szyqe63yIHwfd5fgRJl8S2P34pFd%2BM%2Fj1I36Q2vZZ"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
76df97a68e2806a6-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Instagram.svg
vsim.ua/html/20min-page/web/img/sub_image/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/html/20min-page/web/img/sub_image/Instagram.svg?649f98ee
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f42c410eba2c4dc22b4c39f686000a1a7093a01b84551a19ffc30b26c72a86a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Feb 2020 13:22:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5e4d36b2-884"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJp%2B43wEudDlvyeewTdy9V5VbuWm8vReTP8vOVvOA9wpBJ4Ael7wF63FnDkETknrJm4QdWmHWlboBz8qmorlXDaV34J6XSfXveeNMCSRxwtmN2j4768UZiRycQLWtk6GBv%2FJ%2FWFX"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
76df97a69e2c06a6-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Email.svg
vsim.ua/html/20min-page/web/img/sub_image/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/html/20min-page/web/img/sub_image/Email.svg?649f98ee
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eccd88565d076df2201301bafbec831407665672e90f547f4de6c0cf850be75a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Feb 2020 13:22:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5e4d36b2-aa0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOCaoQ7Cw9isPgH6m6g6pL%2BzCeuyBzlJaMOhe7%2BTLedEHBgDAfxuoUoeDUCzXBGvmulMQKE4xyLx9b4FdxrSyiVE8y4Hu1pt0eNaEpQD5bKYPdJTC3VJyvGkZVVDrGo2tm5ihVc%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
76df97a69e2d06a6-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Telegram.svg
vsim.ua/html/20min-page/web/img/sub_image/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/html/20min-page/web/img/sub_image/Telegram.svg?649f98ee
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f303a0de1cfe53713218d7f8b6d58cb3a85e0946f81cf0e4b79d1ce76e3a97b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Feb 2020 13:22:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5e4d36b2-7c3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gX%2BbCVqwNIBGEbbMu3RR0%2BexLuTtisnDYFha1%2BUWuIpy410VPDUUU%2FqGAOkRsWN3O%2FTIYNbZjh9Na5uSg2ZkltkhvpHGSxEXLe1K5fiNc1wHaWYQOITrd%2FogEp9qMkzBMQ7Wz%2Fo"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
76df97a69e2e06a6-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Viber.svg
vsim.ua/html/20min-page/web/img/sub_image/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/html/20min-page/web/img/sub_image/Viber.svg?649f98ee
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91c51f424031f6d025726982227527bc60cdc06c4bbe948cda46c66c54c2a695

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Feb 2020 13:22:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5e4d36b2-1132"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N102jnm%2FEm5L47lAqDUl3owvp0H%2B3RMf4czrq2H7V5nFTlOQUw5Ph31ogNs7%2FO0xCeVy47zsr%2BTyhXkkiHKKjIr6oNmmenedO4CvxEO%2FTXm9bUzR7UMHhCeVRkiEUDPxJri%2B9NZ3"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
76df97a69e2f06a6-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
GN.svg
vsim.ua/html/20min-page/web/img/sub_image/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/html/20min-page/web/img/sub_image/GN.svg?649f98ee
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34b32035c62caeb6ba158476cdc55287421596f7db6cfc52ca84d7a7bede75aa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Feb 2020 13:22:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5e4d36b2-145a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Belb3n17oJjz0utYxpZgq6mkMHfJpX4LJID2eN9qc79Ayq8eqboHQV13ENbkGy580ZN6yET5L0k%2FPuDrKTUo2xjU3IbgAzQMKifBFqMEsxh%2BrIXLUujk5b9K%2BgWY%2BecUALaj7oz%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
76df97a69e3006a6-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
email-decode.min.js
vsim.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 15 Nov 2022 18:10:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6373d5fa-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNs1KWwLZtmXvuKvtaLANJH%2FG5bxpEfor7jsf%2BNvbR1HtYkdpx%2BvUmm49vg9UWakEk5FI9F0EIVnegNDhALLx8IeN1j%2FHrC%2FPHL6WKdgI1iW3jVbctYm8BwnWGvRxjJf6biAvXl8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
76df97a69e2b06a6-LHR
expires
Thu, 24 Nov 2022 06:26:14 GMT
rocket-loader.min.js
vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 15 Nov 2022 18:10:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6373d5fa-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ry9uWTlySpsNyVTOci6CJKpx8EtIZojslawPrZheClBs5NBkDi9VyKfEKzWa4YvtGjQKhhd19fs6%2F68Rbi20umilKsRA9fcB29ROKambjYlhcekcbMxq1ABaeBZx8%2B%2FAjc3nvqVn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
76df97a69e3206a6-LHR
expires
Thu, 24 Nov 2022 06:26:14 GMT
viber-f.svg
vsim.ua/bundles/twentyminutuamain/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/bundles/twentyminutuamain/img/viber-f.svg
Requested by
Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?649f98ee
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e51999eebc0b9e4ac7b5387bf86f7c05970eb7b77df960003955d399e232c5c1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/css/3831ad9.css?649f98ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 19 Feb 2020 13:22:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5e4d36b1-bff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQOCuzVww2yHOWGOng%2FpG9rQlOdpYVXU6yg4QrFCFbSboOSbebbojwz1IER94%2BTVZaco5ZsX8tDG8tYTtpYs0oGIYPSkIxyIwUU5IRFirg6kteY7w5wSVrwrshVXQOwdybjt75H6"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
76df97a6fbbc777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
g_n_icon.svg
vsim.ua/bundles/twentyminutuamain/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/bundles/twentyminutuamain/img/g_n_icon.svg
Requested by
Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?649f98ee
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e98501745c1500c02ede59eb329ac24f220509633741250b371199ecc9020ea8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/css/3831ad9.css?649f98ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 19 Feb 2020 13:22:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5e4d36b1-478"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXdcTm7ozNCV%2FvqG927gDtwYBB8wkrAKrXj2vYMA8y2RinNro2%2B4t5tpA3uy1FQbmLQXKBJZVFd6np21p3QVZwJvn17UqpLg1NiVJ7nReQSVOTgUTNAtO5%2F9RQDyGuVCNLqLRZdR"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
76df97a6fbbd777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
telegram-f.png
vsim.ua/bundles/twentyminutuamain/img/ 		548 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/bundles/twentyminutuamain/img/telegram-f.png
Requested by
Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?649f98ee
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa058ce5fd598607573ff9194857267322682a83b3547840b211bce2ef4bd5c0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/css/3831ad9.css?649f98ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
cf-cache-status
MISS
last-modified
Wed, 19 Feb 2020 13:22:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5e4d36b1-224"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muFYBevVmiL%2B3%2FHHSMcx86o1xPJjppVGaGVcgXEv6ApbBTDJeMC%2B2UfQdEmzdcz4Sswy1U4cmstZNQyCouWK%2BuGGaSjbC67TSieXcJq7WphqMLDHrIB103Kk86VUbWWijWQyZRBO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
76df97a6fbc0777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
548
expires
Thu, 31 Dec 2037 23:55:55 GMT
fontawesome-webfont.woff2
vsim.ua/bundles/twentyminutuamain/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/bundles/twentyminutuamain/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?649f98ee
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer
https://vsim.ua/css/3831ad9.css?649f98ee
Origin
https://vsim.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12256408
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
71896
last-modified
Wed, 19 Feb 2020 13:22:57 GMT
server
cloudflare
etag
"5e4d36b1-118d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sII0FeCMrLD91hu%2FYocMQ%2F2jmqC8Mz%2BR43VdaSh3orrKklEmc%2BMqUPGY4%2B4R3q8HrdX1gJ2m0QAB3mj%2BWFpvC7BAw97TubSEjJ4i%2BLImhcVY0lIgtqCC63PJs2vpTRkl9gelNiUJ"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
76df97a6fbc9777a-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
MaterialIcons-Regular.woff2
vsim.ua/bundles/twentyminutuamain/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/bundles/twentyminutuamain/fonts/MaterialIcons-Regular.woff2
Requested by
Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?649f98ee
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726

Request headers

Referer
https://vsim.ua/css/3831ad9.css?649f98ee
Origin
https://vsim.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12256407
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44300
last-modified
Wed, 19 Feb 2020 13:22:57 GMT
server
cloudflare
etag
"5e4d36b1-ad0c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PY9f%2BMyH4I77KYinGg2EFz%2FD2y9kWFvQkldG9nMJ169IXt4rmcofyhZQbeyu7cZQ%2Bti%2FBJ4OYpJbkwt79h%2FIGWZsMgrazZW3j6H%2B1x%2BSYMdsXgI26VZe8dp5xTdHhi%2B39iZuD3gP"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
76df97a6fbcc777a-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
fc40332.css
vsim.ua/css/ Frame F187 		177 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/css/fc40332.css?649f98ee
Requested by
Host: vsim.ua
URL: https://vsim.ua/site_login/iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf3151eb02230f6f505658b2df91cb14159810f9e4a083ce21920b76297a7989

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/site_login/iframe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
581445
cf-polished
origSize=181636
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 15 Nov 2022 12:46:06 GMT
server
cloudflare
etag
W/"63738a0e-2c584"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tp898qWrzJTccQRnXYExkuG8d7rs018BG5s2pN4dWUagAqvzmpaRwYpBH1PbG67H4ZULCh7bQF0%2FyXImjk91JWhJjyC7T3gzogIiMpT7268bgk8Io9YC12Sn85dczkVKG2nzN4s4"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
76df97a76c30777a-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
rocket-loader.min.js
vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame F187 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: vsim.ua
URL: https://vsim.ua/site_login/iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/site_login/iframe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 15 Nov 2022 18:10:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6373d5fa-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcw5uksKk%2FAhFAearyASJiznfgLKjmqairxHKqwE3i0BEHiVM4gJnEbrN8JRG8Pr6UkvQo%2F2OpHA0m34jHVd%2B%2FONdHo7LwtyAqRfNNu8Dkw5vFCHJPFJ3VdqUJej5vOaMLhk2fHr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
76df97a76c34777a-LHR
expires
Thu, 24 Nov 2022 06:26:14 GMT
aGeq.js
leokross.com/vAW/ 		0
0
0728b5d.js
vsim.ua/js/ 		879 KB
246 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/js/0728b5d.js?649f98ee
Requested by
Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca2da4362115518ffdfe27c6fa107bc239a879f36ff3e6bd5db0db5c4917c079

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
581445
cf-polished
origSize=900210
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 15 Nov 2022 12:47:21 GMT
server
cloudflare
etag
W/"63738a59-dbc72"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFRM452b4f%2FXgnrh5%2FfDIzS%2FSDiLnEaO8gZNtF0myYwo%2BS%2FjzMWwPkd0QRxEBw0dzxy4uJFDN9I6HbruSHBHnV9SEOMTktRueJ0EmwRZC7gTpxbli%2FvqU0QjJcUAXhM7Ald8K3r3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
76df97a7ac66777a-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
imask.js
unpkg.com/imask@6.4.3/dist/
Redirect Chain
  • https://unpkg.com/imask
  • https://unpkg.com/imask@6.4.3
  • https://unpkg.com/imask@6.4.3/dist/imask.js
135 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/imask@6.4.3/dist/imask.js
Protocol
H2
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a4c2ecf677f70d4d9d1b3ef31558bb18a0bee17b8f1f38ce5ca65f8871118ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
5488384
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GDBE3T5KXHH1J5S32QW759N7-lhr
server
cloudflare
etag
W/"21ac7-KqSYXxY+9Y5mzCD11c6bKZsRmN0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76df97a8aa02dd77-LHR

Redirect headers

date
Tue, 22 Nov 2022 06:26:14 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GDBE3T2ZK5XJTY8KC0ZXMHEH-lhr
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
5488385
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/imask@6.4.3/dist/imask.js
cache-control
public, max-age=31536000
cf-ray
76df97a869cadd77-LHR
sdk.js
connect.facebook.net/uk_UA/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/uk_UA/sdk.js
Requested by
Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6d6603b1df6925347c0d9bd5cb393f76116c8c272f06a4fa026ea13e9fbbd2aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://vsim.ua/
Origin
https://vsim.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 22 Nov 2022 06:26:14 GMT
content-md5
NPPKs/clEH/oE+pP/NcItw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
o2OXgARE7/d88umSKh8ltdjjvOTnb+pbyTynIYG3LHmckTt6u2mOu5WWhHwXq2T0Ot9/ifYquHnvh8lkdsF1Vg==
x-fb-trip-id
686109401
x-fb-content-md5
372c4611e6502280e552c2ab600a8d95
cross-origin-opener-policy
same-origin-allow-popups
etag
"18a71627903d8e0d9e8b599e988f4f80"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 06:37:12 GMT
client
accounts.google.com/gsi/ 		191 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e14a68d4f0878504656295be09c475ba96a4484fca5c2fa088c24e30482f0216
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-ds8BYmaqATtvZV8N2h8KJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-ds8BYmaqATtvZV8N2h8KJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 22 Nov 2022 06:26:14 GMT
ed8d0db.js
vsim.ua/js/ 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/js/ed8d0db.js?649f98ee
Requested by
Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc9c2a692b2e51f7452889365de85134341d53f8d36539cdaef3a8277db2edd1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
581445
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 15 Nov 2022 12:47:28 GMT
server
cloudflare
etag
W/"63738a60-17b3b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1HT8wB79b%2Bb6221EY3Qzeyay%2B%2F8G4RV8sVWhiZzVn4SaPnJ6NLSiLfwRSYV1bP9mrs%2B%2Beep2EgGJeT56nTK%2BMMcfz16O3OEwZc%2FyKbsMUZncp6utl1emqWV5CZB0mGU2794pFqa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
76df97a7ac67777a-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
client.js
cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/ 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Requested by
Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
ae45377af9d89238bdd28995edb79dc857c596ee256268874c5478e020807211

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Fri, 18 Nov 2022 01:06:48 GMT
date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
gzip
last-modified
Fri, 18 Nov 2022 01:05:00 GMT
server
nginx
etag
W/"6376da3c-100fb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=10
x-proxy-cache
REVALIDATED
optimize.js
www.googleoptimize.com/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-NWSHLFG
Requested by
Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ecf93641ff7b5252a7266070e4786ed80904711ee22cd46db1ab6a2f3ddc1ed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44039
x-xss-protection
0
last-modified
Tue, 22 Nov 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 22 Nov 2022 06:26:14 GMT
invisible.js
vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 8903 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1669089600
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2fc3490a85e17e87e816a307449830531b8207fcd12a6182a15551038ba7f8d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bj9gqNC6qIt78uPLLICGx%2BZHNrAbkqiIBQXvW7GojE36GQH%2BsENuOUXtClZ6lgfaZ55YQ4JRPcEkfXJEFR8dIP%2FUr%2F6fEaJFaHLjX1ID0ymqICXYndtv1gE5B0STpMc1QhXR45mv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
76df97a7ac68777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
dba7e9c.js
vsim.ua/js/ Frame F187 		246 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/js/dba7e9c.js?649f98ee
Requested by
Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbd991c12551f95524a9ca44db10706d942e698b9ef56d6111fe568c5cf193ef

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/site_login/iframe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
581445
cf-polished
origSize=251457
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 15 Nov 2022 12:46:12 GMT
server
cloudflare
etag
W/"63738a14-3d641"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAns1tP%2FX3aWVu10aKC6y0TgUSsVO7aUxFdTRNXHjuirSKd07bkcTavJGSHv%2F9iUY7WcwB%2FijTouQEPokLL%2F3i9r0lRnb9FhE%2BK3zFp7%2BqRuG7fM2YUYa%2B4wtrFCX9H69BJgXjWy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
76df97a81ce9777a-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
invisible.js
vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame D195 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1669089600
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e65ccaf459ff5b79afd9e6487cc2e0bbc22cd8140dc040dffb1e24adc92b2be

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMp6UG3oXg33djU359DwT%2FWywnWx5B05OqIVHoIqea%2BluIk%2FBwWa9FQlUQERplvpM6AasgEkyKcI5eke7F2d%2FmatU4qVKkfroYdh1S1GgTG1yPFLy9r9uA6Qb5xZ%2FUK6LBc014Zo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
76df97a81cea777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/ Frame 8903 		19 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd1f8420407738905a9b997c5555b7c7dc2f7f63ab5586893e616b7fe6794ef3

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2BAUq4vUPtUQ9hvUGdcQ%2Bo4QLurQpIyvk9POl1lg21JzHOJSnieFcIT%2F6mxfAkzp5FiE0FJ7PU4LFH%2B%2BuaPqqjGBwQ3LoL2mYnp%2FpI74FGDUAII4y5fLo4h6CljATBK%2BG%2BkW%2FZ4e"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
76df97a82cfd777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
invisible.js
vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame D195 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1669089600
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9669758d3d650752d7229442104a5386aed3ecc28a7e74f0e794048397385e9

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkr5fxVCSl17gQmjNmawzX53ZMjS170l51lMKlnXm42vDP8SKxPK%2BzjtsZrB6d9ZEgXQmw9YzkHtNgx0Y%2FEYtD0385Cm4L1cRQFgRS%2Bfyd9CC3z1dw4Nc06gTNN7aHYavgW5876o"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
76df97a88d75777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/ Frame D195 		19 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44f61a242bb16b433490f30ba87f228fa675c7bdd42cc2d5cf33f1ad5279dfc6

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqyUuQM4SRDVQTCU%2FsHVvZi2rRejSZBekdFJOYEqS5BN20ekZLFPSyqW1%2Fgts1XfVQzai7aDzg25fPN0R%2FVraVCrDHSD56Ps%2Bk5InHp7Tb7iETGQApm38h3cUI28yyiOL7SG8rFd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
76df97a88d7f777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hb_306660_6693.js
player.adtelligent.com/prebidlink/463638/ 		419 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
a96f638e4e6f5a290f899a42a967f0810e123d7f308c974e6f256e373de51f44

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Thu, 24 Nov 2022 06:26:14 GMT
date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 15:49:03 GMT
server
nginx
etag
W/"637b9def-68d9b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24e76f8224b25d229b94950548d3758bc9d375d75f6965782e204c2bff600a33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27211
x-xss-protection
0
server
sffe
etag
"1399 / 155 of 1000 / last-modified: 1669071986"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 22 Nov 2022 06:26:14 GMT
wrapper_hb_306660_6693.js
player.adtelligent.com/prebidlink/463638/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/463638/wrapper_hb_306660_6693.js
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
8fde8bf6c1c3c2bec65b23e45729683c058e063e2aa77a4e57c365a24a820614

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Thu, 24 Nov 2022 06:26:14 GMT
date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 22:31:02 GMT
server
nginx
etag
W/"637bfc26-6c4"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
configs
cdn.gravitec.net/sdk/web/ 		5 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/sdk/web/configs?appKey=d9345397765ace7e36f5036f718db82e
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
8df341e6dc08250afdca9719e6dafd016ec7b0d1de3488066a8620a2cb304e96

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
x-correlation-id
26be26030c127c1bbd87022a311ccbc8
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-proxy-cache
MISS
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 22 Nov 2022 05:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4220
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 22 Nov 2022 07:15:54 GMT
gtm.js
www.googletagmanager.com/ 		141 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TST74WS
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
06a44402449371b9869fa418b56e2511f9f22635969d8ec4746c3ce5c2220c98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51768
x-xss-protection
0
last-modified
Tue, 22 Nov 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 22 Nov 2022 06:26:14 GMT
remplib.js
vsim.ua/bundles/twentyminutuapaywall/js/ 		93 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/bundles/twentyminutuapaywall/js/remplib.js?649f98ee
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30015300955352764840758227634ade8cc98299ccadc46cf9f3f6681385a756

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
581445
cf-polished
origSize=197222
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 10 Sep 2021 08:36:22 GMT
server
cloudflare
etag
W/"613b1906-30266"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9usrD7FBJ2nSOdvE51m1VR1BE4g%2FIu26ytxGxlYbaGnZY%2FjnIIctojpsF1W7OF51SQZUz961JazTMu27v8Pie3S5DLRZ84MFNtUlTRHO0bCgLGhAA3qcsa7%2FvhQCiFGpaVwzuQeo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
76df97a92e14777a-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 22 Nov 2022 06:26:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27340
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
DcLx05tp1LovRjAYUrFaYq+DNR1aS0Xtlh6J4h9VdIbO95o2oYH7jTJRHRESr3GMrZ1g7/0FMQy29KdnnN32aw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pica.js
vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/ Frame D195 		19 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67351144f8badeefc83e9f6bcf3a7840d15ee81ca2f225b1cbedbb994253b9e0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BSoddHFG9cHz%2BxqFbdEkF%2F9ohnVgLXnEv2SWFrvCpYOTH7n4IYwY7nhtFIK2j8lFOH6GaJH8wMOI4rOcsU90aaTMiamsblmd5ZpsYZAT0NAgHw8JkuBCV6YWfAq1GGwtu4XBf62"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
76df97a94e45777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		185 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a62693b523955f6ddca2965c2e8be1a7bcb1d41e6e98f6834abf23f0090bed6

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
76df979a8d3d06a6
vsim.ua/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 8903 		2 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/cdn-cgi/challenge-platform/h/b/cv/result/76df979a8d3d06a6
Requested by
Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1669089600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wEVaWABxhcReCcZ1HkJwoQCpWvCWz7SQse7EleOSEoDZ3dEKJxnzBu0GKbOskcODMEuQZR1dk2E%2FmhvK%2F%2F3Z44Wc2v5VRyDjNaIP6kbMBH99nO%2FOWYZPkWiGC3na92fbmR%2BIKYRo"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
76df97aadfd6777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
invisible.js
vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 8903 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1669089600
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
454be236f028c98647c3e8710cb6d8b7a9accf49d273b198c7cc10feadc290d1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7BH%2FI4AY6ANVU70Lp8eE3Amc8HoUBNJy3SNw0vmHco7K1slxMLzrF5aJnLjK%2BB1iT%2FOGu631flbRTZrt%2FkugawzqiR90A9fPfb%2BpNKjkjGNE6IsnmVxAB6ljEgEOgk1ykmHOgeY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
76df97aaefda777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bg_img.jpg
vsim.ua/html/20min-page/web/img/ 		285 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/html/20min-page/web/img/bg_img.jpg
Requested by
Host: vsim.ua
URL: https://vsim.ua/js/ed8d0db.js?649f98ee
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12256416
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
285
last-modified
Wed, 19 Feb 2020 13:22:58 GMT
server
cloudflare
etag
"5e4d36b2-11d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZXEOjSm1iCBHaRTknvf9Io%2F3DhyuuC7fOKSza0zue53Sp18Dt1xKs4ZWN%2BateX0dlilcRwEi12RAgDrYBrzrpJF2rX%2BbVNhQiy2kaOQ%2FRmXfGtsk%2F56o%2FEtFuz1rAve475SP947"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
76df97ab080a777a-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
bg-img--small.jpg
vsim.ua/bundles/twentyminutuamain/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/bundles/twentyminutuamain/img/bg-img--small.jpg
Requested by
Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?649f98ee
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc36c65f1dc213532add7eda26bfcf948894764eb17f1ef9c7ca14a296d3534c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/css/3831ad9.css?649f98ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1130486
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5504
last-modified
Wed, 19 Feb 2020 13:22:57 GMT
server
cloudflare
etag
"5e4d36b1-1580"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZHipDz3B2N2tiaJCp%2Fo5SJogqZaN%2BMlgNGPoYvIRceLXyh4C5otga33VbGNcJn0JLJiO%2BfsTMig1xTK9f%2FPdDxrwpuTQHQzdb%2F%2Fwjvblyg8fccuy5JgMCCGH3KIkc5uVup6w%2Fif"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
76df97ab4851777a-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
bg_img.jpg
vsim.ua/html/20min-page/web/img/ 		285 B
792 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/html/20min-page/web/img/bg_img.jpg?649f98ee
Requested by
Host: vsim.ua
URL: https://vsim.ua/js/ed8d0db.js?649f98ee
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
581446
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
285
last-modified
Wed, 19 Feb 2020 13:22:58 GMT
server
cloudflare
etag
"5e4d36b2-11d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmcsQJHVVyqTFDty%2BWe2AVpL0N6o9oVQuh%2Bud%2FvRhvQetSVOHLo1u7Uyuyg0U5PWDt0rt18G2lX9OQImOmGS24z3nvMaU0nC8Z5I9uFXzKNza%2BKCdMClohLJIV3MqnNhijaCK0QZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
76df97ab585f777a-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
check
vsim.ua/site_login/login/ 		20 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/site_login/login/check
Requested by
Host: vsim.ua
URL: https://vsim.ua/js/ed8d0db.js?649f98ee
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9976a53c60fa10eebb92eb813e79d085205a151a4c7cf2c11d715cc3fcabc5d9

Request headers

Accept
*/*
Referer
https://vsim.ua/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-dev
Desktop
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZyOdAcML0f65MId012HqgahpPJHjhUnQXGhP%2B%2FtMeV%2B%2BGpFIfCHwRHji4aG55AIg02en9NPNL25mpYtlVRW6hOl5%2FoIs0THs1r%2FavEigPEvfWMIYo7fIpETAzOOjieTlfOJ0KUIA"}],"group":"cf-nel","max_age":604800}
x-cache
BYPASS
content-type
application/json
cache-control
no-cache, private
cf-ray
76df97abd8de777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-stat
1
7324c8f1d6dfdd867b872d4ef9c2b3a3e9fa6b80.webp
vsim.ua/img/cache/news_rtp_large/news/0029/67/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/img/cache/news_rtp_large/news/0029/67/7324c8f1d6dfdd867b872d4ef9c2b3a3e9fa6b80.webp?hash=2022-11-21-20-46-24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe224062247d8b0cb1c315890e0920f8f676caecd56f4db7cf4a28af77a1f7f3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
cf-cache-status
MISS
last-modified
Mon, 21 Nov 2022 21:03:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"637be797-b5d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAUddx%2Fx49KXmebXmzf2nJ8WdtwlCwWfgqB4aV0IsTTYg91sUhMMu749FJfn%2BNxA6ks5XM94sl6QtQ5fxrEDwnLrtjsLVklScn%2BX%2FptwqSxCREQoHpRBaERG3k2fykRdHctSKhKS"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
76df97ac0902777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
46552
fa1f6c18d3d6e97ebe57894740f1ac027e4e7ca3.webp
vsim.ua/img/cache/news_rtp_large/news/0029/67/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/img/cache/news_rtp_large/news/0029/67/fa1f6c18d3d6e97ebe57894740f1ac027e4e7ca3.webp?hash=2022-11-21-22-09-23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4632a1d8298729b34c20d7077b8833eabec900898013521e86171db42b3d920

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
cf-cache-status
MISS
last-modified
Mon, 21 Nov 2022 21:03:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"637be798-9870"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZZPYNexLvyL84yqJCtv%2FVpux%2BnjODRS8qaX2op%2BIp0rpIeDZ9VvrhlQ6SzmQpKpm3RWwq6RDBT4DY4DpXETD7jfvYLrWxDe7GKdDxZFHkgLkHaCcQoJl%2FTsocIPJYPOgLqtwbTp"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
76df97ac0905777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39024
9fd7a3445f7062492c4b802686eca452515814a5.webp
vsim.ua/img/cache/news_rtp_small/news/0029/66/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/img/cache/news_rtp_small/news/0029/66/9fd7a3445f7062492c4b802686eca452515814a5.webp?hash=2022-11-21-12-49-46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a00fa363d419d45f4919fc657ab9e47256b7a2a202d4e8c4cd8367ce688fe90d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
cf-cache-status
MISS
last-modified
Mon, 21 Nov 2022 21:03:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"637be798-51d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DxIgUaC8It8ibqEBzwEgitXRk36reQkh5wUIMb7OIHSaRKHf%2Bh6ChkGah57fh3DYh5nbmMHg4X2wtW5mhxCHeCrVhc55nDgIYHXHpEQnu%2B7c0xZP9dkglhXE1Emv3D%2BVRhun%2FuWq"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
76df97ac0906777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20948
681e7a0c8ec5056610ce87a2f5156c4477d588f7.webp
vsim.ua/img/cache/news_rtp_small/news/0029/63/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/img/cache/news_rtp_small/news/0029/63/681e7a0c8ec5056610ce87a2f5156c4477d588f7.webp?hash=2022-11-18-12-38-18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e35431fa4cf6116249b7c34450698b4647548aa1bc44ca57ef277a1786ebd5d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
cf-cache-status
MISS
last-modified
Mon, 21 Nov 2022 07:37:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"637b2aaa-64c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Fkbj807XWuSFA97l3LSVk1KVx9crUouq%2F9e3lcjJ53XaZb1btqr68FdBa48hJd40OxeOKxkoC2JT6kXRFB4K6eQlVSX01TZJcKUasN%2F2hLXOBr7EGJfp7Oc83ZMd4o4S%2BCVE%2Fj3"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
76df97ac0907777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25794
e41d54e310283a7036b1f9a211f24929c0a18c83.webp
vsim.ua/img/cache/news_rtp_small/news/0029/67/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/img/cache/news_rtp_small/news/0029/67/e41d54e310283a7036b1f9a211f24929c0a18c83.webp?hash=2022-11-21-21-13-14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84d0d810dc5e20bf11e9934321f4d484fa475a2a52751ba94921e86a6e46ade7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
cf-cache-status
MISS
last-modified
Mon, 21 Nov 2022 21:03:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"637be798-8460"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMCfMxiRmj84dBXj24xSsEs%2Fg1%2Bc18TK6Y9BpLYQ4SLXIMWT6nBDDAH%2BGm%2FC0W95qUchVOCjdwwFvVl89mkZ7LDJhN3invFu2TzQSS8VXKg4KrZp6X7NdV6H8bbKAJRxKoBUDyoy"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
76df97ac0908777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33888
fbaf0619c889c60da039365db194c3a89e79cebd.webp
vsim.ua/img/cache/news_rtp_small/news/0029/66/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/img/cache/news_rtp_small/news/0029/66/fbaf0619c889c60da039365db194c3a89e79cebd.webp?hash=2022-11-21-14-37-27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c463bce3750d5f8cf80976133113d55fc9e204102d1baf9eb078d3bc88621a5c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
cf-cache-status
MISS
last-modified
Mon, 21 Nov 2022 14:24:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"637b8a0d-71f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0X%2Fa189gnzniVmYfCO0XbbBSHisz49h4BJQ8n1Yy6kfLfaJEee5eA2l9CTfcC5wRix57IQI68hPKQ4NTGeAwH%2BYIZ%2F5ZbShURAyovFxatHwtRFXB4Wsv05cZkf7QiKVh3Edg%2BACF"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
76df97ac0909777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29176
c907dd95c12e330d826fe5f9edee5c7dccc92d38.webp
vsim.ua/img/cache/news_rtp_small/news/0029/66/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/img/cache/news_rtp_small/news/0029/66/c907dd95c12e330d826fe5f9edee5c7dccc92d38.webp?hash=2022-11-21-16-32-33
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3883675a84b768d901f2afe97b4bafaeda8d403f1c454898514958d65ac48b5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
cf-cache-status
MISS
last-modified
Mon, 21 Nov 2022 18:39:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"637bc5d3-4dd6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmcLjdbTO6TVqAKxGOKfNspkIIWRrUphN8tDGovNpDmV61MSf9F6TDYqi3VLWQR2IlbnLxxwdVhxy99aOVlRx7lnvxIfv%2F1YBLoiUJ%2FQafydMdlW8kNbuawfRlqXczVk%2FsAFNURr"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
76df97ac090b777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19926
98dfcc9eb274cbc2ed0464517a4250e376dd3617.webp
vsim.ua/img/cache/news_rtp_small/news/0029/66/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/img/cache/news_rtp_small/news/0029/66/98dfcc9eb274cbc2ed0464517a4250e376dd3617.webp?hash=2022-11-21-14-57-13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a19ab4175b66193d0f87d619263e50f38c5187f215db25a9e15de163dfc3f6f8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
cf-cache-status
MISS
last-modified
Mon, 21 Nov 2022 14:20:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"637b8928-5224"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRb5RvOaOAjMjMMSgehmxNnK2UdcamiIcWMN5SYuWeV0dFx3K2WUEAnGWiqOjC5NjJPFUeX9m0m2TNaRrXcvmdd1A9huF7zMKk5K9sjSzMcgXWUgzgHbuueDHk20Ia2Edr2Q8Nra"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
76df97ac090c777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21028
2dc1ec26afb59bf44ba46dd2e32f485319357fdc.webp
vsim.ua/img/cache/news_rtp_small/news/0029/66/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/img/cache/news_rtp_small/news/0029/66/2dc1ec26afb59bf44ba46dd2e32f485319357fdc.webp?hash=2022-11-21-11-04-01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83ab4f6ce6653c2643d3c9290b632402ce914af6980b3228a70881761b7c2e19

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 21 Nov 2022 09:17:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"637b4222-57b2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pC0T942RMWFVnveNxQouWthsYvyS%2BsgsG54F6hygjCYLlb6Fd%2Fv4R2xPwOOq33d5b8xtFC8ypLihBzR6e8YiOrQcoANLb%2FPJjxfaMZ6BEll%2FoFxtKbcp0wJF88PGB9w%2B9X6Oiows"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
76df97ac090e777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22450
59effc2a015af71603e3571f595e004d91844953.webp
vsim.ua/img/cache/news_rtp_small/news/0029/66/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/img/cache/news_rtp_small/news/0029/66/59effc2a015af71603e3571f595e004d91844953.webp?hash=2022-11-21-16-11-31
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2336d52e36cd8f59eb79cb65a1efb3824f594024bfe032f1b6bf48f1016ba719

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
cf-cache-status
MISS
last-modified
Mon, 21 Nov 2022 14:20:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"637b8928-411e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7COODV2ny9DyDtIFcRe%2FbST10qIOP44%2F%2FS31uxV9i%2F0oYwF%2BGYm%2FFB7youyZGz3MwSOLU7a3mSn34GVVLb6VSrSlnfRcyS430R9pDEuBea8k6MiWO8HSdLe%2FcDNk%2BnDlWBr6FGjP"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
76df97ac090f777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16670
2863712-netishin-povnistyu-znestrumleniy.jpeg
vsim.ua/img/cache/news_rtp_large/news/0029/64/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/img/cache/news_rtp_large/news/0029/64/2863712-netishin-povnistyu-znestrumleniy.jpeg?hash=2022-11-19-14-13-29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43a315249d743d2925ac5e0af719991f12be5e15c5f2629a7824cbc10a9e4f66

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
cf-cache-status
MISS
last-modified
Sat, 19 Nov 2022 12:19:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6378c9b9-3162"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OFokbHkEQOx9EFxQ1Qugj%2F2JsEfgUOiXsEulM7yHqY46K5HBuiVpD4ILsw142UubKTvsqQkMkFNeZkD9rQdT4ZREfj7Bd3AIZNCmyZcZoQkzzDgrrsNvic71Q40igm28L7A0I2W"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
76df97ac0910777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12642
2863746-de-na-hmelnichchini-zavzhdi-e-svitlo-zyavilasya-mapa-mists-scho-pratsyuyut-pid-chas-vidklyuchen.jpeg
vsim.ua/img/cache/news_rtp_large/news/0029/64/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/img/cache/news_rtp_large/news/0029/64/2863746-de-na-hmelnichchini-zavzhdi-e-svitlo-zyavilasya-mapa-mists-scho-pratsyuyut-pid-chas-vidklyuchen.jpeg?hash=2022-11-19-15-14-04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53c3a9665988d59703975294600750e8e20d83f96ec2fa064cb716eb035b3ccd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
cf-cache-status
MISS
last-modified
Sat, 19 Nov 2022 13:16:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6378d717-2b24"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixYcnQKBKT0BoQQYa%2F4wupTke0vto73goniCK2lD7SF7ipR79Xy6qOM7lg%2FftvYWwy1ebGFYBlY3rx19VR8KzYT4ZCL6mpACiW1r3mqj3b7SNvaOxEhPcFlHADoCNHmyNpcERJg8"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
76df97ac0912777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11044
76df97a68e2206a6
vsim.ua/cdn-cgi/challenge-platform/h/b/cv/result/ Frame D195 		2 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/cdn-cgi/challenge-platform/h/b/cv/result/76df97a68e2206a6
Requested by
Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1669089600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1%2B5bGA%2Bptm%2F89L8B9S1SspN5L9jyArxTTeSuYJJm%2FEsaWD6mKqGq2g9VUSsXKuYDF%2BBiosxYNetvR57LQArRw0q5B0Wd6maB0Oz9qDeAlgWi3GFOP%2FTmdBO6wSQJ4Fb0nPcHxSP"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
76df97ad1a2e777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style
accounts.google.com/gsi/ 		533 B
328 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ln6R6JF_fw9lJC2o3-VJiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
content-security-policy
script-src 'report-sample' 'nonce-ln6R6JF_fw9lJC2o3-VJiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 22 Nov 2022 06:26:15 GMT
status
accounts.google.com/gsi/ 		40 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=218226485810-uqk03eati6qp5glmb6e91f2u24152enh.apps.googleusercontent.com&as=TdDxteeJTLsu0ACEK7gV7A
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
66e13aa2e202fb554666e714e19b4040a4ee2e500ea8419bfb42ba8133568a39
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lfaVXVM9JZqVo70VbR8hwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
content-security-policy
script-src 'report-sample' 'nonce-lfaVXVM9JZqVo70VbR8hwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vsim.ua
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/uk_UA/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/uk_UA/sdk.js?hash=9692ea57c05365e3fd7224931b72289e
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
af9b47487c3d20695417b23be2bfbb6566ad09f85c13c387392e36d6702494d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://vsim.ua/
Origin
https://vsim.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 22 Nov 2022 06:26:15 GMT
content-md5
9/Lx1bZim99V6AdoJDPoBw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87066
x-fb-rlafr
0
x-fb-debug
g+HpfgZkYhxir01r8+5WUU2NperBnhGGSsWPBuq/FvTzI/GmwT2bvnF6Wd5vEQAyvFLatn/IWelMMDYvQE4VjQ==
x-fb-content-md5
9cee81070fec85e9bb44e184153bfbc2
cross-origin-opener-policy
same-origin-allow-popups
etag
"4635e40738c02ecc21a85085592eb6f7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 22 Nov 2023 05:25:25 GMT
/
id.gravitec.net/ Frame 2955 		621 B
714 B 		Document
General
Check archive.org
Download Go to
Full URL
https://id.gravitec.net/
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32

Request headers

Referer
https://vsim.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=315360000 public
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 22 Nov 2022 06:26:15 GMT
etag
W/"5e9485b6-26d"
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Mon, 13 Apr 2020 15:31:02 GMT
pragma
public
server
CDN77-Turbo
x-77-cache
HIT
x-77-nzt
AZySIRmv6Df/OI3SAA
x-77-nzt-ray
cf8787276240b595876b7c6351345517
x-77-pop
frankfurtDE
x-accel-expires
@1970659663
x-age
13798712
x-cache
HIT
506134916849111
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/506134916849111?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dc4de3515c790d575f7c8b0f233e9ff3c321c1acc3ce3d05600a66479333f964
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 22 Nov 2022 06:26:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86098
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
IwpJoYagNwNqOloP6C/7uqFUOUoxlsC0od0a8GfFd+vItxBdzD5uheGE622Pf+cCCeUzZUbetHi5dH8HLVLUyQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
publisher:getClientId
ampcid.google.com/v1/ 		3 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://vsim.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://vsim.ua
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 20:19:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36406
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 21 Nov 2023 20:19:29 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		104 B
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vsim.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ee58d63b466de0f67a216954ad930f8cfa99fcb23b97c3c27e9c714520d2fa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75
x-xss-protection
0
expires
Tue, 22 Nov 2022 06:26:15 GMT
hbw_master_306660_6693.js
player.adtelligent.com/prebidlink/19318/ 		679 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/19318/hbw_master_306660_6693.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/wrapper_hb_306660_6693.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
41a0051ab451e40fa8a0a904b113c3faa39688083be653502d5a0e2b88c7afab

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Thu, 24 Nov 2022 06:26:15 GMT
date
Tue, 22 Nov 2022 06:26:15 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 22:31:02 GMT
server
nginx
etag
W/"637bfc26-a9b76"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
track.min.js
cdn.gravitec.media/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.media/track.min.js
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Mon, 20 Feb 2023 06:26:15 GMT
date
Tue, 22 Nov 2022 06:26:15 GMT
content-encoding
gzip
last-modified
Wed, 27 Nov 2019 14:51:46 GMT
server
nginx/1.18.0
etag
W/"5dde8d82-11d5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=7776000
x-proxy-cache
HIT
js
www.googletagmanager.com/gtag/ 		212 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0CS1NTGGLB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TST74WS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d024e13df4d20466ff769f9fbe83c716b46fa714fe667da2dd1a701900d3b181
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75949
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 22 Nov 2022 06:26:15 GMT
pica.js
vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/ Frame 8903 		22 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c654830b0835aefea9684ffdf6334341cc230a72cb7102c90b23574393d9338c

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ic7ik4FmzhPPu5fO0lH%2BtRGLMY5v9tfU4p6pTSUiEXqpq2rNPXcoBgR2rtk2WPGI6oTT2GqJP71lHOhERd6yn9p%2BtClcD4ww7Br2DESZd1X3t8KN9%2FCMZ%2B0or0a8Ry8cDxVnxlW%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
76df97adeb00777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pageview
tracker_beam.20minut.ua/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tracker_beam.20minut.ua/track/pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.82 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
dedic.dc.besthosting.ua
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://vsim.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://vsim.ua
access-control-max-age
3600
content-length
0
date
Tue, 22 Nov 2022 06:26:15 GMT
server
nginx/1.16.1
pageview
tracker_beam.20minut.ua/track/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracker_beam.20minut.ua/track/pageview
Requested by
Host: vsim.ua
URL: https://vsim.ua/bundles/twentyminutuapaywall/js/remplib.js?649f98ee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.82 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
dedic.dc.besthosting.ua
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vsim.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vsim.ua
date
Tue, 22 Nov 2022 06:26:15 GMT
access-control-allow-credentials
false
server
nginx/1.16.1
content-length
0
access-control-max-age
3600
76df97a68e2206a6
vsim.ua/cdn-cgi/challenge-platform/h/b/cv/result/ Frame D195 		2 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/cdn-cgi/challenge-platform/h/b/cv/result/76df97a68e2206a6
Requested by
Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1669089600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTPJKxoKaf1FRrOAOBWfaoyj%2FN%2BOpDbb1JQAPzvzxctU6UXKxSM%2Fi2FOC5OeCL0dnDto73ZmCcsX93BVtPZ6ACs4CAy5cqldH%2FZ6Li8%2Brqo0gY4Ql6jelYor8NhUDSBuLae%2BeoGE"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
76df97af7cd2777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1795060305&t=pageview&_s=1&dl=https%3A%2F%2Fvsim.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%D0%BC%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A5%D0%BC%D0%B5%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D1%8C%D0%BA%D0%BE%D0%B3%D0%BE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAQCACAAI~&jid=369890895&gjid=1786606636&cid=329870092.1669098376&tid=UA-43975937-2&_gid=1371346703.1669098376&_r=1&_slc=1&cd1=NotAuthorizedUser&z=1013009981
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vsim.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vsim.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
bg_img.jpg
vsim.ua/html/20min-page/web/img/ 		285 B
792 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsim.ua/html/20min-page/web/img/bg_img.jpg
Requested by
Host: vsim.ua
URL: https://vsim.ua/js/ed8d0db.js?649f98ee
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12256417
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
285
last-modified
Wed, 19 Feb 2020 13:22:58 GMT
server
cloudflare
etag
"5e4d36b2-11d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29IIiJKVshgkpJTEacMDG0aAAubmJEzTXOTk0JfgB7zYqXfxZxS4QfTek2V1%2Bv%2BiE9DPJG3cd9%2Bdq6uwXMj9SLzjT26gZDOh3Z9cIJOcKYo4ZF757pzwAgnamqA1zor%2Bs0rmlcX2"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
76df97afbd01777a-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=506134916849111&ev=PageView&dl=https%3A%2F%2Fvsim.ua%2F&rl=&if=false&ts=1669098375645&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669098375644.617386368&it=1669098375253&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 22 Nov 2022 06:26:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
ghb.adtelligent.com/geo/ 		152 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19318/hbw_master_306660_6693.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
78f41a9fa63f80a45ca282d8a5d85cbe5feaaaa73260e59f7f76093aa7f207d2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 06:26:14 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://vsim.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
152
tracking
ghb.adtelligent.com/adunit/ 		43 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=306660&site_id=6693&pbjsv=v6.25.2&full_page_url=https%3A%2F%2Fvsim.ua%2F&adid=ru2t41.ps&features=81952&vpbv=N097&lifecycle_tte=3699
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19318/hbw_master_306660_6693.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 06:26:14 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://vsim.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=178301089580185&ev=fb_page_view&dl=https%3A%2F%2Fvsim.ua%2F&rl=&if=false&ts=1669098375701&sw=1600&sh=1200&at=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 22 Nov 2022 06:26:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
config.json
player.adtelligent.com/exchange_rates/306633/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/306633/config.json?cb=https%3A%2F%2Fvsim.ua%2F
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
0ae6ea8e517e85f964ee85f332e8cb0492325f6296593f5eeb0f938ddb5e6b04

Request headers

Referer
https://vsim.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

expires
Thu, 24 Nov 2022 06:26:15 GMT
date
Tue, 22 Nov 2022 06:26:15 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 12:01:13 GMT
server
nginx
etag
W/"637b6889-3c29"
content-type
application/json
access-control-allow-origin
https://vsim.ua
cache-control
max-age=172800
x-proxy-cache
HIT
track
api.gravitec.media/api/stats/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.gravitec.media/api/stats/track?app_key=d9345397765ace7e36f5036f718db82e&user_id=1706cf73-ef5d-46ca-b03c-4ccae8f8695b&utmb=94f97e88-a140-4810-86f9-ae57e16f3b9c&path=https%3A%2F%2Fvsim.ua%2F&referrer=
Requested by
Host: cdn.gravitec.media
URL: https://cdn.gravitec.media/track.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.214.184.209 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
209.184.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1 ; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:15 GMT
x-correlation-id
55f1c9761e91eec4abcb0b66827d3b2c
x-content-type-options
nosniff
referrer-policy
no-referrer
server
nginx
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1 ; mode=block
expires
0
collect
region1.analytics.google.com/g/ 		0
341 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-0CS1NTGGLB&gtm=2oeb90&_p=1795060305&_gaz=1&cid=329870092.1669098376&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669098375&sct=1&seg=0&dl=https%3A%2F%2Fvsim.ua%2F&dt=%D0%92%D1%81%D1%96%D0%BC%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A5%D0%BC%D0%B5%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D1%8C%D0%BA%D0%BE%D0%B3%D0%BE&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0CS1NTGGLB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vsim.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
341 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0CS1NTGGLB&cid=329870092.1669098376&gtm=2oeb90&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0CS1NTGGLB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vsim.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0CS1NTGGLB&cid=329870092.1669098376&gtm=2oeb90&aip=1&z=2125079005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
login_button.php
www.facebook.com/v12.0/plugins/ Frame CA4D 		32 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe356901380b14%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff1c04a0c5f5f5dc%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=250
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=9692ea57c05365e3fd7224931b72289e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9f813f0124e753069f37cb78e03df733fcc6ffd3e773ba209d4289cde5223287
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vsim.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-origin
date
Tue, 22 Nov 2022 06:26:15 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v12.0
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
7e+hFe7VWv8amePOZyz1I3RfIT/OXeTZGUvIsfts5vhfP2sX+2IwVuiFCwZ60Kjg5LOFqkik8QSsFlGDIdxOBA==
x-fb-rlafr
0
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		1 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-43975937-2&cid=329870092.1669098376&jid=369890895&gjid=1786606636&_gid=1371346703.1669098376&_u=YEBAAEAAAAQCACAAI~&z=395958232
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vsim.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 22 Nov 2022 06:26:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vsim.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
76df979a8d3d06a6
vsim.ua/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 8903 		2 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsim.ua/cdn-cgi/challenge-platform/h/b/cv/result/76df979a8d3d06a6
Requested by
Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1669089600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RXEuBm%2Fw6DqLj7Fyx77B%2FuoMqWA6ERFnoyBQwR1zSxsFsM2H%2FYwmGSvJqpKi9s2k38p3EDsMAKY77FoOK9uwjSUqI%2BruDAq%2FNK6oFA595xgGtNZLV%2Frg%2BwwOYxLfr%2F0tPI%2FWVB3"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
76df97b1cf22777a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
localstore.js
script.4dex.io/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
csyncs
ghb.adtelligent.com/ 		649 B
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/csyncs?aid1=517711
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19318/hbw_master_306660_6693.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3120d344fa1f9709c26a5751c756eba9e0f4a19710e0842f8a72ac9582b7326

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 06:26:15 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://vsim.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
352
fastlane.json
fastlane.rubiconproject.com/a/api/ 		319 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1790906&size_id=15&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=e4cbb508-838b-4d89-b211-5ca63600410d%5E1&rf=https%3A%2F%2Fvsim.ua%2F&tg_i.pbadslot=%2F45035109%2Fvsim_main_(300x250)%23div-gpt-ad-1591294340929-0&tk_flint=pbjs_lite_v6.25.2&x_source.tid=94eb4408-1f0a-42a6-a914-f407d83094ab&l_pb_bid_id=21c541946c2489&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F45035109%2Fvsim_main_(300x250)%23div-gpt-ad-1591294340929-0&slots=1&rand=0.15225522149116721
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2b0cab36eef67b0a04cb58fab9ba043426831095d32fe705f2f6d652725290d3

Request headers

Referer
https://vsim.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://vsim.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
319
expires
Wed, 17 Sep 1975 21:32:10 GMT
ROS
pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/vsim.ua/ROS?rnd=0.7077329279990474&e=300x250_0%3A300x250%2C300x400%2B1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A12...
  • https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.7077329279990474&e=300x250_0%3A300x250%2C300x400%2B1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x...
569 B
979 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.7077329279990474&e=300x250_0%3A300x250%2C300x400%2B1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.25.2&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&gdpr=0&e_pubcid=e4cbb508-838b-4d89-b211-5ca63600410d
Protocol
H2
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
5048838007ff1b6b052c31125a8d0d0bfabac846c7b912d52592617acbf51397

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Tue, 22 Nov 2022 06:26:16 GMT
date
Tue, 22 Nov 2022 06:26:16 GMT
server
openresty
content-type
application/json
access-control-allow-origin
https://vsim.ua
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
569
x-sid
AMS-929

Redirect headers

date
Tue, 22 Nov 2022 06:26:16 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.7077329279990474&e=300x250_0%3A300x250%2C300x400%2B1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.25.2&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&gdpr=0&e_pubcid=e4cbb508-838b-4d89-b211-5ca63600410d
access-control-allow-origin
https://vsim.ua
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-929
/
ghb.adtelligent.com/v2/auction/ 		4 KB
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
a0855c0931f7c8f94b63adf01e7677232a5b226aaadb0fa67719a23f94df4020

Request headers

Referer
https://vsim.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 22 Nov 2022 06:26:15 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://vsim.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
518
translator
hbopenbid.pubmatic.com/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vsim.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vsim.ua
date
Tue, 22 Nov 2022 06:26:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://vsim.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://vsim.ua
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.2&cb=65509187749
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://vsim.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Nov 2022 06:26:15 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://vsim.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vsim.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vsim.ua
date
Tue, 22 Nov 2022 06:26:16 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
adreq
ads.servenobid.com/ 		537 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9242
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.129.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bd798a168344eb784763dd1165d66bc78ee6e6dcbf755715202f53bce07604b1

Request headers

Referer
https://vsim.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Nov 2022 06:26:16 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://vsim.ua
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		37 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=863026&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22379dc2df6b1c7e6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fvsim.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.25.2%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2238e46d1956228bb%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F45035109%2Fvsim_main_(300x250)%23div-gpt-ad-1591294340929-0%22%7D%7D%2C%7B%22id%22%3A%22398b7117e5bdda6%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F45035109%2F20minut_news8(1200x250)%23div-gpt-ad-1632837984961-0%22%7D%7D%2C%7B%22id%22%3A%224001b074dd589b8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F45035109%2F20minut_news9(1200x250)%23div-gpt-ad-1632838225160-0%22%7D%7D%2C%7B%22id%22%3A%224192669e314f70d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F45035109%2F20minut_news10(1200x250)%23div-gpt-ad-1632838267602-0%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e4cbb508-838b-4d89-b211-5ca63600410d%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3549afb22638fe468475f7d9e44afcca5039d53561562f8674a7405e4650985d

Request headers

Referer
https://vsim.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rML50jAVM3R2pYhBcUs0Rgfm%2FSobWhkdxlq5lQAP2l5jcr6%2BxkksfG6Q1VKZ2dg7Jm230Sblg5zRDizM3513BD%2FugdzjeIIJIoBjfrcGUjpW713Yz5RiftWEsMmdyx%2BGsx%2BZek%2Fm"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://vsim.ua
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76df97b25ab33607-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969ce4018383a88820acf8a0cd0028&pos=8a969ce4018383a88820acfb3bce002a&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
a03b866917d9e033936308f05ecdbc58de24a422e6f7e8742ecbc6c6041909fc

Request headers

Referer
https://vsim.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Nov 2022 06:26:16 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://vsim.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969ce4018383a88820acf8a0cd0028&pos=8a969ce4018383a88820acfb3bce002a&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
3b75921b41d4e07c85656f7276797a6a9e3b5982b64b5eaa1b9dbd5d2bfc7565

Request headers

Referer
https://vsim.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Nov 2022 06:26:16 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://vsim.ua
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969ce4018383a88820acf8a0cd0028&pos=8a969ce4018383a88820acfb3bce002a&cmd=bid&secure=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1e1a5d443d9d19fc1323f7a5702d6ee4d2f073e41295ecd58047613b3c229523

Request headers

Referer
https://vsim.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Nov 2022 06:26:16 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://vsim.ua
access-control-allow-credentials
true
content-length
62
bid
ap.lijit.com/rtb/ 		24 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.2
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
5e392727f47fa50895f18b65a045759516919adf27f08a487abd777bb9175c4b

Request headers

Referer
https://vsim.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 22 Nov 2022 06:26:16 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://vsim.ua
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
prebid.media.net/rtb/ 		311 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU816538
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
51a983a5a2989b0dcd2e3948e8e71ca170cc39ea8cec837c7e9249d819452b98

Request headers

Referer
https://vsim.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:16 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://vsim.ua
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Tue, 22 Nov 2022 06:26:16 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		320 B
855 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&gdpr=0&eid_pubcid.org=e4cbb508-838b-4d89-b211-5ca63600410d%5E1&rf=https%3A%2F%2Fvsim.ua%2F&tg_i.pbadslot=%2F45035109%2Fvsim_main_(300x250)%23div-gpt-ad-1591294340929-0&tk_flint=pbjs_lite_v6.25.2&x_source.tid=94eb4408-1f0a-42a6-a914-f407d83094ab&l_pb_bid_id=54108203cad1e5a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F45035109%2Fvsim_main_(300x250)%23div-gpt-ad-1591294340929-0&slots=1&rand=0.2989563896069014
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
98ff64ba49ed23c6e28c43ba615978cc239fbff88c46a57a601f505bf64131df

Request headers

Referer
https://vsim.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://vsim.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
320
expires
Wed, 17 Sep 1975 21:32:10 GMT
ruxaZoupmFj.png
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame CA4D 		323 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/ruxaZoupmFj.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe356901380b14%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff1c04a0c5f5f5dc%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
092cb8a7c234247243577529fa46f11c66216fb8c2b91a9e12d6bda73b739ed9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:16 GMT
x-content-type-options
nosniff
content-md5
mEtfkiuN8zERyZQcBN9jeg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
323
x-fb-rlafr
0
x-fb-debug
lqDgWjOGDCgqCGHLiEhZFo3F42901pXzlszpZcdgPuloe7JwNqlTW3nzz5I+PkI3RcRSDcb7p4RxUfJcIr8dWA==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 17 Nov 2023 01:23:18 GMT
981e2a0ec1c40493e59b139b8db4f728.gif
cs.admanmedia.com/ Frame E5A6 		0
0
getuid
eb2.3lift.com/ Frame 1621 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D738167%26extuid%3D%24UID
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19318/hbw_master_306660_6693.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://vsim.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 22 Nov 2022 06:26:16 GMT
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=46572021-51e9-4f95-8b06-bc9d5e4d73bf
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=46572021-51e9-4f95-8b06-bc9d5e4d73bf
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 06:26:16 GMT
Server
Adtelligent
Etag
e71afaf6c8f74ff0
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=46572021-51e9-4f95-8b06-bc9d5e4d73bf
date
Tue, 22 Nov 2022 06:26:16 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Nov 2022 06:26:16 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
0.bundle.js
cdn.gravitec.net/modules/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/modules/0.bundle.js
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Wed, 02 Feb 2022 09:06:29 GMT
date
Tue, 22 Nov 2022 06:26:16 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 09:01:35 GMT
server
nginx
etag
W/"61fa486f-2550"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=10
x-proxy-cache
HIT
1.bundle.js
cdn.gravitec.net/modules/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/modules/1.bundle.js
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Wed, 02 Feb 2022 09:06:29 GMT
date
Tue, 22 Nov 2022 06:26:16 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 09:01:35 GMT
server
nginx
etag
W/"61fa486f-8092"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=10
x-proxy-cache
REVALIDATED
Y9CijJOSg9l.js
static.xx.fbcdn.net/rsrc.php/v3ixCr4/yj/l/uk_UA/ Frame CA4D 		543 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ixCr4/yj/l/uk_UA/Y9CijJOSg9l.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe356901380b14%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff1c04a0c5f5f5dc%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed34fee3df772e1fb993af9b572618d33b8152e9997a52e23a53b987ce22458e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9sEBSLAmJuo5l2Vdg3jkBA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
145920
x-fb-rlafr
0
x-fb-debug
A1OW1hDxLv8sQOTiuTG4QekFOMmw3S2RPnnF9wfLgbqw69UkTdTbz4W/vYrPRmhccGgxY7xq0xQA9+9YyrjwCQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 17 Nov 2023 04:13:40 GMT
lato.woff2
cdn.gravitec.net/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/fonts/lato.woff2
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Request headers

Referer
https://vsim.ua/
Origin
https://vsim.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Wed, 02 Feb 2022 09:06:28 GMT
date
Tue, 22 Nov 2022 06:26:16 GMT
last-modified
Wed, 02 Feb 2022 09:01:35 GMT
server
nginx
etag
"61fa486f-36dc"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=10
accept-ranges
bytes
content-length
14044
x-proxy-cache
HIT
sourcesanspro.woff2
cdn.gravitec.net/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/fonts/sourcesanspro.woff2
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441

Request headers

Referer
https://vsim.ua/
Origin
https://vsim.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Wed, 02 Feb 2022 09:06:29 GMT
date
Tue, 22 Nov 2022 06:26:16 GMT
last-modified
Wed, 02 Feb 2022 09:01:35 GMT
server
nginx
etag
"61fa486f-1e44"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=10
accept-ranges
bytes
content-length
7748
x-proxy-cache
HIT
/
www.facebook.com/tr/ Frame 5FEB 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://vsim.ua
Referer
https://vsim.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://vsim.ua
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 06:26:16 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
362437226.jpeg
cdn.gravitec.net/images/users/1651162056492056576/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.gravitec.net/images/users/1651162056492056576/362437226.jpeg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
4a7ba87ff08127253564f6d997be58f8e11109edf659f6677f6af8f8459a69d7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Tue, 22 Nov 2022 06:26:16 GMT
last-modified
Wed, 05 Feb 2020 13:46:42 GMT
server
nginx
etag
"5e3ac742-e67"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
3687
x-proxy-cache
HIT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=vsim.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=vsim.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		172 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2703842664179630&correlator=1641918484849491&eid=31070950&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=45035109%2Cvsim_main_(300x250)%2C20minut_news8(1200x250)%2C20minut_news9(1200x250)%2C20minut_news10(1200x250)&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=300x250%7C300x400%2C1200x250%7C1200x400%2C1200x250%7C1200x400%2C1200x250%7C1200x400&ifi=1&adks=978356717%2C2483578089%2C4059114074%2C1842437250&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Ccity_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Ccity_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Ccity_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1669098376414&lmt=1669098376&dlt=1669098374104&idt=1603&adxs=1092%2C204%2C204%2C204&adys=228%2C2021%2C6227%2C7878&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvsim.ua%2F&frm=20&vis=1&psz=300x0%7C1192x250%7C1192x250%7C1192x250&msz=300x0%7C1200x250%7C1200x250%7C1200x250&fws=4%2C4%2C4%2C4&ohw=300%2C1192%2C1192%2C1192&ga_vid=329870092.1669098376&ga_sid=1669098376&ga_hid=1795060305&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73b6bc30a060a359ef816e7d8a238cc25d76e29219fb9bbcc309052a1ff568cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33234
x-xss-protection
0
google-lineitem-id
-1,6156913643,6144328779,6149125391
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138412956049,138413169234,138411031658
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vsim.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
958c1e6db18a0ed88138d11fa821ec43f9e0439aa76f6179232bab438c7fca1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11258
x-xss-protection
0
container.html
3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6324 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vsim.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 06:26:16 GMT
expires
Wed, 22 Nov 2023 06:26:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 06:26:18 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 073C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUbG0qKKaTzNojn1XelLCmtowbhKXUNJSQSQfyGucLlUE420ADS4t1mEe49AccdsiejKTmu_XBX2PQQF8I1NuCWv08Ak6ICMBna7NSAjFODjcYMRmsVWtFcFy1qrte96kKALt1_0OAQ7bxcXPhutUqwKDvoMfwiAg6WTEmBV3mzXiHkaexMfAd1MNvQOzYVf9XQvHWR9DQR6t_w3yV7HJ_9izm5xs-Dnh8casWodYCKOtkzye8TsAyfu6wbxsLu4tlJiUdy-2vaK702gUUdkCH_Pd89JIzeZxGjMCQtT7rvDZwbZehkhWOgOQ47wFdV-IIFYk&sai=AMfl-YS0uLrWgltvykIj-grG8mR9qdTGOvaERCow-DJ9TYFsI0la1mUhiiErH0pVRz2leAZL2Lqcy9S4GtACHnIpWehBEvQPTdagbiByApBFiORIASdImx5c3jT5BiVS7NsqY4ky1EBQXkXxw7wnLbnjU8o&sig=Cg0ArKJSzOAwdb4kyRNFEAE&uach_m=[UACH]&adurl=
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 22 Nov 2022 06:26:16 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 073C 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 14:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
57115
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Dec 2022 14:34:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 073C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 14:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
57115
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Dec 2022 14:34:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 073C 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 06:26:17 GMT
834750850072511048
tpc.googlesyndication.com/simgad/ Frame 073C 		399 KB
399 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/834750850072511048
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
393a326c8895b4742406ce29bd0726009f57ef27e189146bb692b1d18d0e9ced
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:17 GMT
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
408355
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 09:08:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 22 Nov 2023 06:26:17 GMT
container.html
3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D2BC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vsim.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 06:26:16 GMT
expires
Wed, 22 Nov 2023 06:26:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 073C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6876f756038af6a0fbd5b5f564fe5c893098006abf3d891f81c52e7ef69c609b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9A85 		624 B
307 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYp8SmQjAB&v=APEucNW_VeYAQG9KxJ7oqx1Tb-OiE8M419eb1-CVENlTaNN5mt7s_b6-oIothGAuYQa1NHy3jvIZjBI53i9HMsJdBahzVGqcwa3FznHExdv7ZMfdO2AvKt9BnS0DgXfK1n2HJG7N4ZRcRRan_8DG1AtKA_UJX9_fRS42t-gubQ-xIgKa92y3x0c
Requested by
Host: 3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com
URL: https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 06:26:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame D2BC 		80 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ClfQMajV7PqVB85hSRRnvWMA4ZiIzB0vo6H_jwxmuy9SICsR8NhGAOkvoEn3GQ6x805gWcT1M675MSC4P8uANfqWLFpg&cry=1&dbm_d=AKAmf-C7GV1SE7XtXTKhqtx0fAmD7Xjx67y8eMbp1ciOD6nPGBegI7V3ep7tOjAgZBsp4HvGLxvKZZK063pg-s54HEMHHXHWLosa2WnaG6zSG_ACdMNY7Ys-hii-hZrIClXnYHznprDx5meSmcKfouQIwqBWrDt-iRtSkxw2IjEx4FsBgE67Kz2HTMi3QYu9zmeesauSMOIYiSL7UbxjHyMUmI0DYWx_JA6yvEuXke0IJcy2tzz_2RrtbB24zvfyJAhR9CE9mSaOfnFbfk0ne3kPev98BZj4hOyATsCLy_pUjVtl2n1Gc4P4rOvDv8QTyUO7CnZofcW6cM9K7jSkJ7IkZPegi7-DOWjHFheiN5F3iN1KVAR2MuefhxFd4SP5bYkTfJ6BwH5a8xBCtzNTiATSO7Tqd2OQQHoxMj2o08wnkM9QV7exeFxlHakMhxXlvi76oUOnU7f7qcQg70qdDPhimipxvB2R9kRg5qqO9Gb-4lpn09B03LSQTxgjbH4Hv7CQrol8vJZGYuPNM8-mgQ6WImDkGsKksL-yyeTyGMCymbfQ7En6aLF0qfZnjWE1BrIxw_0oK3x6mjS3jbLmT67n3uMga5kTOxhS8-MDj0lrGtkiXcSeH3RYduuruP_oHZ9QupzuAczM-fHYAnbld3Apx7DiQ30VXsuSUbYLVT5yyHgMUv7_wc5vunk87JRvlm-s6Z_46nnZPYsaRVQmejcrZ7mJ4AEJS3M8jgljjjd1_z5Zc_yK_bIKCazy3181O79_SIlP8Ep8NLd7IhuSYYsUc0p-j97ErvW1lRYx92-cXsLdAyGABem3-i3BESawSTICrHwFpv2zWCJdXmDauX9up0h7QuYexXJvUtGV--TeXBaVHGiiyrfvz_0nEXQmSdgX3fc0Uuvtd8Jnr_ZecxvdI4nx0nqpWjzRWrv4uM29mVPDWpF9Tk_hxJdn1tq51fFce8DJrFO7rhUIxyFpwxTDwTthSz0VqJ4cEGrIswoJPwyiN-Vrhg1qMedFNvGF3NMTvGYWhf8uZGAcG_n8_Pcl14hbjLSbeKb7vWBgZJ07TufwyccQNQtS-eSrKE1TOBG1UqQ1Z13MhLZYO5W0zUGGNJEgcFKxvWGAXonEDTXBs0Qz1tBl5eGcJli8KmjkmuLoaXVggakD8iy1toLKkKVQeyucF3RzYe5g1AtxcA398-FDRO_1fPFrlwP743ESCbUadQGtwBGwHtBY3NeMAjyNiO-_278-NbvNWJXTVxk_pHYlcTh6QWD4a3MioUDVObYRyOXte6R7fYNYwQzGuus60bV0z7pp1tg87_OkId8E_fbAU2jpGaPmJ8jNQx6m7O5WAcAldPNw-rHqp-fBys1c2WZhPpRV6G3CKC6gVnAsYtEHdN31pOZAtxKlF00RgPUS9mJLuQg6NQsxTaP-RaNv-eq-mjO0OLA94Ic0NLW43M6CmVwtzrL4GOVBekacDjiYQUXCoGE7u3n3qW_l-pT8C7ImmAZS6glczaM95wwm1sbLEADskRyAqWb9p8H8VoYXY1D1p7nklWZCjUYdHkmPrO3xnSF00IZChla4GsZ-wMpfhVClYOixa9xGel8AsuLej76Q9MWN0AjHa42WmOEOVHcxAt0CCcFRjS38_d_BT7Zz9dKKloogc3dHtQOVGf97Zh-z51LkJko3iDp6R_jjxTcBG3HiKvJd0nqAXtncJ-rS4Vv_B0JRhL-WJ1qj3sdP8D-gq7QfLgV06fqvJfXF_AyRQslV0lVRH7EIt5-fkUPNQGQEMnQucO6FBXYPpjLA7Nfx-Kuie0a6OuZQX3zrG66Pbhi_97N5ak7ZRpmRZw4U66ygkyQDqZCepQuv8ZfY-fRj4RrwN3hIDxgb8G96UhLjHbd0VKJWsRmB_Azbdf1ShnkE5WAnHXY_Ybon877wBJcHEle0tFPcDVDDX7MT4E--ys9UNtF1y6eGhUXQDhFe0_lp7cP8P0JvkpDF7gYANHP60zpsMUuzv4WxIYXKaMNLVQONv-InmLySZfjCPjZJ39ZipEho9ygusNKY0LdQH3fjnTAlaT8FN3hIyhRbUn1Y-GyIelddKDk-H5Qknw0d_bWGubyvAMcHGhm4jEoMqR3CWkjhOHp6mjswP9jcQ_csAImDe9p4lBfsNxsvlNn3seezf3A4BP18R40C0WKlsiFFJkcXSt3pyaSzR8qFHAUXIY_4kw9hBMJI_YxiwwxdEquNTXDs0qlWqcjaSt5Pa56TKSMR1GL2ntMIoWTQoOYvK-Dg_i6hPgy4LKhyKXDd9FiyAyBQbuL1C_sOqpPUe1CPRcmYRTA7yMIZKS_1xilw0v9zRQ4I-RuIr_GSqGM0Ff7PipPmQ9iEGAd6VmSL6JXqGXGECNv9BW1poOA3HT1ch1o90WGv421zg7XrDRKLULoCZ-3g7fypXIRODZuqTonNVdAft48E8roUCarY_Wbae3pUj3WEORmtvUqQqLYuTWo-MRcmjQuH_QDmkfkmMeOcBe2IachheVn4TKIAs2QenRTNf0UwKBfAhpOZliD6SOuEXGM5IAo64RxJWkvcS4uWAExlyvocDEpIWvhdjsz6kETZsVQhywZ5YkY3SFiRDAuY92qje0Z8643uDmmMntvnF5HOgQQ9bShvHaCg_wCVJTxiaa7JanoUyO7Kir_k0Xh_pfh10Tw30NVOH6deqdxW3ZWVPPcTEIV3SPViTchi4sQPOJgj1v2S1lRDKJNh085HG0Wn-5acLE-87SigGSBszJoRunB4afUM6H1w3URVnBpsoVhCRe7c_Z3uMLU_tmSzWLAbKs43npQkSFqndjlVW0yY4Qzz5p64td5nP321eR5a9ZA8rrXgXwMBAxzUw8KoLTFR3n9G-8SLAhfagiXf9KD15-5BmA0KeixUT6Ah038JZRsylw9RkV8KbX1z5-6UmeepObQlUaCdJ2jo1xntcXhOeoeBYQETu4eN1lX0rWRUpJa1-C19aXttKRsZ8Rbu135YQwxn_vdqnf-hOwiwdUoa2VfIc8zcfAv0fXOlDRoBgdPz9slisDXZ7SjzhcSZDeNb-TssKGymIxg0CSes5btTcH61tgJF6Zb0iDEoUq-SVbY0EXgg90DhhlvtdMUmOMW3mBCfmOlZqNFXY-Kles-UsMX4uobL0oZ0MQVVfqr2zAsWoDhR4xSHC6wJ7Uw6P8q5ODShX6f_2C_GAfb5cb4OfZaG8AHOvJzJ3ot4rKOe6u6jTLp3uQC27KvBFwQSn4mCWZ7E2oXWUTxDr1B7VLQU7MkPify2yi-G31BoePhwzsBfI2L9wCES9rjtsAsULSO7fuxKgkCu9NITFVAOPN4si3jMBS7PLPe-Ct9qVHN0hHsjwb94P4BW7sxY6aGCOK4&cid=CAQSTADq26N9CwTAYyX0CEut_jeGfkOtHjC3lHewkrVO2d24Jxgo-Zvrr6fDkMLoqnYNYf9qRF_CbSqgASaomernL1hKrHsteuf1T2xA31EYASAT&rfl=1%2Chttps%253A%252F%252Fvsim.ua%252F%240
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5cae1429ecba78b4197cb86f1d38898919f3b18ae0ba86aeee9d471b63fd554
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34849
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D2BC 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A0RkcoKi2LYwXwVa1GtQncLrQxKHlJQ6S4UZT2wImA_0xcEJJtrAaopD3k12lawvbcx83XI5UfV0eyBMYMbiuMh54OigtBeWin3zs1gTaQpJTjXQQ
Requested by
Host: 3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com
URL: https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame D2BC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com
URL: https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 14:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
57116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Dec 2022 14:34:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame D2BC 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com
URL: https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 15:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
53432
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Dec 2022 15:35:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D2BC 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com
URL: https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 06:26:17 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 073C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0EpS1WPMMLIxojm1hL-tro17dTDObvvme0oYl85jKfSba57sEc5fhEJ7Mze5s4lyTwv0M0Kn64qTQvk1eirGkcto82i_DivapZpg_FQXkuW82Q1dzF7Ou8Ri4Rl0n0urRRAWnIVY253gGTtSB1m5CgzxCFtg_-498wDVHE2rtPjPZVN-wUoMJhP0flzD3pQOPgqebfom_xCUGV46FABKO2MbfycaNsHnPXRiBCBP0uA6FmGpWOuGSu5Fkvg7gZ69_ixzhrd03QeMdOTmfb90MVKd_7YPe8LleAiA3_zJRgBZCg61qT1gE5MhAmii0VUv8C61pIQ&sai=AMfl-YSVX3eK4Bg2kqtTsL54FFcnD4qep2bJmoPLHAEJCTymEK_PKuQqzvF7YSLBVL5NKmesZvAiIZOFHErE77i4JuTPoPoko3eg_aK70UZCfFy9Hcts25Ltvdy7dnQAcvAJnziBoABAsW7in5k6uJPEuso&sig=Cg0ArKJSzCnA9lTQoirVEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 22 Nov 2022 06:26:17 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame D2BC 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/
Origin
https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 08:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78497
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Nov 2022 08:38:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame D2BC 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ClfQMajV7PqVB85hSRRnvWMA4ZiIzB0vo6H_jwxmuy9SICsR8NhGAOkvoEn3GQ6x805gWcT1M675MSC4P8uANfqWLFpg&cry=1&dbm_d=AKAmf-C7GV1SE7XtXTKhqtx0fAmD7Xjx67y8eMbp1ciOD6nPGBegI7V3ep7tOjAgZBsp4HvGLxvKZZK063pg-s54HEMHHXHWLosa2WnaG6zSG_ACdMNY7Ys-hii-hZrIClXnYHznprDx5meSmcKfouQIwqBWrDt-iRtSkxw2IjEx4FsBgE67Kz2HTMi3QYu9zmeesauSMOIYiSL7UbxjHyMUmI0DYWx_JA6yvEuXke0IJcy2tzz_2RrtbB24zvfyJAhR9CE9mSaOfnFbfk0ne3kPev98BZj4hOyATsCLy_pUjVtl2n1Gc4P4rOvDv8QTyUO7CnZofcW6cM9K7jSkJ7IkZPegi7-DOWjHFheiN5F3iN1KVAR2MuefhxFd4SP5bYkTfJ6BwH5a8xBCtzNTiATSO7Tqd2OQQHoxMj2o08wnkM9QV7exeFxlHakMhxXlvi76oUOnU7f7qcQg70qdDPhimipxvB2R9kRg5qqO9Gb-4lpn09B03LSQTxgjbH4Hv7CQrol8vJZGYuPNM8-mgQ6WImDkGsKksL-yyeTyGMCymbfQ7En6aLF0qfZnjWE1BrIxw_0oK3x6mjS3jbLmT67n3uMga5kTOxhS8-MDj0lrGtkiXcSeH3RYduuruP_oHZ9QupzuAczM-fHYAnbld3Apx7DiQ30VXsuSUbYLVT5yyHgMUv7_wc5vunk87JRvlm-s6Z_46nnZPYsaRVQmejcrZ7mJ4AEJS3M8jgljjjd1_z5Zc_yK_bIKCazy3181O79_SIlP8Ep8NLd7IhuSYYsUc0p-j97ErvW1lRYx92-cXsLdAyGABem3-i3BESawSTICrHwFpv2zWCJdXmDauX9up0h7QuYexXJvUtGV--TeXBaVHGiiyrfvz_0nEXQmSdgX3fc0Uuvtd8Jnr_ZecxvdI4nx0nqpWjzRWrv4uM29mVPDWpF9Tk_hxJdn1tq51fFce8DJrFO7rhUIxyFpwxTDwTthSz0VqJ4cEGrIswoJPwyiN-Vrhg1qMedFNvGF3NMTvGYWhf8uZGAcG_n8_Pcl14hbjLSbeKb7vWBgZJ07TufwyccQNQtS-eSrKE1TOBG1UqQ1Z13MhLZYO5W0zUGGNJEgcFKxvWGAXonEDTXBs0Qz1tBl5eGcJli8KmjkmuLoaXVggakD8iy1toLKkKVQeyucF3RzYe5g1AtxcA398-FDRO_1fPFrlwP743ESCbUadQGtwBGwHtBY3NeMAjyNiO-_278-NbvNWJXTVxk_pHYlcTh6QWD4a3MioUDVObYRyOXte6R7fYNYwQzGuus60bV0z7pp1tg87_OkId8E_fbAU2jpGaPmJ8jNQx6m7O5WAcAldPNw-rHqp-fBys1c2WZhPpRV6G3CKC6gVnAsYtEHdN31pOZAtxKlF00RgPUS9mJLuQg6NQsxTaP-RaNv-eq-mjO0OLA94Ic0NLW43M6CmVwtzrL4GOVBekacDjiYQUXCoGE7u3n3qW_l-pT8C7ImmAZS6glczaM95wwm1sbLEADskRyAqWb9p8H8VoYXY1D1p7nklWZCjUYdHkmPrO3xnSF00IZChla4GsZ-wMpfhVClYOixa9xGel8AsuLej76Q9MWN0AjHa42WmOEOVHcxAt0CCcFRjS38_d_BT7Zz9dKKloogc3dHtQOVGf97Zh-z51LkJko3iDp6R_jjxTcBG3HiKvJd0nqAXtncJ-rS4Vv_B0JRhL-WJ1qj3sdP8D-gq7QfLgV06fqvJfXF_AyRQslV0lVRH7EIt5-fkUPNQGQEMnQucO6FBXYPpjLA7Nfx-Kuie0a6OuZQX3zrG66Pbhi_97N5ak7ZRpmRZw4U66ygkyQDqZCepQuv8ZfY-fRj4RrwN3hIDxgb8G96UhLjHbd0VKJWsRmB_Azbdf1ShnkE5WAnHXY_Ybon877wBJcHEle0tFPcDVDDX7MT4E--ys9UNtF1y6eGhUXQDhFe0_lp7cP8P0JvkpDF7gYANHP60zpsMUuzv4WxIYXKaMNLVQONv-InmLySZfjCPjZJ39ZipEho9ygusNKY0LdQH3fjnTAlaT8FN3hIyhRbUn1Y-GyIelddKDk-H5Qknw0d_bWGubyvAMcHGhm4jEoMqR3CWkjhOHp6mjswP9jcQ_csAImDe9p4lBfsNxsvlNn3seezf3A4BP18R40C0WKlsiFFJkcXSt3pyaSzR8qFHAUXIY_4kw9hBMJI_YxiwwxdEquNTXDs0qlWqcjaSt5Pa56TKSMR1GL2ntMIoWTQoOYvK-Dg_i6hPgy4LKhyKXDd9FiyAyBQbuL1C_sOqpPUe1CPRcmYRTA7yMIZKS_1xilw0v9zRQ4I-RuIr_GSqGM0Ff7PipPmQ9iEGAd6VmSL6JXqGXGECNv9BW1poOA3HT1ch1o90WGv421zg7XrDRKLULoCZ-3g7fypXIRODZuqTonNVdAft48E8roUCarY_Wbae3pUj3WEORmtvUqQqLYuTWo-MRcmjQuH_QDmkfkmMeOcBe2IachheVn4TKIAs2QenRTNf0UwKBfAhpOZliD6SOuEXGM5IAo64RxJWkvcS4uWAExlyvocDEpIWvhdjsz6kETZsVQhywZ5YkY3SFiRDAuY92qje0Z8643uDmmMntvnF5HOgQQ9bShvHaCg_wCVJTxiaa7JanoUyO7Kir_k0Xh_pfh10Tw30NVOH6deqdxW3ZWVPPcTEIV3SPViTchi4sQPOJgj1v2S1lRDKJNh085HG0Wn-5acLE-87SigGSBszJoRunB4afUM6H1w3URVnBpsoVhCRe7c_Z3uMLU_tmSzWLAbKs43npQkSFqndjlVW0yY4Qzz5p64td5nP321eR5a9ZA8rrXgXwMBAxzUw8KoLTFR3n9G-8SLAhfagiXf9KD15-5BmA0KeixUT6Ah038JZRsylw9RkV8KbX1z5-6UmeepObQlUaCdJ2jo1xntcXhOeoeBYQETu4eN1lX0rWRUpJa1-C19aXttKRsZ8Rbu135YQwxn_vdqnf-hOwiwdUoa2VfIc8zcfAv0fXOlDRoBgdPz9slisDXZ7SjzhcSZDeNb-TssKGymIxg0CSes5btTcH61tgJF6Zb0iDEoUq-SVbY0EXgg90DhhlvtdMUmOMW3mBCfmOlZqNFXY-Kles-UsMX4uobL0oZ0MQVVfqr2zAsWoDhR4xSHC6wJ7Uw6P8q5ODShX6f_2C_GAfb5cb4OfZaG8AHOvJzJ3ot4rKOe6u6jTLp3uQC27KvBFwQSn4mCWZ7E2oXWUTxDr1B7VLQU7MkPify2yi-G31BoePhwzsBfI2L9wCES9rjtsAsULSO7fuxKgkCu9NITFVAOPN4si3jMBS7PLPe-Ct9qVHN0hHsjwb94P4BW7sxY6aGCOK4&cid=CAQSTADq26N9CwTAYyX0CEut_jeGfkOtHjC3lHewkrVO2d24Jxgo-Zvrr6fDkMLoqnYNYf9qRF_CbSqgASaomernL1hKrHsteuf1T2xA31EYASAT&rfl=1%2Chttps%253A%252F%252Fvsim.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 15:50:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
52545
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Dec 2022 15:50:32 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame D2BC 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ClfQMajV7PqVB85hSRRnvWMA4ZiIzB0vo6H_jwxmuy9SICsR8NhGAOkvoEn3GQ6x805gWcT1M675MSC4P8uANfqWLFpg&cry=1&dbm_d=AKAmf-C7GV1SE7XtXTKhqtx0fAmD7Xjx67y8eMbp1ciOD6nPGBegI7V3ep7tOjAgZBsp4HvGLxvKZZK063pg-s54HEMHHXHWLosa2WnaG6zSG_ACdMNY7Ys-hii-hZrIClXnYHznprDx5meSmcKfouQIwqBWrDt-iRtSkxw2IjEx4FsBgE67Kz2HTMi3QYu9zmeesauSMOIYiSL7UbxjHyMUmI0DYWx_JA6yvEuXke0IJcy2tzz_2RrtbB24zvfyJAhR9CE9mSaOfnFbfk0ne3kPev98BZj4hOyATsCLy_pUjVtl2n1Gc4P4rOvDv8QTyUO7CnZofcW6cM9K7jSkJ7IkZPegi7-DOWjHFheiN5F3iN1KVAR2MuefhxFd4SP5bYkTfJ6BwH5a8xBCtzNTiATSO7Tqd2OQQHoxMj2o08wnkM9QV7exeFxlHakMhxXlvi76oUOnU7f7qcQg70qdDPhimipxvB2R9kRg5qqO9Gb-4lpn09B03LSQTxgjbH4Hv7CQrol8vJZGYuPNM8-mgQ6WImDkGsKksL-yyeTyGMCymbfQ7En6aLF0qfZnjWE1BrIxw_0oK3x6mjS3jbLmT67n3uMga5kTOxhS8-MDj0lrGtkiXcSeH3RYduuruP_oHZ9QupzuAczM-fHYAnbld3Apx7DiQ30VXsuSUbYLVT5yyHgMUv7_wc5vunk87JRvlm-s6Z_46nnZPYsaRVQmejcrZ7mJ4AEJS3M8jgljjjd1_z5Zc_yK_bIKCazy3181O79_SIlP8Ep8NLd7IhuSYYsUc0p-j97ErvW1lRYx92-cXsLdAyGABem3-i3BESawSTICrHwFpv2zWCJdXmDauX9up0h7QuYexXJvUtGV--TeXBaVHGiiyrfvz_0nEXQmSdgX3fc0Uuvtd8Jnr_ZecxvdI4nx0nqpWjzRWrv4uM29mVPDWpF9Tk_hxJdn1tq51fFce8DJrFO7rhUIxyFpwxTDwTthSz0VqJ4cEGrIswoJPwyiN-Vrhg1qMedFNvGF3NMTvGYWhf8uZGAcG_n8_Pcl14hbjLSbeKb7vWBgZJ07TufwyccQNQtS-eSrKE1TOBG1UqQ1Z13MhLZYO5W0zUGGNJEgcFKxvWGAXonEDTXBs0Qz1tBl5eGcJli8KmjkmuLoaXVggakD8iy1toLKkKVQeyucF3RzYe5g1AtxcA398-FDRO_1fPFrlwP743ESCbUadQGtwBGwHtBY3NeMAjyNiO-_278-NbvNWJXTVxk_pHYlcTh6QWD4a3MioUDVObYRyOXte6R7fYNYwQzGuus60bV0z7pp1tg87_OkId8E_fbAU2jpGaPmJ8jNQx6m7O5WAcAldPNw-rHqp-fBys1c2WZhPpRV6G3CKC6gVnAsYtEHdN31pOZAtxKlF00RgPUS9mJLuQg6NQsxTaP-RaNv-eq-mjO0OLA94Ic0NLW43M6CmVwtzrL4GOVBekacDjiYQUXCoGE7u3n3qW_l-pT8C7ImmAZS6glczaM95wwm1sbLEADskRyAqWb9p8H8VoYXY1D1p7nklWZCjUYdHkmPrO3xnSF00IZChla4GsZ-wMpfhVClYOixa9xGel8AsuLej76Q9MWN0AjHa42WmOEOVHcxAt0CCcFRjS38_d_BT7Zz9dKKloogc3dHtQOVGf97Zh-z51LkJko3iDp6R_jjxTcBG3HiKvJd0nqAXtncJ-rS4Vv_B0JRhL-WJ1qj3sdP8D-gq7QfLgV06fqvJfXF_AyRQslV0lVRH7EIt5-fkUPNQGQEMnQucO6FBXYPpjLA7Nfx-Kuie0a6OuZQX3zrG66Pbhi_97N5ak7ZRpmRZw4U66ygkyQDqZCepQuv8ZfY-fRj4RrwN3hIDxgb8G96UhLjHbd0VKJWsRmB_Azbdf1ShnkE5WAnHXY_Ybon877wBJcHEle0tFPcDVDDX7MT4E--ys9UNtF1y6eGhUXQDhFe0_lp7cP8P0JvkpDF7gYANHP60zpsMUuzv4WxIYXKaMNLVQONv-InmLySZfjCPjZJ39ZipEho9ygusNKY0LdQH3fjnTAlaT8FN3hIyhRbUn1Y-GyIelddKDk-H5Qknw0d_bWGubyvAMcHGhm4jEoMqR3CWkjhOHp6mjswP9jcQ_csAImDe9p4lBfsNxsvlNn3seezf3A4BP18R40C0WKlsiFFJkcXSt3pyaSzR8qFHAUXIY_4kw9hBMJI_YxiwwxdEquNTXDs0qlWqcjaSt5Pa56TKSMR1GL2ntMIoWTQoOYvK-Dg_i6hPgy4LKhyKXDd9FiyAyBQbuL1C_sOqpPUe1CPRcmYRTA7yMIZKS_1xilw0v9zRQ4I-RuIr_GSqGM0Ff7PipPmQ9iEGAd6VmSL6JXqGXGECNv9BW1poOA3HT1ch1o90WGv421zg7XrDRKLULoCZ-3g7fypXIRODZuqTonNVdAft48E8roUCarY_Wbae3pUj3WEORmtvUqQqLYuTWo-MRcmjQuH_QDmkfkmMeOcBe2IachheVn4TKIAs2QenRTNf0UwKBfAhpOZliD6SOuEXGM5IAo64RxJWkvcS4uWAExlyvocDEpIWvhdjsz6kETZsVQhywZ5YkY3SFiRDAuY92qje0Z8643uDmmMntvnF5HOgQQ9bShvHaCg_wCVJTxiaa7JanoUyO7Kir_k0Xh_pfh10Tw30NVOH6deqdxW3ZWVPPcTEIV3SPViTchi4sQPOJgj1v2S1lRDKJNh085HG0Wn-5acLE-87SigGSBszJoRunB4afUM6H1w3URVnBpsoVhCRe7c_Z3uMLU_tmSzWLAbKs43npQkSFqndjlVW0yY4Qzz5p64td5nP321eR5a9ZA8rrXgXwMBAxzUw8KoLTFR3n9G-8SLAhfagiXf9KD15-5BmA0KeixUT6Ah038JZRsylw9RkV8KbX1z5-6UmeepObQlUaCdJ2jo1xntcXhOeoeBYQETu4eN1lX0rWRUpJa1-C19aXttKRsZ8Rbu135YQwxn_vdqnf-hOwiwdUoa2VfIc8zcfAv0fXOlDRoBgdPz9slisDXZ7SjzhcSZDeNb-TssKGymIxg0CSes5btTcH61tgJF6Zb0iDEoUq-SVbY0EXgg90DhhlvtdMUmOMW3mBCfmOlZqNFXY-Kles-UsMX4uobL0oZ0MQVVfqr2zAsWoDhR4xSHC6wJ7Uw6P8q5ODShX6f_2C_GAfb5cb4OfZaG8AHOvJzJ3ot4rKOe6u6jTLp3uQC27KvBFwQSn4mCWZ7E2oXWUTxDr1B7VLQU7MkPify2yi-G31BoePhwzsBfI2L9wCES9rjtsAsULSO7fuxKgkCu9NITFVAOPN4si3jMBS7PLPe-Ct9qVHN0hHsjwb94P4BW7sxY6aGCOK4&cid=CAQSTADq26N9CwTAYyX0CEut_jeGfkOtHjC3lHewkrVO2d24Jxgo-Zvrr6fDkMLoqnYNYf9qRF_CbSqgASaomernL1hKrHsteuf1T2xA31EYASAT&rfl=1%2Chttps%253A%252F%252Fvsim.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 15:51:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
52500
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Dec 2022 15:51:17 GMT
rum
dsum-sec.casalemedia.com/ Frame 9A85
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECTiWKOs9QJ8U09j4oOiRt8&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECTiWKOs9QJ8U09j4oOiRt8&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECTiWKOs9QJ8U09j4oOiRt8&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYp8SmQjAB&v=APEucNW_VeYAQG9KxJ7oqx1Tb-OiE8M419eb1-CVENlTaNN5mt7s_b6-oIothGAuYQa1NHy3jvIZjBI53i9HMsJdBahzVGqcwa3FznHExdv7ZMfdO2AvKt9BnS0DgXfK1n2HJG7N4ZRcRRan_8DG1AtKA_UJX9_fRS42t-gubQ-xIgKa92y3x0c
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESECTiWKOs9QJ8U09j4oOiRt8&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 9A85
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y3xriXKz9flSJU7JTR71JQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECTiWKOs9QJ8U09j4oOiRt8&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECTiWKOs9QJ8U09j4oOiRt8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYp8SmQjAB&v=APEucNW_VeYAQG9KxJ7oqx1Tb-OiE8M419eb1-CVENlTaNN5mt7s_b6-oIothGAuYQa1NHy3jvIZjBI53i9HMsJdBahzVGqcwa3FznHExdv7ZMfdO2AvKt9BnS0DgXfK1n2HJG7N4ZRcRRan_8DG1AtKA_UJX9_fRS42t-gubQ-xIgKa92y3x0c
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECTiWKOs9QJ8U09j4oOiRt8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 9A85
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELOIxHSVcUWl2ArLFKEoSnc&google_cver=1
43 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELOIxHSVcUWl2ArLFKEoSnc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYp8SmQjAB&v=APEucNW_VeYAQG9KxJ7oqx1Tb-OiE8M419eb1-CVENlTaNN5mt7s_b6-oIothGAuYQa1NHy3jvIZjBI53i9HMsJdBahzVGqcwa3FznHExdv7ZMfdO2AvKt9BnS0DgXfK1n2HJG7N4ZRcRRan_8DG1AtKA_UJX9_fRS42t-gubQ-xIgKa92y3x0c
Protocol
HTTP/1.1
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:17 GMT
AN-X-Request-Uuid
119bbe8d-cfe4-46a1-8b7b-3accdf05b9fc
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.99; 217.138.196.99; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELOIxHSVcUWl2ArLFKEoSnc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9A85
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk1NjU4OTYzNjc5MzM4OTg2NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk1NjU4OTYzNjc5MzM4OTg2NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYp8SmQjAB&v=APEucNW_VeYAQG9KxJ7oqx1Tb-OiE8M419eb1-CVENlTaNN5mt7s_b6-oIothGAuYQa1NHy3jvIZjBI53i9HMsJdBahzVGqcwa3FznHExdv7ZMfdO2AvKt9BnS0DgXfK1n2HJG7N4ZRcRRan_8DG1AtKA_UJX9_fRS42t-gubQ-xIgKa92y3x0c
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:17 GMT
AN-X-Request-Uuid
eb01b8b1-cb42-4b12-abdb-10535c9d3e04
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk1NjU4OTYzNjc5MzM4OTg2NQ%3D%3D
Connection
keep-alive
X-Proxy-Origin
217.138.196.99; 217.138.196.99; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D2BC 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com
URL: https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 21:12:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33256
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Nov 2023 21:12:01 GMT
truncated
/ Frame D2BC 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b46415d4c7062555023e1136680dad462d3d5c66a0fcea388707906288638c0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AF62 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
553613
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Nov 2022 20:39:24 GMT
expires
Wed, 15 Nov 2023 20:39:24 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
multitracking
ghb.adtelligent.com/adunit/ 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19318/hbw_master_306660_6693.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vsim.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://vsim.ua
Date
Tue, 22 Nov 2022 06:26:16 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame AF62 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 19:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Nov 2023 19:05:41 GMT
index.html
s0.2mdn.net/sadbundle/12702559889867613319/ Frame 5351 		105 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12702559889867613319/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8698e0af340a8d0d5fcb29c4926c8a0fa99ec23afac95d7aa3c3ab95ed546ca0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
399038
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22371
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 15:35:39 GMT
expires
Fri, 17 Nov 2023 15:35:39 GMT
last-modified
Wed, 08 Dec 2021 14:13:11 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D2BC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWfxUePi-UKWK80YKLxkxEhNcQy5JZtt_E2hJbY8b7HeLftMxxt7tzkfQTEgiZML5joVvRM8Wimj-VxuNMaA1QJ2oMo5iXjau8Yi5sGY81r-uYWU2aXPVzUdeUMpeqzkF8Ao6tkavTn0B1mhkSZOT6htBKBWCGODcbNraD86aFGa_fTB0OPt66y2YVlMXWCKyJM89BL-2ou9huaUs2V91LOB4sLy6DUlnGyG6B7w8bY76faqgCP0N5Y2ikNRE4uy-NoThZS3792c6xQMjiK_UN3PYz-mgOrfybX6eTmnzS_wED4KoUeTAYJPw9toQN2oahE1dXwk95Wep6F69ZRzP3wKcTgUbf-_l3dium68iUeHLH_D2la2T6hZIDRXhfr2BAw5oHgedFIc2pMyhz9nyWWDk9Sl0k8FVs7V1iRQWYkYJRgMZ_99rKdv72jRC0h2osJgXfQBnpj4SOw2XwlGF7vVnt5fgpWKVevL4pwL1yzfD0wI1lqJ4Nqi8iXhRRs0uSpUFeBH-eO-VG24LudtPk_NjfE3q0SYLbBkUkBCnL23g3ryknUkLXXNNb_X0UMkyEC7CP-oDOFIpHR1KWdPLNF9MPqqMeiuQqJelsPwE6ZD47_mCH1lI9KLgle41ttOW2VAwfroqLgUL18uZJ0zld5hh-5vLEe1zURsB5pgoTK-9tKWoNksJqYkKkNuetq0znqdi3nCtkaX9L6hAgWlu7ZgMuRcyNpux8z8KEDL-e6lI1PUuHINXT9ghQwmY8hZXNCeSA1WnTZ2EscOIeRltOhnaSiKGExImPXB2iRKvWVmHasaQFWu213w-Opj0MhYcEZ5zpgOUQOF32B7Nxg5msuivducSoFBF9r1aViDwTZsSr2JXPB4mQUuwxp2jaEVRYlOyv3SUb6XcCGfabtINHJKxrSiE-ceiX6N3Cjb4iyAs9F7Y02H5FDjzM0oQ-_lwWXzfPUb8HBTvC2mTiu7JfRvfKlDtqaiGKC7ghltExg8SFSoWYjcpfA018Le4IyG3wgzYNPkiZDUB-U2raJZTEHw4Z1BNmV0TeMFRVENd0Ufb_SUv2zpW1VKKLJpsX1FpAZyKN5FUzucA5gaR8LyDV9-9kFP-O_YfX5NEtHiKsC_6KfuDc3CXvao-nCImRdKHhA0qg6oPh36TFzYAZxWjZeMNpzXXprKKMXpI-LOAkJZ8OMH9oeueFTuiAriNRJfyqMtRHsz5OGerOtAs3QAeycJalVc1ccrT5DAtnbUonh3ciCCJA_a2xLrDf&sai=AMfl-YTrenwo3o5562hlWObF7JTHJsCrNELBv6TK5xcudsBAHy0MQ3fzm8ldCZWAHApzzug8oafuL1FUu8Rjau0Q4GWUrbG54_hsJdDkmWGY1tA28SrYDBOPDaOuY5V4cNKykHb_KiZ9omPzE-0mOhSUUKfQxFBWdd6LCGShyAELNiuoCtgTg_wjVOPpgyY0qAkPZVu5UL-P56PUGgPbWFP6VGKve2RE_Uow3ZN01Hmi9ToXS0wdg0W7g_Y_Qv84-3_pf9SzKhJMTWiZvnFSjBBnPhv-NE_m1R_7eCeMtvfDpYt4tWNQIbsgGctLBzDVFs8Y&sig=Cg0ArKJSzG4MPVVA48jUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=190&cbvp=1&cstd=187&cisv=r20221110.61293&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 22 Nov 2022 06:26:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 22 Nov 2022 06:26:17 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 23 Nov 2022 06:26:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AF62 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BT4-ViWt8Y-DDC4jQ7_UP6ZeAsA8AAAAAOAHgBAI&bg=!0dKl0pbNAAbvMpMzzzI7ACkAdvg8Wn-X-vQUrhvb3PBO05kndWNWFx5QtlO-PHF7L6AdJfWrR8ziSAIAAABEUgAAAAJoAQeZAt-8rWC4Dn5_poxmRbguNmSfGFHUDdVCbNhvURyhdu5PaYBdZv1CK5WjCUMBJFoFge57gIPJE0MaEUhbZVGGqrSasmfzBeGO5BmfIYBuEz5C9zSC1LJ5Cr9GysfYm59FWoVja_HQvOVxzF6NQZhMiLULLpBBW_Dgw9HGd-OkDO13gKuZtkZLW53-Ei9dU7jbWbJV40DZvYWu6oY-o04rxqoinS5DGSt62JsKqV4h7DHANOQ4WgmeT35LOJIaIfZgPJU7WEoiiFiMJNEZQ-dXITR20R_ddCTYFyQKPjJdJB3lf_ZA75sCZsoY1y8XKI1dnPFsVOd-zcZJDtqcrn8Qwjnaq2jykfYHvj3aWvrzbVcin1Zag5mGWfFj27qCrnzKO3ssI8i0cTB0L8h5UKNRiLIMEXPn7xtUvs3ywp5QulLmdfqnVf4N-GT-HjsN_YuRGu9tgxTgZIxlr6Bh64BVvOWpenrNBfUdFDkYs-CDJ9Xxaxh69ercQ6jEQhCvl4TmORq3Yu31Ekt-9m-SpG1GYSBaAsBhOo4Mk6HIgY6ZsQzgbUzbD8wFwvFxzKq17ml4F2IKHY3h8ASw6pf8-1x8qq7nPs0oOVkjcRLvTmseG748qGbyIZ_pa3E6oMLOKLVK6C_JbSx48ChI-bjOIT1L5r8O8uzzKF6hr3gpKhEMWiKtStTSdaSr93oDVkcLHhDa4BS4BUX0nJ4nyjV9fUQ3iXksuDSyrYzb8LY0RcWwYYCUjTU0lmPQpen4YCTvIgVzw7SJAkNbA7-550vBKbW9EBg5lhnZDdJZbqKu9c0pOQ73aP8q7volZl8U60KjTJcQw2pbGYjj1jMCdiZXBO29pHv2ylwzAXRfMAOeM9sfL-DLeBRZ2jBn_puVGjI2PvI_8BcfVJh8cP4bjmwcG1ID2Di4Yo3f5rZVjkw4QBv6vyhW4qcCBT1BSXSd-tN8frbO7GfW6aT9TUHlncC4N0HrxUM
Requested by
Host: 3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com
URL: https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 5351 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:500,700,regular
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12702559889867613319/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7099b0a5636275b29bf77167ad5d60c566b1162e67cb1fe6e790a82a4cf9e791
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 22 Nov 2022 06:26:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 22 Nov 2022 06:26:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 22 Nov 2022 06:26:17 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 5351 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12702559889867613319/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12702559889867613319/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 05:27:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3549
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Nov 2022 05:27:08 GMT
syncframe
gum.criteo.com/ Frame 304A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=vsim.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://vsim.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 06:26:17 GMT
server
Kestrel
server-processing-duration-in-ticks
727022
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 23 Nov 2022 06:26:17 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5351 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,700,regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 16:44:52 GMT
x-content-type-options
nosniff
age
49285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Nov 2023 16:44:52 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5351 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,700,regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 11:59:40 GMT
x-content-type-options
nosniff
age
411997
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 11:59:40 GMT
sid
mug.criteo.com/ Frame 304A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=vsim.ua&sn=ChromeSyncframe&so=0&topUrl=vsim.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=y_TMB3xPWjRsbHkrc0tTWWdIb2ZaU1B3b2wvdFowMnpPcWNSNVRpWW9TZzZwQWNYVmRiNHA4ME5RQ3BpTkZLYVpkUlhkMVB5M2VrY3dSa3llc3JMRVNlT3FCYklWNUlGcHBqcUtVU2RKYUl3SnhOY3Q5V0I3T1dwcURqSk...
425 B
668 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=y_TMB3xPWjRsbHkrc0tTWWdIb2ZaU1B3b2wvdFowMnpPcWNSNVRpWW9TZzZwQWNYVmRiNHA4ME5RQ3BpTkZLYVpkUlhkMVB5M2VrY3dSa3llc3JMRVNlT3FCYklWNUlGcHBqcUtVU2RKYUl3SnhOY3Q5V0I3T1dwcURqSkNWc3ZzeG5Ca0VNVlZudFFVWTgrbi84UkdpSFdiWS9rMTdmUzlqU3h0OTlYUlh4aEQvQmdwTmhkMFRhY1Vnam5HZDdOa2tBSDNZSjRZZFY4Sm1ZRDZ0TWhGOS9xcDQzeVVweXVmT1ROWHhJRkVSc3k3NTY1L0NhUzRlMnNiTzFBVFp0TVh3bU53Y0xqRjJRZDdVYlo2YUUraXUwRU0xdz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
fe6c063db07a468e112cf17a10f6bb3167725ac0142692cfae994a680f635101
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:17 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2442013
expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=y_TMB3xPWjRsbHkrc0tTWWdIb2ZaU1B3b2wvdFowMnpPcWNSNVRpWW9TZzZwQWNYVmRiNHA4ME5RQ3BpTkZLYVpkUlhkMVB5M2VrY3dSa3llc3JMRVNlT3FCYklWNUlGcHBqcUtVU2RKYUl3SnhOY3Q5V0I3T1dwcURqSkNWc3ZzeG5Ca0VNVlZudFFVWTgrbi84UkdpSFdiWS9rMTdmUzlqU3h0OTlYUlh4aEQvQmdwTmhkMFRhY1Vnam5HZDdOa2tBSDNZSjRZZFY4Sm1ZRDZ0TWhGOS9xcDQzeVVweXVmT1ROWHhJRkVSc3k3NTY1L0NhUzRlMnNiTzFBVFp0TVh3bU53Y0xqRjJRZDdVYlo2YUUraXUwRU0xdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
718301
content-length
0
expires
0
TS-Online-EN.png
s0.2mdn.net/sadbundle/12702559889867613319/ Frame 5351 		628 KB
629 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12702559889867613319/TS-Online-EN.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12702559889867613319/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1459a4c2d036e9bf1a897002f1e18a3b502c9661bacd06e616bd08d422058dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12702559889867613319/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 13:08:29 GMT
x-content-type-options
nosniff
age
407868
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
643563
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 14:13:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 13:08:29 GMT
BitdefenderLogo_white-_2_.png
s0.2mdn.net/sadbundle/12702559889867613319/ Frame 5351 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12702559889867613319/BitdefenderLogo_white-_2_.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12702559889867613319/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09390420931de1a5876504eb4ebc8af93bd0464e7837af05c971b8afd33f6dbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12702559889867613319/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 15:21:54 GMT
x-content-type-options
nosniff
age
399863
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28426
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 14:13:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 15:21:54 GMT
OP_20Ans_Ban_300x250_Vec.jpg
s0.2mdn.net/sadbundle/12702559889867613319/ Frame 5351 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12702559889867613319/OP_20Ans_Ban_300x250_Vec.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12702559889867613319/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
948e0d491c3ed599c53000e9fc76ba69d80e4664b032f1a2c24b97a3cefb2a12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12702559889867613319/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 15:35:40 GMT
x-content-type-options
nosniff
age
399037
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16284
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 14:13:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 15:35:40 GMT
OP_20Ans_Ban_300x250_Vec_F3.jpg
s0.2mdn.net/sadbundle/12702559889867613319/ Frame 5351 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12702559889867613319/OP_20Ans_Ban_300x250_Vec_F3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12702559889867613319/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
332128bf7a7e69712b8ddb874d77735abbf071e1bfa47695102025080fd04762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12702559889867613319/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 13:41:38 GMT
x-content-type-options
nosniff
age
233079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10125
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 14:13:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 13:41:38 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D2BC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWfxUePi-UKWK80YKLxkxEhNcQy5JZtt_E2hJbY8b7HeLftMxxt7tzkfQTEgiZML5joVvRM8Wimj-VxuNMaA1QJ2oMo5iXjau8Yi5sGY81r-uYWU2aXPVzUdeUMpeqzkF8Ao6tkavTn0B1mhkSZOT6htBKBWCGODcbNraD86aFGa_fTB0OPt66y2YVlMXWCKyJM89BL-2ou9huaUs2V91LOB4sLy6DUlnGyG6B7w8bY76faqgCP0N5Y2ikNRE4uy-NoThZS3792c6xQMjiK_UN3PYz-mgOrfybX6eTmnzS_wED4KoUeTAYJPw9toQN2oahE1dXwk95Wep6F69ZRzP3wKcTgUbf-_l3dium68iUeHLH_D2la2T6hZIDRXhfr2BAw5oHgedFIc2pMyhz9nyWWDk9Sl0k8FVs7V1iRQWYkYJRgMZ_99rKdv72jRC0h2osJgXfQBnpj4SOw2XwlGF7vVnt5fgpWKVevL4pwL1yzfD0wI1lqJ4Nqi8iXhRRs0uSpUFeBH-eO-VG24LudtPk_NjfE3q0SYLbBkUkBCnL23g3ryknUkLXXNNb_X0UMkyEC7CP-oDOFIpHR1KWdPLNF9MPqqMeiuQqJelsPwE6ZD47_mCH1lI9KLgle41ttOW2VAwfroqLgUL18uZJ0zld5hh-5vLEe1zURsB5pgoTK-9tKWoNksJqYkKkNuetq0znqdi3nCtkaX9L6hAgWlu7ZgMuRcyNpux8z8KEDL-e6lI1PUuHINXT9ghQwmY8hZXNCeSA1WnTZ2EscOIeRltOhnaSiKGExImPXB2iRKvWVmHasaQFWu213w-Opj0MhYcEZ5zpgOUQOF32B7Nxg5msuivducSoFBF9r1aViDwTZsSr2JXPB4mQUuwxp2jaEVRYlOyv3SUb6XcCGfabtINHJKxrSiE-ceiX6N3Cjb4iyAs9F7Y02H5FDjzM0oQ-_lwWXzfPUb8HBTvC2mTiu7JfRvfKlDtqaiGKC7ghltExg8SFSoWYjcpfA018Le4IyG3wgzYNPkiZDUB-U2raJZTEHw4Z1BNmV0TeMFRVENd0Ufb_SUv2zpW1VKKLJpsX1FpAZyKN5FUzucA5gaR8LyDV9-9kFP-O_YfX5NEtHiKsC_6KfuDc3CXvao-nCImRdKHhA0qg6oPh36TFzYAZxWjZeMNpzXXprKKMXpI-LOAkJZ8OMH9oeueFTuiAriNRJfyqMtRHsz5OGerOtAs3QAeycJalVc1ccrT5DAtnbUonh3ciCCJA_a2xLrDf&sai=AMfl-YTrenwo3o5562hlWObF7JTHJsCrNELBv6TK5xcudsBAHy0MQ3fzm8ldCZWAHApzzug8oafuL1FUu8Rjau0Q4GWUrbG54_hsJdDkmWGY1tA28SrYDBOPDaOuY5V4cNKykHb_KiZ9omPzE-0mOhSUUKfQxFBWdd6LCGShyAELNiuoCtgTg_wjVOPpgyY0qAkPZVu5UL-P56PUGgPbWFP6VGKve2RE_Uow3ZN01Hmi9ToXS0wdg0W7g_Y_Qv84-3_pf9SzKhJMTWiZvnFSjBBnPhv-NE_m1R_7eCeMtvfDpYt4tWNQIbsgGctLBzDVFs8Y&sig=Cg0ArKJSzG4MPVVA48jUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=760&vt=11&dtpt=570&dett=3&cstd=187&cisv=r20221110.61293&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: vsim.ua
URL: https://vsim.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 22 Nov 2022 06:26:18 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D2BC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvA59K6ss8GZ082IsokJsZYAqFyzECurORLe-_oT2fUA4SJTQBlwY5OVWerrPwaciQPYL-Dyl1rOT7B8FmVeVrbHrJWdQmzIosVfNs6ka_mGjG0SpDy8R_1ZLJ2e21m82O4yr4TeQ&sai=AMfl-YRlEU49rVemmmATsqsaCUhQmjpgMS9gwtGWDStCXFpLOB6T0n7GFtpjOIQSY5R5-UzBDnkAGrLScJnmpNAe3ryhmEaDv7JDCox8inQskmiAtavHRvuynJhinwY35Dib5hclj0MJs6iYcxKsH93r&sig=Cg0ArKJSzF8_QHvtTPvpEAE&cid=CAQSTADq26N9CwTAYyX0CEut_jeGfkOtHjC3lHewkrVO2d24Jxgo-Zvrr6fDkMLoqnYNYf9qRF_CbSqgASaomernL1hKrHsteuf1T2xA31EYASAT&id=lidar2&mcvt=1000&p=228,1092,478,1392&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=978356717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669098376899&rpt=454&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4180 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vsim.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
85
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 06:24:53 GMT
expires
Wed, 22 Nov 2023 06:24:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E1D6 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f4ab9326b5b29cbbb862e13f625ad9347305bc9831f8130afa2946e224ec90a9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rYQFhccoRWFv7f0x_GnDhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vsim.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-rYQFhccoRWFv7f0x_GnDhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 06:26:18 GMT
expires
Tue, 22 Nov 2022 06:26:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame 4180 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 19:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40837
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Nov 2023 19:05:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E1D6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=2703842664179630&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 4180 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?FpBeZQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://vsim.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://vsim.ua
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 22 Nov 2022 06:26:19 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
318097
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=WOjZkHxodDM5VmtPWnhqN2FlUmt5NTZmcDFaZmVmNEc0cnZZNUJiRjNPcHE0NVJWNDBuc0xmWHhsS3dMbVByMXphRi93Sm95UE5aTWpVR3V5Q1hMR2cyK05jME9LYm5Mb0c3WkRJRngyNFh5ZjlrS2k4M1MyaDNqa2dHK1...
423 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=WOjZkHxodDM5VmtPWnhqN2FlUmt5NTZmcDFaZmVmNEc0cnZZNUJiRjNPcHE0NVJWNDBuc0xmWHhsS3dMbVByMXphRi93Sm95UE5aTWpVR3V5Q1hMR2cyK05jME9LYm5Mb0c3WkRJRngyNFh5ZjlrS2k4M1MyaDNqa2dHK1ltUlYzU2hydWk5K0lRWTVKME0wVWJjWXRsS1JORlRLRFZ1U3NIQStrdzcwVWpTZDMrcExhQ1hGbFVnaDhtODdHcXUzYlhGN1Mwa29laEI3S3RuazlJR0Y4T2JCdTlzS2tNOVFhN1loWlFORS9JMCtGNXpBWWtwWGFzOUtxZ2VJU2pWK3A1OVdDcHJFbGk2RGRKWXFVVzRRcVo2dlJWZz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
790ba5981afee1ce7ae6cffa105cbb3ebd2a0f89822499dfbf91d2dbe6f630d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1836703
expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=WOjZkHxodDM5VmtPWnhqN2FlUmt5NTZmcDFaZmVmNEc0cnZZNUJiRjNPcHE0NVJWNDBuc0xmWHhsS3dMbVByMXphRi93Sm95UE5aTWpVR3V5Q1hMR2cyK05jME9LYm5Mb0c3WkRJRngyNFh5ZjlrS2k4M1MyaDNqa2dHK1ltUlYzU2hydWk5K0lRWTVKME0wVWJjWXRsS1JORlRLRFZ1U3NIQStrdzcwVWpTZDMrcExhQ1hGbFVnaDhtODdHcXUzYlhGN1Mwa29laEI3S3RuazlJR0Y4T2JCdTlzS2tNOVFhN1loWlFORS9JMCtGNXpBWWtwWGFzOUtxZ2VJU2pWK3A1OVdDcHJFbGk2RGRKWXFVVzRRcVo2dlJWZz09fA&cppv=2
access-control-allow-origin
https://vsim.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
559444
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://vsim.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vsim.ua
date
Tue, 22 Nov 2022 06:26:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
981e2a0ec1c40493e59b139b8db4f728.gif
cs.admanmedia.com/ Frame 4E74 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D4E1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://vsim.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=115682
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 06:26:19 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 23 Nov 2022 14:34:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 48BF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1669098376125&gdpr=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://vsim.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.html
public.servenobid.com/ Frame 203C 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-30.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55240e190af93c329c339c44aef4e37701f7cac83c65df0afb7e801b7eead39f

Request headers

Referer
https://vsim.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
50212
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Mon, 21 Nov 2022 16:29:28 GMT
etag
W/"02a59c9399d935f64b331e61178d2c9f"
last-modified
Mon, 14 Nov 2022 16:28:27 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-id
kRH2rSNBk8c11cMm4930ALf3XJNf5QNkdNlekZgtaJGfCo3NgsB00Q==
x-amz-cf-pop
FRA60-P3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:9114884f-60db-4078-afb1-cde242f68696
x-amz-meta-codebuild-content-md5
3d437d58b8bd54e8a0e378e97cd0e39f
x-amz-meta-codebuild-content-sha256
85fe75fc3aebfc86893a7760fc0ac12e3ff269743874600311aae7eb8917fccd
x-cache
Hit from cloudfront
/
spl.zeotap.com/ Frame 9F28 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1644eb5e050ac6e83cc29ac8f5f8e13ecd872ab01e7aec67010b28e7071dc62

Request headers

Referer
https://vsim.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://vsim.ua
cf-cache-status
DYNAMIC
cf-ray
76df97c7fc6e776d-LHR
content-encoding
br
content-type
text/html
date
Tue, 22 Nov 2022 06:26:19 GMT
server
cloudflare
vary
Origin
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame C2F5 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://vsim.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
853
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
76df97c7ef0c54e2-MAN
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 06:26:19 GMT
expires
Tue, 22 Nov 2022 10:26:19 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 7FB2 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU816538&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7f4cdf8eb55088438c1717a479c9f44fe7ea913728199a6b4c09508514f92b4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://vsim.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7825
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 06:26:19 GMT
expires
Thu, 24 Nov 2022 06:26:19 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame FFC6 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://vsim.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Nov 2022 06:26:19 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=2703842664179630&bg=!YGOlYyfNAAbvMpMzzzI7ACkAdvg8WhH0IbDV4tCQ1iu5b4lYhLUN9Ayt5VXMsyrHc3CfsYTmmQ4O9AIAAABlUgAAAANoAQcKAICxNpNxT8VC152LeXcMWIsZ_GdP5Qhb4nl6cSgj2PZpTQDOyaZfCB7irNqtYDQC2hJrrVXMzASumSIyVKIsiH8vzFMMPgQu4Qo_R1TncDVeOKTVUgKLGMQwXWaCfO8u_pcDeuT0LKrYCYiu8y1jM9Y1M_hHjpznPNT9TSRB2JeNQpkCndDYn1xyHrPXI5zmFPcOsouH5XsLXc5ysxxIN5q849zxDLpOFvCuNXDgQOul9U3bfiKQAjz5DjhfeHGD3giAwMd4jHZjdnzIZHNDsNCv3_KYaAsYZDZl_Nk-MMaL6Ph2ApK0bDVv5jbalb-0ORL7bNrFw9fmgDg2E0eeb49ArScMQZu2FPEVVAo4Rf6IitAtvE9a0vbQ2cL_X-YV9DX6goONH9Q9ZY6r16aEszfPY2sGBbBo0JfD-36YBXeH0zaAQeN4w6vvAUGKJO35btMXyBapbQxcOdvjUA9kHMNsO5HQJ0tGVc3N4gmKHSH1U3mBrB7AY5xqwxcpprcWAVGYrc2SpyMllM3_HRbF1zdeSDklxcFKNlU5zhaTV0bE5NR_AF675qIZbQMGSk1jJGER1RezqJ9vDo0DeHTjWc6u2XpAh5cspLFuytA2U81Sz_rKVtT6nVP5Jcaxk6znFMg_Vdw1K15tHaFwRr50gEwgocBH_oAKbmMH6vSqpIOp320TZ1o80K_Z5oUDpPyI61T2H8dSANQ8puBX19BHEMt9nQw5D9iOZ9ObfVxLz2YSWcyEA_yLhhoRAVofNim0IrfiSCFqCqyS1mJ95hnvaeISdok_bdigis7yMNQ897StSSqWKlIaFCWJ_IWrrkME_X4BZd6qFYY2PVWe5tr1a47TwZm--cLe6nDrTyExBD7PxMQys6UtW7G2WIN1JYFsn06C9S9Au3hdW72zlJVrbikIkqb1idmJYPAEahG37KPBNV_p1VqpC3uRr0bdi1T7c1pDA59lvvXNhmOMI3cASingyoFm4PJyfF2pspwcMSI3C-4cO5CuCPVUFvHjtpqVtx8J3cP9Osa-t7xey5m1erM68-NQbtJBVMvd9673Zld9oA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vsim.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
6528f3918454b93ba3ebaca124855a7c3cc9ec052c2349ff12ba49ba81e0ef32
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://vsim.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vsim.ua
date
Tue, 22 Nov 2022 06:26:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=WOjZkHxodDM5VmtPWnhqN2FlUmt5NTZmcDFaZmVmNEc0cnZZNUJiRjNPcHE0NVJWNDBuc0xmWHhsS3dMbVByMXphRi93Sm95UE5aTWpVR3V5Q1hMR2cyK05jME9LYm5Mb0c3WkRJRngyNFh5ZjlrS2k4M1MyaDNqa2dHK1ltUlYzU2hydWk5K0lRWTVKME0wVWJjWXRsS1JORlRLRFZ1U3NIQStrdzcwVWpTZDMrcExhQ1hGbFVnaDhtODdHcXUzYlhGN1Mwa29laEI3S3RuazlJR0Y4T2JCdTlzS2tNOVFhN1loWlFORS9JMCtGNXpBWWtwWGFzOUtxZ2VJU2pWK3A1OVdDcHJFbGk2RGRKWXFVVzRRcVo2dlJWZz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 22 Nov 2022 06:26:18 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
583137
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame A622 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b569689df7130b183a84409741c25fbf387f694966fbf4bb29325eebb3349f38

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76df97c8adea000a-MAN
content-encoding
br
content-type
text/html
date
Tue, 22 Nov 2022 06:26:19 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9FJhrF6KR3Ke7iJjF1BE%2FeUihbMzV2aRPon7aPyUJM4J9lvhl4%2B5FM%2FiDP1Pnqx0hKTvxt95InfPfYsKwBsoI58Siuq8j4682579XNhQ%2BEtt%2FjQc7qYUE%2FQV4pUt9l57eiAI6xO6%2BXsQ7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
getuid
ib.adnxs.com/ Frame 9F28 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 9F28 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 9F28
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=f20149ad-1a48-4ab1-9dbe-f1a52680f612&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=f20149ad-1a48-4ab1-9dbe-f1a52680f612&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76df97c9ee11776d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

date
Tue, 22 Nov 2022 06:26:19 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=f20149ad-1a48-4ab1-9dbe-f1a52680f612&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 9F28 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 9F28 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7f05710b-71ee-444c-48e3-281599c01723%26reqId%3D976d067f-5f79-43d5-6f70-6d04fd71bccf%26zdid%3D1361&gdpr=0&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 9F28 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Tue, 22 Nov 2022 06:26:19 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1669098380.684851,VS0,VE8
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-lon4244-LON
u
dmp.v.fwmrm.net/ad/ Frame 9F28 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:e61:3f01:4121:4821:f664:be Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
mw
mwzeom.zeotap.com/ Frame 9F28
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=55C44CE6-B7EB-4BC4-80E4-339E296A6928&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d06...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=55C44CE6-B7EB-4BC4-80E4-339E296A6928&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76df97c99dc6776d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=55C44CE6-B7EB-4BC4-80E4-339E296A6928&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
date
Tue, 22 Nov 2022 06:26:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 9F28
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=d390ceff-c1c9-418e-954e-3499d68cf197&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=d390ceff-c1c9-418e-954e-3499d68cf197&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76df97cb2f27776d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=d390ceff-c1c9-418e-954e-3499d68cf197&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 9F28
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=7f05710b-71ee-444c-48e3-281599c01723&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=7f05710b-71ee-444c-48e3-281599c01723&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=27109401904770783323610277520197772849&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=27109401904770783323610277520197772849&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76df97ca7e87776d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v045-0f7e0a58c.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
XAGsk66hS1g=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=27109401904770783323610277520197772849&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 9F28 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 9F28
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7168722951630747787&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-...
95 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7168722951630747787&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76df97c99dc5776d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7168722951630747787&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Date
Tue, 22 Nov 2022 06:26:19 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame 9F28 		95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=7f05710b-71ee-444c-48e3-281599c01723
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
mw
mwzeom.zeotap.com/ Frame 9F28
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=7f05710b-71ee-444c-48e3-281599c01723&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=7f05710b-71ee-444c-48e3-281599c01723&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=ZUHdjeJjSaiOAYDoukjtC.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=ZUHdjeJjSaiOAYDoukjtC.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76df97cb4f47776d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
via
1.1 google
last-modified
Tue, 22 Nov 2022 06:26:19 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=ZUHdjeJjSaiOAYDoukjtC.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 9F28
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3...
  • https://mwzeom.zeotap.com/mw?cid=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76df97cb4f49776d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=
date
Tue, 22 Nov 2022 06:26:19 GMT
content-length
0
tpid=7f05710b-71ee-444c-48e3-281599c01723
bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/ Frame 9F28 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=7f05710b-71ee-444c-48e3-281599c01723?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.100.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-100-225.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.18.227
content-length
49
expires
0
mw
mwzeom.zeotap.com/ Frame 9F28
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-ne9Exh5E2orvpKzEa8YfZ4IMjldV8cdrBg--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-ne9Exh5E2orvpKzEa8YfZ4IMjldV8cdrBg--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76df97cb5f5c776d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-ne9Exh5E2orvpKzEa8YfZ4IMjldV8cdrBg--~A&zpartnerid=570&env=mWeb
date
Tue, 22 Nov 2022 06:26:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame 9F28
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=icWJ9R5CXzD3o%2BzrkmOzB9zsUgIoecwY%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=icWJ9R5CXzD3o%2BzrkmOzB9zsUgIoecwY%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76df97cb4f42776d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=icWJ9R5CXzD3o%2BzrkmOzB9zsUgIoecwY%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 9F28 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=7f05710b-71ee-444c-48e3-281599c01723&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 9F28 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.4.228 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n019-dub-prod.krxd.net
date
Tue, 22 Nov 2022 06:26:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=56 t=1669098379
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 9F28 		95 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=7f05710b-71ee-444c-48e3-281599c01723&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.223.79.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/png
date
Tue, 22 Nov 2022 06:26:20 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
mw
mwzeom.zeotap.com/ Frame 9F28
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y3xriwAJ5lscNwAT&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d0...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y3xriwAJ5lscNwAT&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76df97cb8f83776d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-lcy-eglc8600021-LCY
pragma
no-cache
date
Tue, 22 Nov 2022 06:26:20 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1669098380.975076,VS0,VE79
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y3xriwAJ5lscNwAT&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 9F28
Redirect Chain
  • https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f...
  • https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.b7319be3-5a7f-49e0-9dc1-4e9497624c99&zdid=1361
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.b7319be3-5a7f-49e0-9dc1-4e9497624c99&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76df97cbefc9776d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:20 GMT
via
1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
location
https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.b7319be3-5a7f-49e0-9dc1-4e9497624c99&zdid=1361
cache-control
must-revalidate, no-store, no-cache
content-length
0
x-amz-cf-id
oPZ_LniW6o_8Z-ZBBghNoS7z8Zg4PnARyN8ZlXmkLqaunPHfpl9oeQ==
expires
-1
usermatch.gif
beacon.krxd.net/ Frame 9F28
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71...
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
54.246.4.228 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n010-dub-prod.krxd.net
date
Tue, 22 Nov 2022 06:26:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1669098381
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
date
Tue, 22 Nov 2022 06:26:20 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a018-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 9F28
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7f05710b-71ee-444c-48e3-281599c01723&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7f05710b-71ee-444c-48e3-281599c01723&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7f05710b-71ee-444c-48e3-281599c01723&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CJ7Z7D53D2X5EN13NZPG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GGYGWZNY7W4XB5QNPJD4
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=7f05710b-71ee-444c-48e3-281599c01723&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 9F28 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=7f05710b-71ee-444c-48e3-281599c01723&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.168.166 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-166.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:20 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 9F28
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D7f057...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76df97cc8839776d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
date
Tue, 22 Nov 2022 06:26:20 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame 9F28
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=41544&puid=7f05710b-71ee-444c-48e3-281599c01723&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c0...
  • https://mwzeom.zeotap.com/mw?cid=LARU2TGV-B-BNSO&env=mWeb&zpartnerid=1770&gdpr=0
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=LARU2TGV-B-BNSO&env=mWeb&zpartnerid=1770&gdpr=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76df97cbffd5776d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=LARU2TGV-B-BNSO&env=mWeb&zpartnerid=1770&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
mw
mwzeom.zeotap.com/ Frame 9F28
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=7f05710b-71ee-444c-48e3-281599c01723&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpart...
  • https://mwzeom.zeotap.com/mw?cid=e235c23e-ae15-4462-a703-6e980a92b2b2&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71e...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=e235c23e-ae15-4462-a703-6e980a92b2b2&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76df97cbdfc7776d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=e235c23e-ae15-4462-a703-6e980a92b2b2&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
date
Tue, 22 Nov 2022 06:26:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
mw
mwzeom.zeotap.com/ Frame 9F28 		95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
76df97cb9f93776d-LHR
access-control-allow-headers
*
content-length
95
usync.js
eus.rubiconproject.com/ Frame FFC6 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0f679c2d4296ab6709c8958d1d8644b99c13dc37642f281bd5d98499df12b233

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 06:26:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Nov 2022 22:30:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57871
Connection
keep-alive
Content-Length
10066
Expires
Tue, 22 Nov 2022 22:30:50 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame D4E1 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=77581710&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5198e1fb993a19c9e8dbc988eaf22fa351f3314700f4a76392dbc1b15a7a3c48

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 06:26:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
13926
g2.gumgum.com/usync/ Frame 9228 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.123.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-123-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6795f2aa61d4bee691e1f5ff4c64962dacd10cba72ad371f449259574e9f122e

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 22 Nov 2022 06:26:19 GMT
etag
W/"03ee5bd51142c9ebb1b720951b2270c0a"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 85BB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 4EA0 		657 B
861 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
59c6c59c417887b5c9ca336d869a7af00b17e75b79062440d6a6fef76064ec86

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
657
content-type
text/html
date
Tue, 22 Nov 2022 06:26:19 GMT
usermatch
ssum-sec.casalemedia.com/ Frame EF86 		2 KB
905 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f63e6fa8f859179df5de04d03d064d25d659fc1b11e9ca1c60f96baf697225a2

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76df97c8bdfd000a-MAN
content-encoding
br
content-type
text/html
date
Tue, 22 Nov 2022 06:26:19 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZYGzItpz%2Bvhzv6%2F7gYr21Ab3h04omx8bBLhOgB2X9uoKPp4r0R0WrIzkk2IDMq3%2BRoq4wCo8vx7WudFDtGtQt2UNABZO5its%2B%2BpvucfnixItSsmGPMFrRCyXIQ2q0btGqbwi9oqHR8MSA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame EAFC
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Nov 2022 06:26:19 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 22 Nov 2022 06:26:19 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5521 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=115682
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 06:26:19 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 23 Nov 2022 14:34:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame F765 		0
483 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:a00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Tue, 22 Nov 2022 06:26:19 GMT
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
x-amz-cf-id
nN5dxcotHsnKSy8KLVseD5DG9HAotoOmTYB8UcnieCCocXTVqRhzVg==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame 203C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=2956589636793389865
0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=2956589636793389865
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.129.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:19 GMT
AN-X-Request-Uuid
d5132aed-a23f-4da0-bac7-945ae790483b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=2956589636793389865
Connection
keep-alive
X-Proxy-Origin
217.138.196.99; 217.138.196.99; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 203C
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=FsUCvBZHsW3IC6z2Quawi1D9
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FsUCvBZHsW3IC6z2Quawi1D9
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.129.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:19 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FsUCvBZHsW3IC6z2Quawi1D9
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 203C 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Nov 2022 06:26:19 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
generic
match.adsrvr.org/track/cmf/ Frame 203C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1669098379720
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7103442912
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7103442912
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
etag
RX3cae951e44ea46f4bc0c5f865a31779c003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7103442912
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/ Frame 203C
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5141210822471222507
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5141210822471222507
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.129.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5141210822471222507
Date
Tue, 22 Nov 2022 06:26:19 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 203C 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-58
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 203C
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=c88fa57e-361f-4da1-9afe-e5707d1bca6b&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=c88fa57e-361f-4da1-9afe-e5707d1bca6b&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.129.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=c88fa57e-361f-4da1-9afe-e5707d1bca6b&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Tue, 22 Nov 2022 06:26:19 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 203C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-FT92SDhE2uFkvzp_jI5msoi0PeW36beBJhoQ06o-~A
0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-FT92SDhE2uFkvzp_jI5msoi0PeW36beBJhoQ06o-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.129.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-FT92SDhE2uFkvzp_jI5msoi0PeW36beBJhoQ06o-~A
date
Tue, 22 Nov 2022 06:26:19 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 203C
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-722d943b-d41b-3e93-a769-2010ee5a012a
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-722d943b-d41b-3e93-a769-2010ee5a012a
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.129.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-722d943b-d41b-3e93-a769-2010ee5a012a
pragma
no-cache
date
Tue, 22 Nov 2022 06:26:20 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
sync
ads.servenobid.com/ Frame 203C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
  • https://ads.servenobid.com/sync?pid=339&uid=y-FT92SDhE2uFkvzp_jI5msoi0PeW36beBJhoQ06o-~A
0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-FT92SDhE2uFkvzp_jI5msoi0PeW36beBJhoQ06o-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.129.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-FT92SDhE2uFkvzp_jI5msoi0PeW36beBJhoQ06o-~A
date
Tue, 22 Nov 2022 06:26:19 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
692.json
id5-sync.com/g/v2/ 		216 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463638/hb_306660_6693.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
d86ac2eb2ac280cbb39a4c2d656bbe064fc9e049c8c13e783d5b6b09d3b69e6a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://vsim.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vsim.ua
date
Tue, 22 Nov 2022 06:26:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
casale
match.adsrvr.org/track/cmf/ Frame A622 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame A622
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3xriXKz9flSJU7JTR71JgAADRMAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3xriXKz9flSJU7JTR71JgAADRMAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3xriXKz9flSJU7JTR71JgAADRMAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RM3W4DJ5HAG6980FRJV8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RHAP5GH1BPNEA68TEFCY
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3xriXKz9flSJU7JTR71JgAADRMAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame A622
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3xriXKz9flSJU7JTR71JgAADRMAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ1H03CClWGGLioAg4wNwUU&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ1H03CClWGGLioAg4wNwUU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzZaTOPFlaL1rLm4i8OQXApBoEvgcz4NZ3sGXDTt5gZ9nxb9wFzbYWOaPo5Q9PfCM4hSSUkgXTeNWgL7rCr2N9lG9VXGtZQfaMockhCKAv%2FlMvBGJ0olURO89ktEmtELzobOJG7Dzu%2Bcbg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76df97c9f8bbb2f3-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ1H03CClWGGLioAg4wNwUU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Y3xriXKz9flSJU7JTR71JgAADRMAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A622 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y3xriXKz9flSJU7JTR71JgAADRMAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:aea4:a386:c0ef:3243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
indexexchange
sync.adotmob.com/cookie/ Frame A622 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.0
Security
TLS 1.3, , AES_128_GCM
Server
185.183.112.155 Paris, France, ASN60350 (VP, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame A622
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588522214306720
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588522214306720
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588522214306720
Date
Tue, 22 Nov 2022 06:26:19 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
demconf.jpg
dpm.demdex.net/ Frame A622
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y3xriXKz9flSJU7JTR71JgAA%263347?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y3xriXKz9flSJU7JTR71JgAA%263347
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y3xriXKz9flSJU7JTR71JgAA%263347
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
176.34.205.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-205-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-0a2056b15.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Rx8PsM/EQQQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v045-0cc0feb7f.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
taNvoChdTUI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y3xriXKz9flSJU7JTR71JgAA%263347
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame A622
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=rvvnn5sS1OXmJB5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=rvvnn5sS1OXmJB5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:19 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-00370ec4fddf661ef@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=rvvnn5sS1OXmJB5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame A622 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y3xriXKz9flSJU7JTR71JgAA%263347
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
28614
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76df97c9ed75e58f-MAN
content-length
43
expires
Wed, 23 Nov 2022 06:26:19 GMT
crum
dsum-sec.casalemedia.com/ Frame EF86
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2956589636793389865
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2956589636793389865
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:19 GMT
AN-X-Request-Uuid
2649f775-d93c-4fda-82a7-7fdc2c8ee4be
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2956589636793389865
Connection
keep-alive
X-Proxy-Origin
217.138.196.99; 217.138.196.99; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame EF86
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=948e637c-6b8c-4d00-830e-ac687041833f
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=948e637c-6b8c-4d00-830e-ac687041833f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 22 Nov 2022 06:26:20 GMT
Server
MT3 169 32252b7 master nrt-pixel-x8 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=948e637c-6b8c-4d00-830e-ac687041833f
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 22 Nov 2022 06:26:19 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame EF86 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.173.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-173-47.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame EF86
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y3xriwAAAC4NiwA7
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3xriwAAAC4NiwA7&_test=Y3xriwAAAC4NiwA7
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3xriwAAAC4NiwA7&_test=Y3xriwAAAC4NiwA7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-lcy-eglc8600021-LCY
pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
via
1.1 varnish
server
Varnish
x-timer
S1669098380.938126,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y3xriwAAAC4NiwA7&_test=Y3xriwAAAC4NiwA7
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame EF86
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685624917709708
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685624917709708
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685624917709708
Date
Tue, 22 Nov 2022 06:26:19 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Y3xriXKz9flSJU7JTR71JgAADRMAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame EF86 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y3xriXKz9flSJU7JTR71JgAADRMAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:aea4:a386:c0ef:3243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame EF86
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3xriXKz9flSJU7JTR71JgAADRMAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3xriXKz9flSJU7JTR71JgAADRMAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3xriXKz9flSJU7JTR71JgAADRMAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EXPQ7W6G0SQW3H5WZN3J
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N94VGWG65TV6J1WJGED1
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3xriXKz9flSJU7JTR71JgAADRMAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ix
ad4m.at/ad/sim/ Frame EF86 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sync
ads.servenobid.com/ Frame EF86 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y3xriXKz9flSJU7JTR71JgAADRMAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.129.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
match
c1.adform.net/serving/cookie/ Frame 27B1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=55C44CE6-B7EB-4BC4-80E4-339E296A6928&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=55C44CE6-B7EB-4BC4-80E4-339E296A6928&gdpr=0&gdpr_consent=
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=55C44CE6-B7EB-4BC4-80E4-339E296A6928&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 22 Nov 2022 06:26:19 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 22 Nov 2022 06:26:19 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=55C44CE6-B7EB-4BC4-80E4-339E296A6928&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 3137
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:610b637c-6b8c-4100-9798-9f27156ec81c&gdpr=0&gdpr_consent=
42 B
504 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:610b637c-6b8c-4100-9798-9f27156ec81c&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 06:26:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 22 Nov 2022 06:26:20 GMT
Expires
Tue, 22 Nov 2022 06:26:19 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 169 32252b7 master nrt-pixel-x15 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:610b637c-6b8c-4100-9798-9f27156ec81c&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 2EF6
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4282803907331353629
42 B
295 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4282803907331353629
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 06:26:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4282803907331353629
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 1686
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 06:26:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 06:26:19 GMT
expires
Tue, 22 Nov 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1775082
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame AE3C
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=55C44CE6-B7EB-4BC4-80E4-339E296A6928&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=55C44CE6-B7EB-4BC4-80E4-339E296A6928&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=55C44CE6-B7EB-4BC4-80E4-339E296A6928&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 22 Nov 2022 06:26:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
F5W863YEESTSB7ZA3MJT

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 22 Nov 2022 06:26:19 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=55C44CE6-B7EB-4BC4-80E4-339E296A6928&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
K8YXVASENA9S3BZNESBQ
Pug
simage2.pubmatic.com/AdServer/ Frame 7DC2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2956589636793389865&gdpr=0&gdpr_consent=
42 B
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2956589636793389865&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 06:26:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
39fa5b05-c6d2-45e4-805e-9ad01a27a9d8
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 22 Nov 2022 06:26:19 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2956589636793389865&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.138.196.99; 217.138.196.99; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame CC83
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=RU5NsUUfQrBeHh_qFkhX4kUfH-ZeH0OxEElC1LWQ
42 B
571 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=RU5NsUUfQrBeHh_qFkhX4kUfH-ZeH0OxEElC1LWQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 06:26:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 22 Nov 2022 06:26:19 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=RU5NsUUfQrBeHh_qFkhX4kUfH-ZeH0OxEElC1LWQ
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 1872
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7168722951631337611&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7168722951631337611&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 06:26:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Tue, 22 Nov 2022 06:26:19 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7168722951631337611&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
adx
match.prod.bidr.io/cookie-sync/ Frame 3496
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEbFkwN0ctTmNBQUJfYWVldjZMQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
433 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.173.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-173-47.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
43
Date
Tue, 22 Nov 2022 06:26:20 GMT
Server
gunicorn
cache-control
no-cache, must-revalidate
content-type
image/gif
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
355
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 06:26:20 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 061D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=efHenMQeRiJLOGH2afUxedmKxGM
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=efHenMQeRiJLOGH2afUxedmKxGM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 06:26:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Tue, 22 Nov 2022 06:26:20 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=efHenMQeRiJLOGH2afUxedmKxGM
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 6DE9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
85 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y3xriwAAALHDgQAW
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1405
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 22 Nov 2022 06:26:19 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
5673
x-served-by
cache-lcy-eglc8600021-LCY
x-timer
S1669098380.938136,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 22 Nov 2022 06:26:19 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y3xriwAAALHDgQAW
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-lcy-eglc8600021-LCY
x-timer
S1669098380.824304,VS0,VE79
/
csync.loopme.me/ Frame 4E7D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.223.115 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
115.223.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
server
_
i.match
s.tribalfusion.com/z/ Frame DD1C
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
76df97cb1f91e678-LHR
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 06:26:20 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
76df97c9eea2e678-LHR
content-type
text/html
date
Tue, 22 Nov 2022 06:26:19 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
635
pub
matching.truffle.bid/sync/ Frame 33DF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.120.47.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 22 Nov 2022 06:26:20 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame 030F 		43 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 22 Nov 2022 06:26:20 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-ab83a23802c7@version_1.531
X-core-time
0ms
X-server-arch
v2
generic
match.adsrvr.org/track/cmf/ Frame C6DC
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1669098379758
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7356187750
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7356187750
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 22 Nov 2022 06:26:19 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Tue, 22 Nov 2022 06:26:19 GMT
etag
RX3cae951e44ea46f4bc0c5f865a31779c003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7356187750
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
Pug
image2.pubmatic.com/AdServer/ Frame 9275
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage...
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage...
  • https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=f4bbc926189eba4319345ea9d6478370&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjYjhXnbYbVShQhYQ
42 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjYjhXnbYbVShQhYQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 06:26:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjYjhXnbYbVShQhYQ
bridge
cm.adgrx.com/ Frame 0AD7 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Tue, 22 Nov 2022 06:26:19 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-9
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D4E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VcRM5rfrS8SA5DOeKWppKA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=115682
accept-ranges
bytes
content-length
5549
expires
Wed, 23 Nov 2022 14:34:21 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame D4E1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7434637c-6b8c-4f00-b591-c63af60e8402
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7434637c-6b8c-4f00-b591-c63af60e8402
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 22 Nov 2022 06:26:20 GMT
Server
MT3 169 32252b7 master nrt-pixel-x4 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7434637c-6b8c-4f00-b591-c63af60e8402
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 22 Nov 2022 06:26:19 GMT
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c3cb2e13158bdb3d/gdpr=0/ Frame D4E1
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=55C44CE6-B7EB-4BC4-80E4-339E296A6928&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c3cb2e13158bdb3d/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c3cb2e13158bdb3d/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.195.100.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-100-225.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.18.205
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c3cb2e13158bdb3d/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame D4E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTVDNDRDRTYtQjdFQi00QkM0LTgwRTQtMzM5RTI5NkE2OTI4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 06:26:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D4E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM4ZYq7cKuE9XdzQZnO6F5I&google_cver=1
42 B
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM4ZYq7cKuE9XdzQZnO6F5I&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 06:26:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM4ZYq7cKuE9XdzQZnO6F5I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame D4E1 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 21 Nov 2022 06:26:19 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D4E1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8219110578663417217
42 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8219110578663417217
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 06:26:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8219110578663417217
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame D4E1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame D4E1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=a6a3f141-db91-47ba-baba-6cb258be1869&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e235c23e-ae15-4462-a703-6e980a92b2b2&gdpr=&gdpr_consent=&gdpr_pd=
1 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e235c23e-ae15-4462-a703-6e980a92b2b2&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 22 Nov 2022 06:26:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e235c23e-ae15-4462-a703-6e980a92b2b2&gdpr=&gdpr_consent=&gdpr_pd=
date
Tue, 22 Nov 2022 06:26:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
55C44CE6-B7EB-4BC4-80E4-339E296A6928
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D4E1 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/55C44CE6-B7EB-4BC4-80E4-339E296A6928?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:aea4:a386:c0ef:3243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame D4E1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=55C44CE6-B7EB-4BC4-80E4-339E296A6928&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=55C44CE6-B7EB-4BC4-80E4-339E296A6928&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bMnFuKVE2uXL4XPYMJ97j8lqi2ekYL0-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bMnFuKVE2uXL4XPYMJ97j8lqi2ekYL0-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bMnFuKVE2uXL4XPYMJ97j8lqi2ekYL0-~A&gdpr=0&gdpr_consent=
date
Tue, 22 Nov 2022 06:26:19 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame D4E1 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=55C44CE6-B7EB-4BC4-80E4-339E296A6928&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame D4E1 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 22 Nov 2022 06:26:18 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D4E1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7340088740799050681&gdpr=0&gdpr_consent=&us_privacy=
1 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7340088740799050681&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 22 Nov 2022 06:26:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7340088740799050681&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame D4E1
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9acebe15-93d0-422d-ae54-bf821aca8123&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9acebe15-93d0-422d-ae54-bf821aca8123&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 06:26:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9acebe15-93d0-422d-ae54-bf821aca8123&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 22 Nov 2022 06:26:20 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame D4E1
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2956589636793389865
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2956589636793389865
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 06:26:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
AN-X-Request-Uuid
bbe8ae27-5ce7-4fee-9e13-bbffef0c69f0
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2956589636793389865
Connection
keep-alive
X-Proxy-Origin
217.138.196.99; 217.138.196.99; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame FFC6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame FFC6
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=cIu1SYUfTrGd2vY7GgVBmg&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=cIu1SYUfTrGd2vY7GgVBmg&gdpr=0
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=cIu1SYUfTrGd2vY7GgVBmg&gdpr=0
Protocol
HTTP/1.1
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YGQK96GM1SBSHW539Z34
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=cIu1SYUfTrGd2vY7GgVBmg&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame FFC6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjdmMDBmNTdmYjFkNGU4M2Y3MjM1OTA3OTlkNzVmYWFkZDRiOTFmNQ&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjdmMDBmNTdmYjFkNGU4M2Y3MjM1OTA3OTlkNzVmYWFkZDRiOTFmNQ&gdpr=0
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjdmMDBmNTdmYjFkNGU4M2Y3MjM1OTA3OTlkNzVmYWFkZDRiOTFmNQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame FFC6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LARU2TGV-B-BNSO&gdpr=0
0
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LARU2TGV-B-BNSO&gdpr=0
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: B0E408477C334A1182F0D8B481125532 Ref B: LTSEDGE0917 Ref C: 2022-11-22T06:26:20Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXuCUALJscgKPayyf7inw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LARU2TGV-B-BNSO&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame FFC6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-csYTgU_SbiCUo8JgLVDBQ&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-csYTgU_SbiCUo8JgLVDBQ&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-csYTgU_SbiCUo8JgLVDBQ&gdpr=0
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AMJFRT5CECVRD96MNWDZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-csYTgU_SbiCUo8JgLVDBQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame FFC6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFSVTJUR1YtQi1CTlNP&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFSVTJUR1YtQi1CTlNP&gdpr=0
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFSVTJUR1YtQi1CTlNP&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame FFC6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/OPg_5BXgm91NUqVazo0Y6g?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2925166907955467664
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2925166907955467664
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 22 Nov 2022 06:26:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2925166907955467664
content-length
0
tap.php
pixel.rubiconproject.com/ Frame FFC6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECRC4QltFFfhQgY-hJrhDhw&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECRC4QltFFfhQgY-hJrhDhw&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECRC4QltFFfhQgY-hJrhDhw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 9228
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=2956589636793389865
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=2956589636793389865
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:19 GMT
AN-X-Request-Uuid
bc0b1d41-106d-4691-8269-fb07c69a566d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=2956589636793389865
Connection
keep-alive
X-Proxy-Origin
217.138.196.99; 217.138.196.99; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 9228
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_22ec855e-2700-4ab5-9218-bb11357f84fa&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_22ec855e-2700-4ab5-9218-bb11357f84fa&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e0e6f463-1591-4f86-8913-208893a78ba2&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=e235c23e-ae15-4462-a703-6e980a92b2b2
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=e235c23e-ae15-4462-a703-6e980a92b2b2
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=e235c23e-ae15-4462-a703-6e980a92b2b2
date
Tue, 22 Nov 2022 06:26:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame 9228
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-afddb1d3-1504-4144-4140-bee54711dc34$ip$217.138.196.99
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-afddb1d3-1504-4144-4140-bee54711dc34$ip$217.138.196.99
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-afddb1d3-1504-4144-4140-bee54711dc34$ip$217.138.196.99
Date
Tue, 22 Nov 2022 06:26:20 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 9228
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_22ec855e-2700-4ab5-9218-bb11357f84fa&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=lhRhJT_kvTnTIFLHTpZm&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT23DIKJUEUVC7NN3FI3SUJFDEYSCUOBNG2...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=lhRhJT_kvTnTIFLHTpZm&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=lhRhJT_kvTnTIFLHTpZm&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=lhRhJT_kvTnTIFLHTpZm&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 9228
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5494976850
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5494976850
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
etag
RX3cae951e44ea46f4bc0c5f865a31779c003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5494976850
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
usersync.gumgum.com/ Frame 9228
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=ibpGGaz9adT1&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=ibpGGaz9adT1&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=ibpGGaz9adT1&ev=1&pid=558355
content-language
en-GB
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6794d6fb46-6vbn8
expires
-1
cookie-sync
sync.outbrain.com/ Frame 9228
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28Z89_TIpvmYvE2IHgulFyCb-HJ-mvCZ8daaWRrA8vY9pC70Ekg2DMjXkF5S5MPEuW%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_22ec855e-2700-4ab5-9218-bb11357f84fa&obuid=ENC(Z89_TIpvmYvE2IHgulFyCb-HJ-mvCZ8daaWRrA8vY9pC70Ekg2DMjXkF5S5MPEuW)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3DZ89_TIpvmYvE2IHgulFyC...
  • https://sync.outbrain.com/cookie-sync?p=criteo&uid=2a97cd70-2dc5-435b-aefb-4bbead8e8e58&obUid=Z89_TIpvmYvE2IHgulFyCb-HJ-mvCZ8daaWRrA8vY9pC70Ekg2DMjXkF5S5MPEuW&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSN...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=2a97cd70-2dc5-435b-aefb-4bbead8e8e58&obUid=Z89_TIpvmYvE2IHgulFyCb-HJ-mvCZ8daaWRrA8vY9pC70Ekg2DMjXkF5S5MPEuW&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 06:26:20 GMT
Cache-Control
no-cache
X-TraceId
00fd4ced02139ea0179ef24b06ea49f1
Content-Length
0

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:20 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync.outbrain.com/cookie-sync?p=criteo&uid=2a97cd70-2dc5-435b-aefb-4bbead8e8e58&obUid=Z89_TIpvmYvE2IHgulFyCb-HJ-mvCZ8daaWRrA8vY9pC70Ekg2DMjXkF5S5MPEuW&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&platformId=GUMGU18H7EL9NI653I7DPEH51
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1370362
content-length
0
expires
Tue, 22 Nov 2022 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 9228
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=62ee2027-aa47-45cc-87e3-4a84055ee7d6
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=62ee2027-aa47-45cc-87e3-4a84055ee7d6
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 22 Nov 2022 06:26:20 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=62ee2027-aa47-45cc-87e3-4a84055ee7d6
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 9228 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:aea4:a386:c0ef:3243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersync
usersync.gumgum.com/ Frame 9228
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=f23a0d78-6d5f-42d4-b0f9-7a31a2ccef14
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=f23a0d78-6d5f-42d4-b0f9-7a31a2ccef14
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=f23a0d78-6d5f-42d4-b0f9-7a31a2ccef14
Date
Tue, 22 Nov 2022 06:26:20 GMT
Connection
keep-alive
X-CI-RTID
d583417c-44e2-4044-89a1-4cfb75525c6a
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 9228 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.226.63.138 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:20 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
892937715
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 9228 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:20 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 9228
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=89da22a7-8a8e-4951-b376-63d1372d85f8
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=89da22a7-8a8e-4951-b376-63d1372d85f8
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=89da22a7-8a8e-4951-b376-63d1372d85f8
access-control-allow-origin
*
date
Tue, 22 Nov 2022 06:26:20 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 9228
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=3424312399685321405
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=3424312399685321405
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 22 Nov 2022 06:26:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=3424312399685321405
date
Tue, 22 Nov 2022 06:26:18 GMT
content-length
0
sync
ads.servenobid.com/ Frame 9228 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_22ec855e-2700-4ab5-9218-bb11357f84fa
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.129.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
0.gif
id5-sync.com/i/495/ Frame F067
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 22 Nov 2022 06:26:20 GMT
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Redirect headers

content-length
332
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Tue, 22 Nov 2022 06:26:21 GMT
expect-ct
max-age=0
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7B6D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=115682
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 06:26:19 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 23 Nov 2022 14:34:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame F0C9 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 22 Nov 2022 06:26:19 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame D164
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=7dd9637c-6b8c-4100-8b89-a786fa776570&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=7dd9637c-6b8c-4100-8b89-a786fa776570&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 22 Nov 2022 06:26:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 22 Nov 2022 06:26:20 GMT
Expires
Tue, 22 Nov 2022 06:26:19 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 169 32252b7 master nrt-pixel-x14 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=7dd9637c-6b8c-4100-8b89-a786fa776570&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 39AA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y3xriwAJ5lscNwAT
  • https://usersync.gumgum.com/usersync?b=atm&i=Y3xriwAJ5lscNwAT&gdpr=0&gdpr_consent=&_test=Y3xriwAJ5lscNwAT
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y3xriwAJ5lscNwAT&gdpr=0&gdpr_consent=&_test=Y3xriwAJ5lscNwAT
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 22 Nov 2022 06:26:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 22 Nov 2022 06:26:19 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y3xriwAJ5lscNwAT&gdpr=0&gdpr_consent=&_test=Y3xriwAJ5lscNwAT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-lcy-eglc8600021-LCY
x-timer
S1669098380.940832,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame C87E 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yMmVjODU1ZS0yNzAwLTRhYjUtOTIxOC1iYjExMzU3Zjg0ZmE=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 06:26:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame FB48
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
  • https://cs.emxdgt.com/umcheck?apnxid=2956589636793389865&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNW...
  • https://usersync.gumgum.com/usersync?b=emx&i=2956589636793389865brt51591669098379980988f1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=2956589636793389865brt51591669098379980988f1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 22 Nov 2022 06:26:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Tue, 22 Nov 2022 06:26:19 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=2956589636793389865brt51591669098379980988f1
usersync
usersync.gumgum.com/ Frame F21A
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y3xrjMCo5s8AADmUF4sAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y3xrjMCo5s8AADmUF4sAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 22 Nov 2022 06:26:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 22 Nov 2022 06:26:20 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y3xrjMCo5s8AADmUF4sAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
40
X-SO-HostName
m-ad232.dc4p.scaleout.jp
X-SO-IP
217.138.196.99
X-SO-Key
Y3xrjMCo5s8AADmUF4sAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":40,"gdpr":true,"ipv4":"0.0.0.0","key":"Y3xrjMCo5s8AADmUF4sAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad232"}
X-SO-LB-Hostname
a-tgng40011.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad232
gumgum
cs.admanmedia.com/sync/ Frame 6A69 		0
0
usersync
usersync.gumgum.com/ Frame 9B7F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y3xriXKz9flSJU7JTR71JgAA%263347
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y3xriXKz9flSJU7JTR71JgAA%263347
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 22 Nov 2022 06:26:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76df97c9f8c0b2f3-MAN
content-length
0
date
Tue, 22 Nov 2022 06:26:19 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y3xriXKz9flSJU7JTR71JgAA%263347
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwF4y3G%2BzpfEPFtabzTUDjtHFL9LCjTaFrmu3liQ2iK3eUHy1hvoA5pGgykkJ6dOMAnLQ4LwtMgj2CPhD19O829lImzEBCEwI950byc4oSgaOH%2BOVObs9CI6qzhjwwKGJ2WeEe2chPnhSg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 962E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=dzAvl8ok9QbcoKoF7EKp&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=dzAvl8ok9QbcoKoF7EKp&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 22 Nov 2022 06:26:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 22 Nov 2022 06:26:19 GMT Tue, 22 Nov 2022 06:26:19 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=dzAvl8ok9QbcoKoF7EKp&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 3798
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Nov 2022 06:26:19 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 22 Nov 2022 06:26:19 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sync
ads.servenobid.com/ Frame 4EA0 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=1338930667365696073&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.129.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-129-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 06:26:19 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame 4EA0
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1646830185
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1646830185
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
etag
RX3cae951e44ea46f4bc0c5f865a31779c003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1646830185
cache-control
no-store, no-cache, must-revalidate
expires
0
bsync
visitor.omnitagjs.com/visitor/ Frame 4EA0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
9.gif
id5-sync.com/i/102/ Frame 4EA0 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 22 Nov 2022 06:26:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
redir
rtb-csync.smartadserver.com/ Frame 4EA0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADlY07G-NcAAB_aeev6LA&gdpr=0
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADlY07G-NcAAB_aeev6LA&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Nov 2022 06:26:19 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADlY07G-NcAAB_aeev6LA&gdpr=0
Date
Tue, 22 Nov 2022 06:26:20 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame EAFC 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0f679c2d4296ab6709c8958d1d8644b99c13dc37642f281bd5d98499df12b233

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 06:26:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Nov 2022 22:30:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57871
Connection
keep-alive
Content-Length
10066
Expires
Tue, 22 Nov 2022 22:30:50 GMT
usync.js
eus.rubiconproject.com/ Frame 3798 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0f679c2d4296ab6709c8958d1d8644b99c13dc37642f281bd5d98499df12b233

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 06:26:20 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Nov 2022 22:30:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57870
Connection
keep-alive
Content-Length
10066
Expires
Tue, 22 Nov 2022 22:30:50 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame EAFC 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LARU2TGV-B-BNSO
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
03d4828e33e22cf7b4098c5a68746480
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel.rubiconproject.com/exchange/ Frame 3798 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LARU2TGV-B-BNSO
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
leokross.com
URL
https://leokross.com/vAW/aGeq.js
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| __cfQR object| google_tag_manager object| dataLayer object| google_optimize object| googletag object| vmpbjs object| vpb object| banners_zones object| banners_zones_mobile object| TwentyMinutUa object| gravitecWebpackJsonp number| _subscriptionStrategy function| $ function| jQuery string| GoogleAnalyticsObject function| ga string| rempToken object| rempConfig object| remplib function| fbq function| _fbq function| handleCredentialResponse function| logMomentNotification function| fblogin function| fbAsyncInit function| IMask object| element object| maskOptions object| mask object| Login object| TwentyUaShare function| _extends function| _typeof function| searchBlock function| CompanyTracker function| MyCityEventTracker function| news_slider undefined| socialHtmls undefined| nextPages undefined| nextHeadBanners undefined| nextMobHeadBanners undefined| lastPostData undefined| currentPostSelector undefined| infScroll undefined| path undefined| PostData function| LazyLoad object| jQuery112406369504117768938 function| _ object| Backbone function| moment function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| libpannellum object| pannellum function| InfiniteScroll function| imagesLoaded object| docCookies string| fos_comment_thread_selector object| fos object| WorkOffline function| blockPopup object| mycityEventTracker function| _f_tab_widget string| RESOURCE_O1B2L3 boolean| __cfRLUnblockHandlers object| ModalLogin object| NewLogin object| SubscriberLife function| _f_informer function| _f_slide_four_js function| _f_slide_four_most_js function| _f_slide_four_mm_js object| default_gsi object| google object| __G_ID_CLIENT__ object| closure_lm_609168 object| FB object| GravitecConfig object| Gravitec object| WLPush string| grvTatooineHost object| google_tag_data object| gaplugins object| ggeac object| google_js_reporting_queue object| vmpbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| GravitecNetNewsConfig object| gaGlobal object| gaData object| __buffer undefined| google_measure_js_timing object| GravitecNews function| onYouTubeIframeAPIReady object| Criteo object| litHtmlVersions object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| google_image_requests

147 Cookies

Domain/Path Name / Value
vsim.ua/ Name: subscriber_life
Value: %7B%22order%22%3A%5B%22modal_mail%22%5D%2C%22modal_mail%22%3Afalse%7D
vsim.ua/ Name:
Value: undefined
vsim.ua/ Name: browser_id
Value: 5babc4a1-3a93-4831-a9bb-dab1286f5dcb
vsim.ua/ Name: remp_session_id
Value: 4bc7ab6c-7110-4d2a-ac15-27c326195b8e
.vsim.ua/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.vsim.ua/ Name: _gid
Value: GA1.2.1371346703.1669098376
.vsim.ua/ Name: _gat
Value: 1
.vsim.ua/ Name: _fbp
Value: fb.1.1669098375644.617386368
vsim.ua/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.vsim.ua/ Name: _pubcid
Value: e4cbb508-838b-4d89-b211-5ca63600410d
vsim.ua/ Name: GN_USER_ID_KEY
Value: 1706cf73-ef5d-46ca-b03c-4ccae8f8695b
vsim.ua/ Name: GN_SESSION_ID_KEY
Value: 94f97e88-a140-4810-86f9-ae57e16f3b9c
.vsim.ua/ Name: _ga_0CS1NTGGLB
Value: GS1.1.1669098375.1.0.1669098375.60.0.0
.vsim.ua/ Name: _ga
Value: GA1.1.329870092.1669098376
.vsim.ua/ Name: __cf_bm
Value: 0UO4yEcCvyjA_c2iBV0QomDsW9kykIqQ537WXzQb0J4-1669098375-0-ASBsKBuPGOADq9QAr0pnDA+brLtijYYX/vYsnaAihFn+Y6YvMHY7XrR/I4H9t42+b4+NcxMT4kH6X3SroIsGZC/0o/coMnT5sACvMXhLE511PRny07lF/ZE010pBIxwzYtCQhDj4shzWSK7ctB9vTyM=
pbjs.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: ALeNdC4z8jQJUWdD
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.lijit.com/ Name: ljt_reader
Value: FsUCvBZHsW3IC6z2Quawi1D9
a4p.adpartner.pro/ Name: apuid
Value: 46572021-51e9-4f95-8b06-bc9d5e4d73bf
.rubiconproject.com/ Name: khaos
Value: LARU2TGV-B-BNSO
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qod6aLLel5ZMVqbBgMWySGKoH1GQZR6kuiZFDfMUUq5funW9TENwD4xfnAZztraAt/MboWaW1ii7ap6H+6fNNSw
.adtelligent.com/ Name: vmuid
Value: e71afaf6c8f74ff0
.adtelligent.com/ Name: a307558
Value: 46572021-51e9-4f95-8b06-bc9d5e4d73bf
.vsim.ua/ Name: __gads
Value: ID=d6e4bce4719e2cfc:T=1669098376:S=ALNI_MaZQ8Y5ix0fNM1J8kXDmR9v28Q_fQ
.vsim.ua/ Name: __gpi
Value: UID=00000b853be0e88d:T=1669098376:RT=1669098376:S=ALNI_MYSQXVdJMuQQ02jGRi8uSShfKgJRw
.doubleclick.net/ Name: IDE
Value: AHWqTUmDREQCWE1lOqZEA9z_hYTDaO8bJul7tfV3-3GI3XDk_D04xTWcP9HHzPseVsU
.adnxs.com/ Name: uuid2
Value: 2956589636793389865
.casalemedia.com/ Name: CMPS
Value: 3347
.casalemedia.com/ Name: CMPRO
Value: 3347
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$Om?iqg!]tbPl1M>e)ZlrFUfJ+tGXxp$cPw9oI-10tKeMswShU!DGSY82_=`YKS3iPg*bpRz*qF1`*b_DV*-IW[
.casalemedia.com/ Name: CMID
Value: Y3xriXKz9flSJU7JTR71JgAA
.criteo.com/ Name: uid
Value: 2a97cd70-2dc5-435b-aefb-4bbead8e8e58
.zeotap.com/ Name: zc
Value: 7f05710b-71ee-444c-48e3-281599c01723
.zeotap.com/ Name: zsc
Value: %CD%B5%29D%D3K%DEyAd%BDV%A4%F4%C9%DC%81%D0%E0%EAW%D6%3E%BB%10%28%7D%CD%FF7%0A%25+%CC%D0%2A%60%3Fe%9B%B2%E7%BD%21%0A%DE%28%82z%D5%F1R++%2F.%04%08%A0%0B%C2%FA%3C%0F%C2%AB%D6%E8%FA%13%D7%BB%C4%A4%F5%9D%BD%189%0B%98%DDNu%FC%85%B7%B6%26%0C%C7%8C%E5%7F%9Bx3%F3J%C0%29%3D~%C5~%DD%02%29%F0%91%29%E5%22%02%B8U%06%B0D%FC%ED%9D%FFg%C1%1B%CFDc%F8bb%88%C0%B2%80%19%EF%22%98l%DF%0D4~%E6%F1%9A%2A%97n%ED%D62%DF%F9%3E%5D%1B%25%1CL%5C%3B%02%08O
.ads.pubmatic.com/ Name: KCCH
Value: YES
.vsim.ua/ Name: cto_bundle
Value: eo64a19uak5sdENwd0VGcEVQUTg2RiUyRlhRSkslMkZ2OUs4VXdXaEtqUXFhb2xRcWZ2RHpTJTJGeElDY0RNeUNLZCUyQnRYZkxwdXF2VktDUDg4M1A0U0ZxTnZWWHMwSzVvaDY0bXF1VTJLSE5OU0pXJTJGek9pZWl3MlJaZlR3ZXNSaUNkQzdPUlFsNm9ydGNPTkExSDNlQmZ6dHRzYjViUzFRJTNEJTNE
.vsim.ua/ Name: cto_bidid
Value: _kB3pV9aVlc1SlhqZnVzbVBnS1pNRnFCMlVOT1o4TlBsNlJxTXlZamhCS0JoVVZwNVNya1VHRVgxOVZiT1lFM0RVNldXQmRLbCUyRkp2VHlsWkclMkZmQWp2WVZ6V2tPSXhMaUhCSjZMb1hWRlFrajVKSXclM0Q
.tapad.com/ Name: TapAd_TS
Value: 1669098379683
.tapad.com/ Name: TapAd_DID
Value: f20149ad-1a48-4ab1-9dbe-f1a52680f612
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 55C44CE6-B7EB-4BC4-80E4-339E296A6928
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156813:2
.pubmatic.com/ Name: DPSync3
Value: 1669161600%3A174%7C1670284800%3A197_219_201
.pubmatic.com/ Name: SyncRTB3
Value: 1669939200%3A63%7C1670284800%3A243_54_3_55_22_238_220_7_165_21_81_234_88_251_56_8_166_176_71_99_233_204_13_161%7C1671667200%3A203%7C1670371200%3A35%7C1669680000%3A15_223_2
.servenobid.com/ Name: pid_312
Value: 2956589636793389865
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.gumgum.com/ Name: vst
Value: e_22ec855e-2700-4ab5-9218-bb11357f84fa
.servenobid.com/ Name: pid_333
Value: Y3xriXKz9flSJU7JTR71JgAADRMAAAAB
.adform.net/ Name: C
Value: 1
.servenobid.com/ Name: pid_327
Value: c88fa57e-361f-4da1-9afe-e5707d1bca6b
.adfarm1.adition.com/ Name: UserID1
Value: 7168722951631337611
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.servenobid.com/ Name: pid_310
Value: FsUCvBZHsW3IC6z2Quawi1D9
.smartadserver.com/ Name: pid
Value: 3424312399685321405
.dpm.demdex.net/ Name: dpm
Value: 27109401904770783323610277520197772849
.demdex.net/ Name: demdex
Value: 27109401904770783323610277520197772849
.weborama.fr/ Name: AFFICHE_W
Value: FVGIENWIxy4V15
.servenobid.com/ Name: pid_309
Value: e_22ec855e-2700-4ab5-9218-bb11357f84fa
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3cae951e-44ea-46f4-bc0c-5f865a31779c-003%22%2C%22zdxidn%22%3A%222075%22%2C%22nxtrdr%22%3Afalse%7D
.adform.net/ Name: uid
Value: 8219110578663417217
.tidaltv.com/ Name: tidal_ttid
Value: d390ceff-c1c9-418e-954e-3499d68cf197
.simpli.fi/ Name: suid
Value: 751A492F39DC4BB68C6E24F0CEA69D31
.creativecdn.com/ Name: u
Value: dzAvl8ok9QbcoKoF7EKp
.creativecdn.com/ Name: ts
Value: 1669098379
.onaudience.com/ Name: cookie
Value: c3cb2e13158bdb3d
.onaudience.com/ Name: done_redirects104
Value: 1
.servenobid.com/ Name: pid_317
Value: 1338930667365696073
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzMrE0NDc3sDQ3sBDiM9TNNXVKtijIcC1K9PACADxf_A8lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZmZpYGlhbG5pYWIKADfNQhQQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzMrE0NDc3sDQ3sBDiM9TNNXVKtijIcC1K9PACADxf_A8lAAAA
.quantserve.com/ Name: d
Value: ELYBCwHRJ_ijAA
.quantserve.com/ Name: mc
Value: 637c6b8b-ce8e5-06be4-b9cc4
.turn.com/ Name: uid
Value: 7340088740799050681
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y3xriwAJ5lscNwAT
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-RU5NsUUfQrBeHh_qFkhX4kUfH-ZeH0OxEElC1LWQ&KRTB&19420-RU5NsUUfQrBeHh_qFkhX4kUfH-ZeH0OxEElC1LWQ&KRTB&22979-RU5NsUUfQrBeHh_qFkhX4kUfH-ZeH0OxEElC1LWQ&KRTB&23403-RU5NsUUfQrBeHh_qFkhX4kUfH-ZeH0OxEElC1LWQ
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEM4ZYq7cKuE9XdzQZnO6F5I&KRTB&16514-CAESEM4ZYq7cKuE9XdzQZnO6F5I&KRTB&23025-CAESEM4ZYq7cKuE9XdzQZnO6F5I&KRTB&23386-CAESEM4ZYq7cKuE9XdzQZnO6F5I
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2956589636793389865&KRTB&23339-2956589636793389865
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7168722951631337611&KRTB&23369-7168722951631337611
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7340088740799050681&KRTB&23150-7340088740799050681
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8219110578663417217&KRTB&23263-8219110578663417217
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16990%3b%24o%3d11100
.openx.net/ Name: i
Value: 467fbb0e-2bd5-426d-ba4e-9281a929d56d|1669098379
.w55c.net/ Name: wfivefivec
Value: rvvnn5sS1OXmJB5
.servenobid.com/ Name: pid_324
Value: 5141210822471222507
.servenobid.com/ Name: pid_337
Value: y-FT92SDhE2uFkvzp_jI5msoi0PeW36beBJhoQ06o-~A
.servenobid.com/ Name: pid_339
Value: y-FT92SDhE2uFkvzp_jI5msoi0PeW36beBJhoQ06o-~A
.bidswitch.net/ Name: c
Value: 1669098379
.bidswitch.net/ Name: tuuid_lu
Value: 1669098379
.bidswitch.net/ Name: tuuid
Value: e235c23e-ae15-4462-a703-6e980a92b2b2
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjawtDK0MAIALYy2gAkAAAA="
.de17a.com/ Name: guid
Value: 1.4282803907331353629
.agkn.com/ Name: ab
Value: 0001%3A6WZh0SAQJ1EZc4t%2B917Lhg2DVnwXZPlH
.yahoo.com/ Name: A3
Value: d=AQABBItrfGMCEB1X5k1OKtOCAUMdNykaISQFEgEBAQG9fWOGYwAAAAAA_eMAAA&S=AQAAAk11it680QzN61heTPh5UAo
.emxdgt.com/ Name: euid
Value: 51591669098379980988f1
.bidr.io/ Name: bito
Value: AADlY07G-NcAAB_aeev6LA
.bidr.io/ Name: bitoIsSecure
Value: ok
.w55c.net/ Name: matchcasale
Value: 5
.onaudience.com/ Name: done_redirects161
Value: 1
ads.playground.xyz/ Name: connect.sid
Value: s%3ARwnEEhqbmUqrfYCo-i1RD5EFLYlSMSRH.yxr7rWyA%2B5Up8i6xPOKaD%2F49aDleXALRq7zg0xAesGg
.pubmatic.com/ Name: SPugT
Value: 1669098379
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~28fi:19ah~28fi"
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4282803907331353629
.casalemedia.com/ Name: CMTS
Value: 3369
.emxdgt.com/ Name: eapn_id
Value: 2956589636793389865
.go.sonobi.com/ Name: HAPLB8S
Value: s8558|Y3xrj
.richaudience.com/ Name: avcid-zeo-uid
Value: 7f05710b-71ee-444c-48e3-281599c01723
.technoratimedia.com/ Name: tads_uid
Value: GDPR
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 0c0681fa3acd3e14
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.smartadserver.com/ Name: csync
Value: 127:AADlY07G-NcAAB_aeev6LA
.tribalfusion.com/ Name: ANON_ID
Value: aknsIHtlix88qyTAZbCauRYD7vB0eIIZaKGZdstIObG0VKcflNhE0mjjFKQ9IGJxsMCJo7tI5ysnO7ZdUe1UYj1RYb1i
ads.avct.cloud/ Name: uuid
Value: a6a3f141-db91-47ba-baba-6cb258be1869
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-F1rNcAsvjYjhXnbYbVShQhYQ
.fwmrm.net/ Name: _uid
Value: "o2cb8_7168722955906713365"
.zemanta.com/ Name: zuid
Value: lhRhJT_kvTnTIFLHTpZm
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&74c5ad5c-4de3-48eb-8792-1c7f66e27e30"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjkwOTgzODA7MjswMjHl5W7Qc+bab7/ENszlD9FIzfgif1bFEms7A53uXyLaxA==
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2737:u=1:x=1:i=1669098380:t=1669184780:v=2:sig=AQH4Cd2PH1PTHHlDGk0-YnXdF1TTz6vV"
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-722d943b-d41b-3e93-a769-2010ee5a012a
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-afddb1d3-1504-4144-4140-bee54711dc34.dKURZP2JGYObG1yR6uY%2B6unQyzGjDQ4aO6tBFEzkHm4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Ar92x0xUEQURBQL7lRxHcNNmKxGM.eEfMQ%2BoWQNGvWBzL8E6NQbmLcl6qMcDtNRq76QxUL%2Fg
.sportradarserving.com/ Name: zuuid
Value: e0e6f463-1591-4f86-8913-208893a78ba2
.sportradarserving.com/ Name: c
Value: 1669098380
.sportradarserving.com/ Name: zuuid_lu
Value: 1669098380
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-efHenMQeRiJLOGH2afUxedmKxGM&KRTB&23334-efHenMQeRiJLOGH2afUxedmKxGM&KRTB&23417-efHenMQeRiJLOGH2afUxedmKxGM&KRTB&23426-efHenMQeRiJLOGH2afUxedmKxGM
.pubmatic.com/ Name: PugT
Value: 1669098379
.360yield.com/ Name: tuuid
Value: 89da22a7-8a8e-4951-b376-63d1372d85f8
.360yield.com/ Name: tuuid_lu
Value: 1669098380
.ipredictive.com/ Name: cu
Value: f23a0d78-6d5f-42d4-b0f9-7a31a2ccef14|1669098380207
.servenobid.com/ Name: pid_346
Value: ua-722d943b-d41b-3e93-a769-2010ee5a012a
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1669098380
.outbrain.com/ Name: obuid
Value: d6942c31-84ce-476b-802a-408ef262c0c7
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-e235c23e-ae15-4462-a703-6e980a92b2b2
.amazon-adsystem.com/ Name: ad-id
Value: A5YSzpA18Emwl9VxUSIzrbc
.adsby.bidtheatre.com/ Name: __kuid
Value: 9acebe15-93d0-422d-ae54-bf821aca8123.438312380
.bluekai.com/ Name: bku
Value: ikG99/hg4swyLqXy
.bluekai.com/ Name: bkpa
Value: KJhz06aFLM9R9mO4Dtd38NFOf6/VaDgot3n0kiGUQ69ZWHAOBcsd4+kkC8t4wwmCc3L861U3dN+5KLlNzOPTFMthhRCJMkNt7dHPV44K5H0fQ59N9DS9UHqe30NZU2D2qX5XP7pKYqecDwUe306/LWFp3s88ER9PK5BzXrntX0QgY4UNO7i62JachXHNJvG6TbWgRbVmRKh/gH0y/BcUMFlMvhFLJvMDJi3EJbPBrvU/kUc+fhw/NKcWQ8lRO8kOGcf6nAhQ6rNvSXGiZCMOdmYDqWtX6uW/Esm2mbbUvmJLq6BUmsaQW8eH8vwLKrd48eszrf8I8LUnV6076IXO91K6UQ1=

8 Console Messages

Source Level URL
Text
network error URL: https://leokross.com/vAW/aGeq.js
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://script.4dex.io/localstore.js
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network error URL: https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=7f05710b-71ee-444c-48e3-281599c01723?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c3cb2e13158bdb3d/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tags.bluekai.com/site/87734?id=7f05710b-71ee-444c-48e3-281599c01723&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=7f05710b-71ee-444c-48e3-281599c01723&reqId=976d067f-5f79-43d5-6f70-6d04fd71bccf&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3d229e5b137832bdac596f065ebeac55.safeframe.googlesyndication.com
a.sportradarserving.com
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
accounts.google.com
ad.360yield.com
ad.turn.com
ad4m.at
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
adservice.google.co.uk
adservice.google.com
ampcid.google.com
ap.lijit.com
api.gravitec.media
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.gravitec.media
cdn.gravitec.net
cdn.indexww.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
contextual.media.net
core.iprom.net
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.admanmedia.com
cs.emxdgt.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
engine.widespace.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.gravitec.net
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
leokross.com
loada.exelator.com
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
player.adtelligent.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.adtelligent.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.technoratimedia.com
sync.tidaltv.com
tags.bluekai.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tracker_beam.20minut.ua
trc.taboola.com
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.gumgum.com
visitor.omnitagjs.com
vsim.ua
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
cs.admanmedia.com
leokross.com
103.229.205.242
104.18.33.19
104.18.36.94
13.32.99.109
13.32.99.30
132.226.63.138
141.94.170.64
141.94.171.213
141.95.171.140
142.250.186.66
147.75.85.234
151.101.194.49
159.65.196.12
162.19.138.118
162.19.138.120
168.119.79.223
172.217.18.98
172.64.151.162
172.64.154.237
176.34.205.255
178.250.0.157
178.250.0.163
18.156.0.31
18.158.8.202
18.192.2.142
185.172.90.252
185.183.112.155
185.184.8.90
185.255.84.152
185.64.189.110
185.64.189.112
185.64.189.115
185.64.190.80
185.64.190.81
185.80.39.216
185.86.137.132
185.86.139.104
193.0.160.128
195.5.165.20
198.148.27.140
20.127.253.7
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
202.241.208.55
212.82.100.182
213.155.156.165
213.19.147.45
216.52.2.39
23.203.77.3
23.35.236.201
2600:1f16:e61:3f01:4121:4821:f664:be
2600:9000:223f:a00:1f:4c18:bd40:93a1
2602:803:c003:200::51
2606:4700:10::6816:1957
2606:4700:20::681a:ad1
2606:4700:20::ac43:4bf1
2606:4700:3035::6815:3aed
2606:4700:3035::ac43:d201
2606:4700::6810:7daf
2606:4700::6812:19ad
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:21::14
2a00:1450:4001:800::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:811::200a
2a00:1450:4001:811::200e
2a00:1450:4001:812::2006
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:829::200d
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9a
2a02:2638:1::13
2a02:2638:1::3
2a02:2638::24
2a02:6ea0:c700::18
2a02:fa8:8806:13::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::300
2a05:d018:24:b002:eb7b:3a65:f7da:a48f
2a05:d018:d29:3601:aea4:a386:c0ef:3243
2a0c:5c81:5142::2
3.248.82.49
31.41.216.82
34.102.253.54
34.107.148.139
34.111.131.239
34.199.232.33
34.247.233.198
34.252.123.138
34.254.143.3
34.91.62.186
34.98.67.61
35.156.17.110
35.157.189.90
35.157.204.17
35.157.246.167
35.214.184.209
35.214.223.115
35.227.248.159
35.244.159.8
37.157.4.28
37.252.171.149
37.252.171.85
38.91.45.7
45.133.44.3
45.133.44.4
5.161.47.120
51.75.86.98
51.83.220.94
52.17.151.21
52.223.40.198
52.30.129.185
52.46.143.56
52.86.222.203
52.95.126.138
54.175.24.238
54.195.100.225
54.204.140.125
54.246.4.228
54.72.173.47
62.149.1.122
63.251.232.165
64.202.112.127
66.155.71.150
69.166.1.12
69.173.144.139
70.42.32.63
76.223.111.18
8.43.72.97
85.114.159.118
88.221.168.166
88.221.168.23
96.16.141.156
99.81.20.134
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
06a44402449371b9869fa418b56e2511f9f22635969d8ec4746c3ce5c2220c98
092cb8a7c234247243577529fa46f11c66216fb8c2b91a9e12d6bda73b739ed9
09390420931de1a5876504eb4ebc8af93bd0464e7837af05c971b8afd33f6dbf
0a4c2ecf677f70d4d9d1b3ef31558bb18a0bee17b8f1f38ce5ca65f8871118ba
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0ae6ea8e517e85f964ee85f332e8cb0492325f6296593f5eeb0f938ddb5e6b04
0b46415d4c7062555023e1136680dad462d3d5c66a0fcea388707906288638c0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f679c2d4296ab6709c8958d1d8644b99c13dc37642f281bd5d98499df12b233
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1459a4c2d036e9bf1a897002f1e18a3b502c9661bacd06e616bd08d422058dd9
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e1a5d443d9d19fc1323f7a5702d6ee4d2f073e41295ecd58047613b3c229523
2336d52e36cd8f59eb79cb65a1efb3824f594024bfe032f1b6bf48f1016ba719
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
24e76f8224b25d229b94950548d3758bc9d375d75f6965782e204c2bff600a33
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b0cab36eef67b0a04cb58fab9ba043426831095d32fe705f2f6d652725290d3
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f42c410eba2c4dc22b4c39f686000a1a7093a01b84551a19ffc30b26c72a86a
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30015300955352764840758227634ade8cc98299ccadc46cf9f3f6681385a756
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3303123e662ff6f0aab97d549ba72d289e29a064faa7b19211f681a10f48221b
332128bf7a7e69712b8ddb874d77735abbf071e1bfa47695102025080fd04762
34b32035c62caeb6ba158476cdc55287421596f7db6cfc52ca84d7a7bede75aa
3549afb22638fe468475f7d9e44afcca5039d53561562f8674a7405e4650985d
393a326c8895b4742406ce29bd0726009f57ef27e189146bb692b1d18d0e9ced
3b75921b41d4e07c85656f7276797a6a9e3b5982b64b5eaa1b9dbd5d2bfc7565
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f7395272e337bd77d47ff9ba8f42f01348f039527171842d0cd2f802e322721
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41a0051ab451e40fa8a0a904b113c3faa39688083be653502d5a0e2b88c7afab
43a315249d743d2925ac5e0af719991f12be5e15c5f2629a7824cbc10a9e4f66
44f61a242bb16b433490f30ba87f228fa675c7bdd42cc2d5cf33f1ad5279dfc6
454be236f028c98647c3e8710cb6d8b7a9accf49d273b198c7cc10feadc290d1
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4911e9ac641a4e3ec510fe0adc58353be21fb997049d4574b0410ccaf139023e
4a7ba87ff08127253564f6d997be58f8e11109edf659f6677f6af8f8459a69d7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5048838007ff1b6b052c31125a8d0d0bfabac846c7b912d52592617acbf51397
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5198e1fb993a19c9e8dbc988eaf22fa351f3314700f4a76392dbc1b15a7a3c48
51a983a5a2989b0dcd2e3948e8e71ca170cc39ea8cec837c7e9249d819452b98
53c3a9665988d59703975294600750e8e20d83f96ec2fa064cb716eb035b3ccd
55240e190af93c329c339c44aef4e37701f7cac83c65df0afb7e801b7eead39f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59c6c59c417887b5c9ca336d869a7af00b17e75b79062440d6a6fef76064ec86
5e35431fa4cf6116249b7c34450698b4647548aa1bc44ca57ef277a1786ebd5d
5e392727f47fa50895f18b65a045759516919adf27f08a487abd777bb9175c4b
5e3a4e3aac810c6857f89eccb48c5417ae1ac2b466252741294b3674a40697eb
5ee58d63b466de0f67a216954ad930f8cfa99fcb23b97c3c27e9c714520d2fa6
5f303a0de1cfe53713218d7f8b6d58cb3a85e0946f81cf0e4b79d1ce76e3a97b
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6528f3918454b93ba3ebaca124855a7c3cc9ec052c2349ff12ba49ba81e0ef32
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66e13aa2e202fb554666e714e19b4040a4ee2e500ea8419bfb42ba8133568a39
66fbe356f6e297ef03954cdb269883d5352c2463a0d3367ade4b077088658ab5
67351144f8badeefc83e9f6bcf3a7840d15ee81ca2f225b1cbedbb994253b9e0
6795f2aa61d4bee691e1f5ff4c64962dacd10cba72ad371f449259574e9f122e
6876f756038af6a0fbd5b5f564fe5c893098006abf3d891f81c52e7ef69c609b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d6603b1df6925347c0d9bd5cb393f76116c8c272f06a4fa026ea13e9fbbd2aa
6e65ccaf459ff5b79afd9e6487cc2e0bbc22cd8140dc040dffb1e24adc92b2be
7099b0a5636275b29bf77167ad5d60c566b1162e67cb1fe6e790a82a4cf9e791
73b6bc30a060a359ef816e7d8a238cc25d76e29219fb9bbcc309052a1ff568cf
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
78f41a9fa63f80a45ca282d8a5d85cbe5feaaaa73260e59f7f76093aa7f207d2
790ba5981afee1ce7ae6cffa105cbb3ebd2a0f89822499dfbf91d2dbe6f630d1
7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7f4cdf8eb55088438c1717a479c9f44fe7ea913728199a6b4c09508514f92b4d
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ab4f6ce6653c2643d3c9290b632402ce914af6980b3228a70881761b7c2e19
84d0d810dc5e20bf11e9934321f4d484fa475a2a52751ba94921e86a6e46ade7
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8698e0af340a8d0d5fcb29c4926c8a0fa99ec23afac95d7aa3c3ab95ed546ca0
88b0fc3a3e6f93d2a2c3a067a55df5ec729f915c9502b3364bcce58f1cb9a17f
88b263a05e0fa2a8084852de8152c02ade2b1cb33a2d9bbb780a2d9561e48c63
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df341e6dc08250afdca9719e6dafd016ec7b0d1de3488066a8620a2cb304e96
8fde8bf6c1c3c2bec65b23e45729683c058e063e2aa77a4e57c365a24a820614
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91c51f424031f6d025726982227527bc60cdc06c4bbe948cda46c66c54c2a695
948e0d491c3ed599c53000e9fc76ba69d80e4664b032f1a2c24b97a3cefb2a12
958c1e6db18a0ed88138d11fa821ec43f9e0439aa76f6179232bab438c7fca1e
976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ff64ba49ed23c6e28c43ba615978cc239fbff88c46a57a601f505bf64131df
9976a53c60fa10eebb92eb813e79d085205a151a4c7cf2c11d715cc3fcabc5d9
9a62693b523955f6ddca2965c2e8be1a7bcb1d41e6e98f6834abf23f0090bed6
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32
9f813f0124e753069f37cb78e03df733fcc6ffd3e773ba209d4289cde5223287
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00fa363d419d45f4919fc657ab9e47256b7a2a202d4e8c4cd8367ce688fe90d
a03b866917d9e033936308f05ecdbc58de24a422e6f7e8742ecbc6c6041909fc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0855c0931f7c8f94b63adf01e7677232a5b226aaadb0fa67719a23f94df4020
a19ab4175b66193d0f87d619263e50f38c5187f215db25a9e15de163dfc3f6f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
a9669758d3d650752d7229442104a5386aed3ecc28a7e74f0e794048397385e9
a96f638e4e6f5a290f899a42a967f0810e123d7f308c974e6f256e373de51f44
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae45377af9d89238bdd28995edb79dc857c596ee256268874c5478e020807211
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af9b47487c3d20695417b23be2bfbb6566ad09f85c13c387392e36d6702494d8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1644eb5e050ac6e83cc29ac8f5f8e13ecd872ab01e7aec67010b28e7071dc62
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b50736d5ec0097525d6ff80d1b680bbbec44ada253b9f2c8171d76ec1350c28e
b569689df7130b183a84409741c25fbf387f694966fbf4bb29325eebb3349f38
b8b9e3e8e1276c694f2cb8c6957a36d9d8ec542a8fd8d2166ed58d6897aaaa30
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc36c65f1dc213532add7eda26bfcf948894764eb17f1ef9c7ca14a296d3534c
bc9c2a692b2e51f7452889365de85134341d53f8d36539cdaef3a8277db2edd1
bd798a168344eb784763dd1165d66bc78ee6e6dcbf755715202f53bce07604b1
bf3151eb02230f6f505658b2df91cb14159810f9e4a083ce21920b76297a7989
c0f3f63b8aa81276ab867ee8172db9e3f7a03df59f3c868670c35cd7c635c762
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c463bce3750d5f8cf80976133113d55fc9e204102d1baf9eb078d3bc88621a5c
c654830b0835aefea9684ffdf6334341cc230a72cb7102c90b23574393d9338c
c7b2c2ba81eef5c39dd8993cde57f790bdaf179e3d5a2132241b598233d13591
ca2da4362115518ffdfe27c6fa107bc239a879f36ff3e6bd5db0db5c4917c079
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd1f8420407738905a9b997c5555b7c7dc2f7f63ab5586893e616b7fe6794ef3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d024e13df4d20466ff769f9fbe83c716b46fa714fe667da2dd1a701900d3b181
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d2fc3490a85e17e87e816a307449830531b8207fcd12a6182a15551038ba7f8d
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d3883675a84b768d901f2afe97b4bafaeda8d403f1c454898514958d65ac48b5
d4632a1d8298729b34c20d7077b8833eabec900898013521e86171db42b3d920
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d86ac2eb2ac280cbb39a4c2d656bbe064fc9e049c8c13e783d5b6b09d3b69e6a
dbd991c12551f95524a9ca44db10706d942e698b9ef56d6111fe568c5cf193ef
dc4de3515c790d575f7c8b0f233e9ff3c321c1acc3ce3d05600a66479333f964
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd6bfabd983e40a92cd350180c9a98cd9e3f282335f73b2c2537ba3d4c9332d8
e14a68d4f0878504656295be09c475ba96a4484fca5c2fa088c24e30482f0216
e3120d344fa1f9709c26a5751c756eba9e0f4a19710e0842f8a72ac9582b7326
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e51999eebc0b9e4ac7b5387bf86f7c05970eb7b77df960003955d399e232c5c1
e5cae1429ecba78b4197cb86f1d38898919f3b18ae0ba86aeee9d471b63fd554
e81753a8f9689cc6359d1219ef65e37e7827db414e82711378357de5377c18a7
e98501745c1500c02ede59eb329ac24f220509633741250b371199ecc9020ea8
eaf2c9137e521e1f030246115b742374c4594cc7facea8f516f19f44ffe05571
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
eccd88565d076df2201301bafbec831407665672e90f547f4de6c0cf850be75a
ecf93641ff7b5252a7266070e4786ed80904711ee22cd46db1ab6a2f3ddc1ed6
ed34fee3df772e1fb993af9b572618d33b8152e9997a52e23a53b987ce22458e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f4ab9326b5b29cbbb862e13f625ad9347305bc9831f8130afa2946e224ec90a9
f58d69a479870f5f8d5e12fdb441edad4a723f84c755c806f9e67325baf242e6
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f63e6fa8f859179df5de04d03d064d25d659fc1b11e9ca1c60f96baf697225a2
fa058ce5fd598607573ff9194857267322682a83b3547840b211bce2ef4bd5c0
fe224062247d8b0cb1c315890e0920f8f676caecd56f4db7cf4a28af77a1f7f3
fe6c063db07a468e112cf17a10f6bb3167725ac0142692cfae994a680f635101