urlscan.io logo urlscan.io
SecurityTrails logo

subject.com.ua Open in urlscan Pro
31.131.26.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://subject.com.ua/
Effective URL: https://subject.com.ua/
Submission: On September 26 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 96 IPs in 18 countries across 83 domains to perform 669 HTTP transactions. The main IP is 31.131.26.2, located in Ukraine and belongs to VPS-UA-AS, UA. The main domain is subject.com.ua.
TLS certificate: Issued by R3 on August 11th 2022. Valid for: 3 months.
This is the only time subject.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 31.131.26.2 56851 (VPS-UA-AS)
1 2600:9000:223... 16509 (AMAZON-02)
48 2a00:1450:400... 15169 (GOOGLE)
6 51.91.60.38 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:225... 16509 (AMAZON-02)
4 2a03:90c0:41:... 199524 (GCORE)
6 172.64.105.3 13335 (CLOUDFLAR...)
4 15 2a00:1450:400... 15169 (GOOGLE)
35 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 52.222.214.2 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
11 212.77.99.29 12827 (WIRTUALNA...)
6 178.250.2.131 44788 (ASN-CRITE...)
10 30 185.89.210.82 29990 (ASN-APPNEX)
15 51.89.9.254 16276 (OVH)
9 3.127.18.59 16509 (AMAZON-02)
7 147.75.85.234 54825 (PACKET)
41 2606:4700:10:... 13335 (CLOUDFLAR...)
8 37.157.4.24 198622 (ADFORM)
6 185.64.189.112 62713 (AS-PUBMATIC)
6 185.184.8.90 204995 (RTB-HOUSE...)
6 148.251.44.111 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
13 65.108.0.253 24940 (HETZNER-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
51 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
30 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
14 35 142.250.185.162 15169 (GOOGLE)
5 38 104.18.18.126 13335 (CLOUDFLAR...)
2 3 2620:116:800d... 16509 (AMAZON-02)
3 151.101.130.49 54113 (FASTLY)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 18.209.184.69 14618 (AMAZON-AES)
5 5 3.126.157.114 16509 (AMAZON-02)
2 2 52.214.209.49 16509 (AMAZON-02)
6 142.250.186.130 15169 (GOOGLE)
2 4 99.81.148.45 16509 (AMAZON-02)
4 52.213.71.221 16509 (AMAZON-02)
6 2600:9000:223... 16509 (AMAZON-02)
33 2600:1f13:800... 16509 (AMAZON-02)
2 172.217.16.198 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
15 51.79.20.94 16276 (OVH)
2 35.157.16.92 16509 (AMAZON-02)
1 6 2600:9000:223... 16509 (AMAZON-02)
2 3 52.208.171.50 16509 (AMAZON-02)
2 2 13.248.245.213 16509 (AMAZON-02)
1 1 124.146.215.48 2514 (INFOSPHER...)
2 3 2a02:6b8::90 208722 (GLOBAL_DC)
4 3.33.220.150 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 213.155.156.167 1299 (TWELVE99 ...)
3 8 213.19.147.45 3356 (LEVEL3)
10 10 18.156.0.31 16509 (AMAZON-02)
4 5 50.31.142.31 23352 (SERVERCEN...)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
3 178.250.2.146 44788 (ASN-CRITE...)
5 23.35.236.188 16625 (AKAMAI-AS)
10 23.35.236.201 16625 (AKAMAI-AS)
3 66.155.71.149 13768 (COGECO-PEER1)
2 37.157.4.29 198622 (ADFORM)
1 69.173.144.165 26667 (RUBICONPR...)
5 212.77.98.32 12827 (WIRTUALNA...)
5 5 23.35.228.23 16625 (AKAMAI-AS)
5 35.159.6.67 16509 (AMAZON-02)
5 5 50.16.244.213 14618 (AMAZON-AES)
5 216.52.2.19 32475 (SINGLEHOP...)
10 11 188.42.196.115 7979 (SERVERS-COM)
5 162.19.138.116 16276 (OVH)
5 5 23.75.240.210 16625 (AKAMAI-AS)
10 23.205.235.133 16625 (AKAMAI-AS)
1 198.47.127.19 62713 (AS-PUBMATIC)
3 6 52.46.130.91 16509 (AMAZON-02)
2 2a05:d018:d29... 16509 (AMAZON-02)
2 2 18.157.92.103 16509 (AMAZON-02)
1 1 185.183.112.148 60350 (VP)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 4 135.125.160.77 16276 (OVH)
3 3 185.89.210.20 29990 (ASN-APPNEX)
3 3 2001:678:cb4:... 56396 (AMOBEE)
1 34.243.140.211 16509 (AMAZON-02)
2 52.210.103.234 16509 (AMAZON-02)
2 2 185.29.132.241 30419 (MEDIAMATH...)
1 1 141.226.228.48 200478 (TABOOLA-AS)
1 2 34.241.142.170 16509 (AMAZON-02)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 37.157.6.247 198622 (ADFORM)
1 63.251.232.165 32475 (SINGLEHOP...)
1 34.98.67.61 15169 (GOOGLE)
5 69.173.144.139 26667 (RUBICONPR...)
1 8.43.72.97 26667 (RUBICONPR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 185.184.10.30 203690 (RTB-HOUSE...)
1 64.74.236.63 22075 (AS-OUTBRAIN)
1 2 185.172.90.252 49981 (WORLDSTREAM)
1 185.86.137.17 201081 (SMARTADSE...)
5 195.201.106.117 24940 (HETZNER-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
669 96
4    31.131.26.2 (Ukraine)

ASN56851 (VPS-UA-AS, UA)
PTR: valerym.sv
subject.com.ua
1    2600:9000:223c:b600:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
48    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    51.91.60.38 (France)

ASN16276 (OVH, FR)
tag.eu.dev2pub.com
api.eu.dev2pub.com
3    2a00:1450:400d:80a::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
2    2600:9000:225e:2600:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
4    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn.admixer.net
6    172.64.105.3 (United States)

ASN13335 (CLOUDFLARENET, US)
a.vdo.ai
targeting.vdo.ai
15    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
35    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
pubads.g.doubleclick.net
18    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
12    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    52.222.214.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-2.fra56.r.cloudfront.net
optad360.mgr.consensu.org
7    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
adservice.google.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
11    212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl
ssp.wp.pl
6    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
30    185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
15    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
9    3.127.18.59 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-18-59.eu-central-1.compute.amazonaws.com
d.vidoomy.com
a-prebid.vidoomy.com
a.vidoomy.com
7    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
41    2606:4700:10::ac43:2ac9 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
8    37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
6    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
6    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
6    148.251.44.111 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sundoro
rtb.adxpremium.services
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleapis.com
fonts.googleapis.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
clients1.google.com
13    65.108.0.253 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.253.0.108.65.clients.your-server.de
analytics.vdo.ai
3    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
7    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
51    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
12    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
30    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
35    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
38    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
3    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
pixel.quantserve.com
3    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    18.209.184.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-184-69.compute-1.amazonaws.com
fksnk.com
5    3.126.157.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-157-114.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    52.214.209.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-209-49.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
6    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
4    99.81.148.45 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-148-45.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
4    52.213.71.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-71-221.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
6    2600:9000:223f:e200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
33    2600:1f13:800:7780:d3d:c825:22bf:b320 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
2    172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f6.1e100.net
ad.doubleclick.net
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
15    51.79.20.94 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns566706.ip-51-79-20.net
h5.vdo.ai
2    35.157.16.92 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-16-92.eu-central-1.compute.amazonaws.com
d.agkn.com
6    2600:9000:223f:c400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    52.208.171.50 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-171-50.eu-west-1.compute.amazonaws.com
match.360yield.com
ad.360yield.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    124.146.215.48 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
3    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
4    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    85.114.159.118 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    213.155.156.167 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-167.teliacarrier-cust.com
d5p.de17a.com
8    213.19.147.45 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
usermatch.targeting.unrulymedia.com
10    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
5    50.31.142.31 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
5    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
10    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
5    212.77.98.32 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wifi32.ras.wp.pl
std.wpcdn.pl
5    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
hbx.media.net
5    35.159.6.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-159-6-67.eu-central-1.compute.amazonaws.com
match.sharethrough.com
5    50.16.244.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-244-213.compute-1.amazonaws.com
ssp.disqus.com
5    216.52.2.19 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
11    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
5    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
5    23.75.240.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    2a05:d018:d29:3605:81f0:8432:14d1:181d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    18.157.92.103 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-92-103.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
2    2606:4700::6813:ad6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
4    135.125.160.77 (France)

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu
gu.dyntrk.com
3    185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    34.243.140.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-140-211.eu-west-1.compute.amazonaws.com
d.adroll.com
2    52.210.103.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-103-234.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    34.241.142.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-142-170.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
2    37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    63.251.232.165 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
3    2607:f8b0:400b:804::2003 (Highland Park, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2a00:1450:4009:17::a (London, United Kingdom)

ASN15169 (GOOGLE, US)
rr5---sn-aigzrnsr.googlevideo.com
1    2a00:1450:400c:c0c::65 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
s.youtube.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
prebid-us.creativecdn.com
1    64.74.236.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1h.zemanta.com
2    185.172.90.252 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
1    185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)
ww1097.smartadserver.com
5    195.201.106.117 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.106.201.195.clients.your-server.de
ssp.otm-r.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
Apex Domain
Subdomains		 Transfer
106 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
977 KB
86 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307
ad.doubleclick.net — Cisco Umbrella Rank: 178
pubads.g.doubleclick.net — Cisco Umbrella Rank: 437
552 KB
47 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 774
pixel.adsafeprotected.com — Cisco Umbrella Rank: 616
static.adsafeprotected.com — Cisco Umbrella Rank: 575
dt.adsafeprotected.com — Cisco Umbrella Rank: 527
385 KB
41 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 11028
sync.quantumdex.io — Cisco Umbrella Rank: 5385
8 KB
38 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438
dsum.casalemedia.com — Cisco Umbrella Rank: 1306
32 KB
38 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
acdn.adnxs.com — Cisco Umbrella Rank: 611
secure.adnxs.com — Cisco Umbrella Rank: 432
115 KB
34 vdo.ai
a.vdo.ai — Cisco Umbrella Rank: 19685
analytics.vdo.ai — Cisco Umbrella Rank: 18616
targeting.vdo.ai — Cisco Umbrella Rank: 21902
h5.vdo.ai — Cisco Umbrella Rank: 23807
3 MB
30 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
1 MB
24 google.com
cse.google.com — Cisco Umbrella Rank: 2467
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 75
clients1.google.com — Cisco Umbrella Rank: 384
376 KB
23 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 910
eus.rubiconproject.com — Cisco Umbrella Rank: 564
token.rubiconproject.com — Cisco Umbrella Rank: 667
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 796
fastlane.rubiconproject.com — Cisco Umbrella Rank: 466
56 KB
18 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
17 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 433
ads.pubmatic.com — Cisco Umbrella Rank: 462
image6.pubmatic.com — Cisco Umbrella Rank: 648
59 KB
15 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 754
2 KB
13 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 761
gum.criteo.com — Cisco Umbrella Rank: 406
mug.criteo.com — Cisco Umbrella Rank: 2876
10 KB
12 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
3 KB
12 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
416 KB
12 adform.net
adx.adform.net — Cisco Umbrella Rank: 3891
cm.adform.net — Cisco Umbrella Rank: 1589
c1.adform.net — Cisco Umbrella Rank: 637
4 KB
11 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2092
7 KB
11 wp.pl
ssp.wp.pl — Cisco Umbrella Rank: 8400
2 KB
9 vidoomy.com
d.vidoomy.com — Cisco Umbrella Rank: 9690
a-prebid.vidoomy.com — Cisco Umbrella Rank: 14178
a.vidoomy.com — Cisco Umbrella Rank: 9293
2 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
61 KB
7 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6489
prebid-us.creativecdn.com — Cisco Umbrella Rank: 12794
1 KB
7 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1006
1 KB
7 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 5376
www.google.co.uk — Cisco Umbrella Rank: 3335
2 KB
6 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 295
5 KB
6 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 568
b1h.zemanta.com — Cisco Umbrella Rank: 4948
2 KB
6 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1048
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 3043
573 B
6 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 696
2 KB
6 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 7910
9 KB
6 dev2pub.com
tag.eu.dev2pub.com — Cisco Umbrella Rank: 273381
api.eu.dev2pub.com — Cisco Umbrella Rank: 186652
585 KB
5 otm-r.com
ssp.otm-r.com — Cisco Umbrella Rank: 106513
1 KB
5 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 463
5 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 597
1 KB
5 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2279
1 KB
5 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 549
171 B
5 media.net
hbx.media.net — Cisco Umbrella Rank: 1441
2 KB
5 wpcdn.pl
std.wpcdn.pl — Cisco Umbrella Rank: 8935
81 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 301
3 KB
5 googleapis.com
www.googleapis.com — Cisco Umbrella Rank: 26
imasdk.googleapis.com — Cisco Umbrella Rank: 424
fonts.googleapis.com — Cisco Umbrella Rank: 40
335 KB
4 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1315
2 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 342
1 KB
4 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 48085
84 KB
4 subject.com.ua
subject.com.ua
34 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1785
mp.4dex.io — Cisco Umbrella Rank: 2010
24 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 742
1 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 593
573 B
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 2536
954 B
3 360yield.com
match.360yield.com — Cisco Umbrella Rank: 3665
ad.360yield.com — Cisco Umbrella Rank: 683
950 B
3 youtube.com
www.youtube.com — Cisco Umbrella Rank: 96
s.youtube.com — Cisco Umbrella Rank: 775
54 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 562
320 B
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1020
pixel.quantserve.com — Cisco Umbrella Rank: 423
1 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
124 KB
3 optad360.io
cmp.optad360.io — Cisco Umbrella Rank: 47070
get.optad360.io — Cisco Umbrella Rank: 29701
279 KB
2 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 5593
2 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
2 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 488
866 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 909
163 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 739
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
2 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4933
645 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 407
949 B
2 agkn.com
d.agkn.com — Cisco Umbrella Rank: 638
1 KB
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 658
812 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 673
57 KB
1 smartadserver.com
ww1097.smartadserver.com — Cisco Umbrella Rank: 29960
561 B
1 googlevideo.com
rr5---sn-aigzrnsr.googlevideo.com — Cisco Umbrella Rank: 47686
2 MB
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 947
356 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1407
408 B
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2448
182 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 3509
268 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1037
178 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1453
181 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1379
300 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1578
583 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1085
1019 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4584
613 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 45393
608 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 394
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 392
2 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 857
647 B
1 consensu.org
optad360.mgr.consensu.org — Cisco Umbrella Rank: 49739
3 KB
0 smilewanted.com Failed
prebid.smilewanted.com Failed
669 83
Domain Requested by
51 tpc.googlesyndication.com googleads.g.doubleclick.net
subject.com.ua
tpc.googlesyndication.com
3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
s0.2mdn.net
ad.doubleclick.net
pagead2.googlesyndication.com
imasdk.googleapis.com
48 pagead2.googlesyndication.com subject.com.ua
pagead2.googlesyndication.com
googleads.g.doubleclick.net
3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
ad.doubleclick.net
35 sync.quantumdex.io get.optad360.io
sync.quantumdex.io
ssum-sec.casalemedia.com
35 cm.g.doubleclick.net 14 redirects googleads.g.doubleclick.net
3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
subject.com.ua
33 dt.adsafeprotected.com 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
subject.com.ua
30 s0.2mdn.net tpc.googlesyndication.com
subject.com.ua
s0.2mdn.net
3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
imasdk.googleapis.com
30 ib.adnxs.com 10 redirects get.optad360.io
googleads.g.doubleclick.net
acdn.adnxs.com
tag.eu.dev2pub.com
29 dsum-sec.casalemedia.com 5 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
25 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
subject.com.ua
3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
18 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
subject.com.ua
15 h5.vdo.ai subject.com.ua
a.vdo.ai
15 onetag-sys.com get.optad360.io
sync.quantumdex.io
tag.eu.dev2pub.com
15 www.google.com 4 redirects cse.google.com
www.google.com
subject.com.ua
3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
tpc.googlesyndication.com
13 analytics.vdo.ai a.vdo.ai
12 www.googletagservices.com googleads.g.doubleclick.net
3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
fw.adsafeprotected.com
12 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
subject.com.ua
11 ads.betweendigital.com 10 redirects tag.eu.dev2pub.com
11 ssp.wp.pl get.optad360.io
10 eus.rubiconproject.com sync.quantumdex.io
eus.rubiconproject.com
10 ads.pubmatic.com get.optad360.io
sync.quantumdex.io
10 ups.analytics.yahoo.com 10 redirects
8 adx.adform.net get.optad360.io
tag.eu.dev2pub.com
7 ssum-sec.casalemedia.com sync.quantumdex.io
ssum-sec.casalemedia.com
7 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7 prebid.a-mo.net get.optad360.io
tag.eu.dev2pub.com
6 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
6 s.ad.smaato.net 1 redirects sync.quantumdex.io
6 static.adsafeprotected.com 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
pixel.adsafeprotected.com
6 googleads4.g.doubleclick.net subject.com.ua
ad.doubleclick.net
6 rtb.adxpremium.services get.optad360.io
6 prebid-eu.creativecdn.com get.optad360.io
6 hbopenbid.pubmatic.com get.optad360.io
6 useast.quantumdex.io get.optad360.io
6 d.vidoomy.com get.optad360.io
6 bidder.criteo.com get.optad360.io
6 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
6 adservice.google.co.uk pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
5 ssp.otm-r.com tag.eu.dev2pub.com
5 token.rubiconproject.com eus.rubiconproject.com
5 pubads.g.doubleclick.net imasdk.googleapis.com
5 usermatch.targeting.unrulymedia.com sync.quantumdex.io
5 secure-assets.rubiconproject.com 5 redirects
5 id5-sync.com sync.quantumdex.io
5 ap.lijit.com sync.quantumdex.io
5 ssp.disqus.com 5 redirects
5 match.sharethrough.com sync.quantumdex.io
5 hbx.media.net 5 redirects
5 std.wpcdn.pl ssp.wp.pl
5 acdn.adnxs.com get.optad360.io
5 b1sync.zemanta.com 4 redirects subject.com.ua
5 x.bidswitch.net 5 redirects
5 a.vdo.ai subject.com.ua
a.vdo.ai
4 gu.dyntrk.com 4 redirects
4 gum.criteo.com 2 redirects static.criteo.net
4 match.adsrvr.org 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
get.optad360.io
ssum-sec.casalemedia.com
4 pixel.adsafeprotected.com 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
subject.com.ua
4 fw.adsafeprotected.com 2 redirects 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
4 api.eu.dev2pub.com tag.eu.dev2pub.com
4 cdn.admixer.net subject.com.ua
cdn.admixer.net
4 subject.com.ua 1 redirects subject.com.ua
3 csi.gstatic.com imasdk.googleapis.com
3 ad.turn.com 3 redirects
3 secure.adnxs.com 3 redirects
3 pixel-sync.sitescout.com subject.com.ua
ssum-sec.casalemedia.com
3 mug.criteo.com subject.com.ua
3 an.yandex.ru 2 redirects 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
3 sync-tm.everesttech.net 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
3 fonts.gstatic.com fonts.googleapis.com
3 imasdk.googleapis.com a.vdo.ai
imasdk.googleapis.com
3 www.googletagmanager.com subject.com.ua
a.vdo.ai
www.googletagmanager.com
2 pbjs.e-planning.net 1 redirects
2 script.4dex.io tag.eu.dev2pub.com
script.4dex.io
2 c1.adform.net 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 sync.mathtag.com 2 redirects
2 match.prod.bidr.io ssum-sec.casalemedia.com
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 csync.loopme.me ssum-sec.casalemedia.com
2 pm.w55c.net 2 redirects
2 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
2 a-prebid.vidoomy.com subject.com.ua
2 cm.adform.net subject.com.ua
2 sync.1rx.io 2 redirects
2 d5p.de17a.com 2 redirects
2 eb2.3lift.com 2 redirects
2 match.360yield.com 2 redirects
2 d.agkn.com 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
2 www.youtube.com a.vdo.ai
www.youtube.com
2 ad.doubleclick.net www.googletagservices.com
2 ads.yieldmo.com 2 redirects
2 cms.quantserve.com 1 redirects 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
2 static.criteo.net get.optad360.io
static.criteo.net
2 get.optad360.io subject.com.ua
get.optad360.io
2 cse.google.com subject.com.ua
www.google.com
2 tag.eu.dev2pub.com subject.com.ua
tag.eu.dev2pub.com
1 ad.360yield.com tag.eu.dev2pub.com
1 mp.4dex.io tag.eu.dev2pub.com
1 ww1097.smartadserver.com tag.eu.dev2pub.com
1 b1h.zemanta.com tag.eu.dev2pub.com
1 prebid-us.creativecdn.com tag.eu.dev2pub.com
1 fastlane.rubiconproject.com tag.eu.dev2pub.com
1 s.youtube.com
1 rr5---sn-aigzrnsr.googlevideo.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 odr.mookie1.com ssum-sec.casalemedia.com
1 cm.adgrx.com ssum-sec.casalemedia.com
1 pixel.quantserve.com 1 redirects
1 casale-match.dotomi.com 1 redirects
1 euexchangesync.digitaleast.mobi 1 redirects
1 sync.taboola.com 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 sync.adotmob.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 pixel.rubiconproject.com subject.com.ua
1 a.vidoomy.com subject.com.ua
1 sync.targeting.unrulymedia.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 tg.socdm.com 1 redirects
1 fksnk.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 px.ads.linkedin.com 1 redirects
1 targeting.vdo.ai a.vdo.ai
1 www.gstatic.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 www.google.co.uk subject.com.ua
1 stats.g.doubleclick.net www.google-analytics.com
1 clients1.google.com subject.com.ua
1 www.googleapis.com subject.com.ua
1 cdn.jsdelivr.net get.optad360.io
1 partner.googleadservices.com pagead2.googlesyndication.com
1 optad360.mgr.consensu.org subject.com.ua
1 cmp.optad360.io subject.com.ua
0 prebid.smilewanted.com Failed tag.eu.dev2pub.com
669 133
Subject Issuer Validity Valid
subject.com.ua
R3		 2022-08-11 -
2022-11-09		 3 months crt.sh
*.optad360.io
Amazon		 2021-11-17 -
2022-12-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
tag.eu.dev2pub.com
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2022-06-08 -
2023-06-21		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-17 -
2023-06-17		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
optad360.mgr.consensu.org
Amazon		 2022-05-23 -
2023-06-21		 a year crt.sh
api.eu.dev2pub.com
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.wp.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-10 -
2023-03-15		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2022-08-26 -
2023-08-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.vdo.ai
Go Daddy Secure Certificate Authority - G2		 2022-08-19 -
2023-09-20		 a year crt.sh
www.google.co.uk
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-11-19 -
2022-12-18		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.wpcdn.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-13 -
2023-05-15		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
s.ad.smaato.net
Amazon		 2022-08-22 -
2023-09-20		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
adroll.mgr.consensu.org
Amazon		 2022-08-10 -
2023-09-08		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-09-13 -
2022-11-22		 2 months crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-15 -
2023-01-15		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.otm-r.com
AlphaSSL CA - SHA256 - G2		 2022-05-27 -
2023-06-28		 a year crt.sh
*.360yield.com
Amazon		 2022-06-28 -
2023-07-27		 a year crt.sh

This page contains 92 frames:

Primary Page: https://subject.com.ua/
Frame ID: E7B5D685D2D2AC855FBC10A12D043C38
Requests: 213 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html
Frame ID: 7F5D2562AFE8CD22882F47C6CB1A3A07
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&adk=1812271804&adf=3025194257&lmt=1664160293&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsubject.com.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664160292899&bpp=2&bdt=393&idt=150&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6039425552057&frm=20&pv=2&ga_vid=2035559868.1664160293&ga_sid=1664160293&ga_hid=251655650&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069778%2C31067825%2C31062930&oid=2&pvsid=3670890927833525&tmod=1781350794&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=165
Frame ID: CCBA0876021E6F72F06861E1189A1395
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1664160293&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664160292901&bpp=2&bdt=395&idt=182&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6039425552057&frm=20&pv=1&ga_vid=2035559868.1664160293&ga_sid=1664160293&ga_hid=251655650&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069778%2C31067825%2C31062930&oid=2&pvsid=3670890927833525&tmod=1781350794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zn6dqrl8NN&p=https%3A//subject.com.ua&dtd=185
Frame ID: CC16DEB890AC07EB45AC25951E64BF6A
Requests: 16 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Frame ID: 422A58F7D595098D8B7079EC0D649998
Requests: 1 HTTP requests in this frame

Frame: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 28D853AD59BCFE0A6303090977EC9511
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Frame ID: 17EBFAC4815DC901A4B07578EE8A2856
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15123317543869618983/index.html
Frame ID: 792F367A23CEE5308EE499B47D1F6457
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6BBD3B3CC0EAA52370509C7CC7F326E1
Requests: 2 HTTP requests in this frame

Frame: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E8C18FCA4F2BB48C474859CACC7DA10A
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: 4A4F39E8BF3BF21A790EF546B9C83B4C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhiFiObTATAB&v=APEucNWtuRxNELgfKozIF5BQ3nvDkiZX48y6XQQgLOQkGecfOm7bzir-aGCznsB3suaQH2p3YdjuFs3eEjmdh0OiL3gLJHy2yfgcRVekpWNKjk1Fpyew2h7MSmEOy2C6oJi9UQ-qj9Q0d5DiViYkEhCtgVSmx6LJCqrlpiymw4R_nSQlLD5VYIKhi7YwXBvm6ToYumQ5TSyMRzpKf1Q06sfUgb5jluTcEg
Frame ID: E30BCC152E0C776FB6F06A519A97C82C
Requests: 5 HTTP requests in this frame

Frame: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CC2B872DB6C854483D8DCCA71EE179D5
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5605097281663783594/index.html
Frame ID: 75422A9DC7C5419C10C4E312D2A4F11E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2BD58E3AC4B9CD5A0C702A544EEE044D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2687DAE2CDB9ABDC56B7F1367114DFF5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9E1801464463D6717813D0F99BFF2B0F
Requests: 3 HTTP requests in this frame

Frame: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 447C24D6998D8974512E297D75ADF083
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
Frame ID: 5AFDCE369782937CB8A210636DD510E4
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7190496471749427572/index.html
Frame ID: B0F8D75E6157F9E9008ABE7E9C41D623
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5DC19E8C3F8290F456C5865DEC152F2C
Requests: 2 HTTP requests in this frame

Frame: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 981452B31440004BF70A101D04BC1B80
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGKiD7tIBMAE&v=APEucNUJFAZ3r96uUDgJQx3LD9R4lI_uSPj1a1ROtavFs3FZUkvY3cdQGE7liI9Une-nTIEaE85xZsQaYhKexGAGi2cMIINp0z2W7KbYvPHD9E_uCGWbBLWjkwKsD8ci6SaTaIEkUbi2NLkoDg-v9FYlqmwjNfB6LP49EzaBoYUW4pXoJFeQcPcc0ewgxj4xub24PUufALpU3uOa_Rz0RXJZkqPbklvLsQ
Frame ID: DBE00A119214628BC08DCF5AEEB2B975
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4FB5B00E41A66556F97B95C96804B69E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: 6849E3E4220D7AA3756EDF4D59791130
Requests: 1 HTTP requests in this frame

Frame: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 603820AE0F80D3BF539330779161108B
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 27EE8BFA691E92CF393179852A7122AE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18249157524192948938/index.html
Frame ID: 0B7609830305D95B4BEBE6452FC2F424
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C16C79F533FD7C790868C1BF1C3E9184
Requests: 2 HTTP requests in this frame

Frame: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D929D9100F2B0808B25DE3C05CF28275
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDytckCGMutq8oBMAE&v=APEucNX1EksdUfwjepo0rW_xuO5yvJf3-KzbviVwy5kUl61Cah3ILKMiSDYSWP76ictaMgDzId0ocyGxZpBJEZbndArSPhgAOZKo0_EximpS8SRXeaGdnDkTme0zCEeN_lgGFoWFHN3S8mZ1yL_m41-dtQoq5QvuRO6sM0W5ceD5ZmvBZNpRXQbnzYcmj7VcKqhSuN8efneoHVVnaN_GyN3m-KfeVOC1Dg
Frame ID: 571857F44CF3D612AB3F7C742AB2E28C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 08ADDDCED05A9783E5602CA160E81BC4
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Frame ID: 6451132BAFB5B1C7257FCE2A6F29A95A
Requests: 20 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: BCCB513E2E6E8617B678EB6F55E793AB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5F9BB7E83F5813C0B4CA003577DB2902
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6DDFFDEF18BC51E962139F1EE49F5F12
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 134505747F26171207116239267845B8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 18FB576E2AFF6B65832497112CA45BC6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7065A2B6F6621BAC8FAFFBA10D3C18E9
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 353C2AEC6190CA391624EF3A51837D57
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 03FFAFFBFC8BEBA4CFFEE953D72EF036
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: DEDDC3EFA444F488B7F9EDBF9EBB0B17
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: CA634AE22DAB256E9C4133F030B3A48F
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: C11879773ACA8AE16312A463D772EC26
Requests: 10 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=34956804800884790000&sn=mc_adapter
Frame ID: F2F4B92086BF8ED48D9C1E1589012BBF
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3E91D615D6D2ADC23BAAA8C2ED4865DA
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: DB4DD013707673920376D82BD8518AF0
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=34956804800884790000&sn=mc_adapter
Frame ID: 8070CD516D4FE1E0279ADA0BF9A7C9AD
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 2E57B908FC6B4BC2B372E57CD08B782F
Requests: 10 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=34956804800884790000&sn=mc_adapter
Frame ID: 6C659EB003DB05C236D74640DC1D6518
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6B6E55F0FF2DC36889B79525BDBBFB5B
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BA9DC7A9BC37219EDB188288614A4DD0
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 30EC44AA32741E97DDF940023CBD0AA7
Requests: 3 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 2DD0FC59C85CC06F535BF67CE8A1C551
Requests: 10 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: AA6E8360BD6741EB060871E2804C23A0
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: 396515B3403304364B6EEB680EA7F5B8
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=34956804800884790000&sn=mc_adapter
Frame ID: 2EDEC5E035FE1D84B88A7C67CE7CB6CC
Requests: 2 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=34956804800884790000&sn=mc_adapter
Frame ID: CDB6F2CFB66DC2B1B5A456C30F9E2D09
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1664160293259&gdpr=0
Frame ID: BBB655741C238D5460B79A3FF2F0A0E5
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 0D9B6C9CFFC3BBA1E3DD1B33C906722F
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1664160293260&gdpr=0
Frame ID: 1211312F9624861A431EBCB3CC28BFA2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: 8D978E1016EA616F2F4F34EDED163A33
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1664160293260&gdpr=0
Frame ID: 62D9275CF22DC168ED4A1968F5C13D88
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 5777743C7A474B3AEEDD4FD2C90EA3E2
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 417E0085B1BFEDEF3A3D00316DB7C12A
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 1A31D61EF9FAED3E5B6A10725883CC4A
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 294F09B6CF1979A53EC9929F7C52DB99
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 1FA7993BE942E7AAB28B6F5478E74F9F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: F52CCF5677CF284E43A90708D896D2AE
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 64E829CAEF1F0E52AF9DF25F294E2E19
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 80813046D36442022FABA937C7AC159B
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 560216D79D5F51A42E166C2C15B596E9
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 61E7A7D1BFE3BB9A3F4CEC95503DE3B2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: CB84B274DA2264700AFBBA2125923BA8
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 76E58F7EBB8287593068A7F3CF123265
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 6786158E716B947D531B0DA809F40B75
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 10AB40B64FBB6645D87E0323262F8CB6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 81AE22A1D094AC040749E3A88B44D459
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 9C5182D3E086D5685D86D8E6E620DB76
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 3C880C92D7E606C30074A7E8DC29D7CA
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 5A3E54F7172E4B8A6F85318022654E3E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: A7E99227C20034F415CCE20B5335698A
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 1F44337FCFE1EB26AADCBFBEA434F586
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 098C713203205E9016306B50BE8A19BE
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 3AACD8EB801D87ABC2D2D6CA52262E35
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 54CD02601FBF6C9DE70226894B38BDD6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 6C40CEB4B008996445F9FEEE136ECED5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 0E14E898FF718622691CC5602D66D140
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=subject.com.ua
Frame ID: 6ED887B909A428A23EEC9826E1271766
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 194E93ADD9E0581918165B0B1560BDD1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E5D853E757362CEEA749F53944CA2A12
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 6B377362D598012016C2E75CA0FEECC2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Всі предмети - Великий довідник школярашукати

Page URL History Show full URLs

  1. http://subject.com.ua/ HTTP 301
    https://subject.com.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

669
Requests

86 %
HTTPS

37 %
IPv6

83
Domains

133
Subdomains

96
IPs

18
Countries

10653 kB
Transfer

19327 kB
Size

87
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://subject.com.ua/ HTTP 301
    https://subject.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 153
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 165
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDJTdsg0lzv6LM0053132g&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDJTdsg0lzv6LM0053132g&google_cver=1&C=1
Request Chain 166
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzESJp1EEpzspvY4fjBjuQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENyNo8wuEwiTAd4SdGlrusg&google_cver=1
Request Chain 167
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBsV8mwQcxB_wkwiEdaxH80&google_cver=1
Request Chain 168
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxNzYwMDc0NTg5MjQ2MzgyNA%3D%3D
Request Chain 188
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEAOwCGF7WoS7h70KPQLBWT0&google_cver=1&google_push=AZmPxg_QWcN3ZkSbjRTbvtbwy6JWo3eLW-FAKEMZNmqnUjS5cMQS7IANnhkIyqZY1iXO9yO2RxZFXqMN2Buz6Jvwyo2lC7pKFnr_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_QWcN3ZkSbjRTbvtbwy6JWo3eLW-FAKEMZNmqnUjS5cMQS7IANnhkIyqZY1iXO9yO2RxZFXqMN2Buz6Jvwyo2lC7pKFnr_
Request Chain 189
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENmR2cAqhv31p7g9KVeNz8k&google_cver=1&google_push=AZmPxg-JNfrjTRnjvQ89VSyJXbsFwlsN8ct-nc7oGoeQ9ZjUol9tWj48-3MdAarHb8h66uQOkLLe-OvTVWDelKvMch66ZMS9X8Tu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg-JNfrjTRnjvQ89VSyJXbsFwlsN8ct-nc7oGoeQ9ZjUol9tWj48-3MdAarHb8h66uQOkLLe-OvTVWDelKvMch66ZMS9X8Tu&google_hm=ebbFj_tVSWClo9LOt85vCmk
Request Chain 190
  • https://fksnk.com/cs/google?google_gid=CAESEOg2subNiJCagvZZMa1hRwY&google_cver=1&google_push=AZmPxg-3EA4mlHT29kWF1eiWC91-QLE_49nE2XcyJf85J5nsbR_e25zzoh3QPu9WbZTrU4FDR1JHuryBMdUkWTEl67Q0pRvy-eFx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Qjc5MkQzMzBDRjNFMUFFOA==
Request Chain 191
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFj715093N2zNR9_eW11iCU&google_cver=1&google_push=AZmPxg-3_n2RnDb5n1PxiVbtTBdZt2GyieZ2dqR0McIdmJ60b4Hfl5MoLUxJDXDa01TGcOZbPK6xv4WBqPFKGzED34EaG9i8NHmS0Q HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFj715093N2zNR9_eW11iCU&google_cver=1&google_push=AZmPxg-3_n2RnDb5n1PxiVbtTBdZt2GyieZ2dqR0McIdmJ60b4Hfl5MoLUxJDXDa01TGcOZbPK6xv4WBqPFKGzED34EaG9i8NHmS0Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-3_n2RnDb5n1PxiVbtTBdZt2GyieZ2dqR0McIdmJ60b4Hfl5MoLUxJDXDa01TGcOZbPK6xv4WBqPFKGzED34EaG9i8NHmS0Q&google_hm=4GYj3gzHQIueJPCsbHgYLA==
Request Chain 192
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEH2HTbImuvpuANoUIEoDNOE&google_cver=1&google_push=AZmPxg80LGjavycOxymGREZKh4Hksy-s4vWJ9USOxOFa7c9H5VK_D36cZzwEgP3Rbyfarl8ja78nU1zOmRPQgsP0jD3Ac7k0sf9o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg80LGjavycOxymGREZKh4Hksy-s4vWJ9USOxOFa7c9H5VK_D36cZzwEgP3Rbyfarl8ja78nU1zOmRPQgsP0jD3Ac7k0sf9o&google_hm=ZzNjNGI1YWZlNDI4NDU3MDBmYjc=
Request Chain 201
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 233
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 243
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlM4araYEcJy_0ISyhc46Y&google_cver=1
Request Chain 244
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzESJrEZEq9GDHQcFbh0DgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlM4araYEcJy_0ISyhc46Y&google_cver=1
Request Chain 245
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECu9kE0Zxt-r4mmF-sMU37k&google_cver=1
Request Chain 246
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxNzYwMDc0NTg5MjQ2MzgyNA%3D%3D
Request Chain 267
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1168448/65593785/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fsubject.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:2364d187-8cc3-fdb6-254f-f711c7ac0949,c:phInrw,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-b97f7975-npc5t,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.1168448-65593785%7C1b1%7C1b2%7C1c,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:21,oid:33c94737-3d45-11ed-955c-e25dcf8dd2de,v:19.8.352,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://www.googletagservices.com/dcm/dcmads.js
Request Chain 290
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsJPlS_VIvluRHP3OQ3b2Q&google_cver=1
Request Chain 303
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzESJrEZEq9GDHQcFbh0DgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsJPlS_VIvluRHP3OQ3b2Q&google_cver=1
Request Chain 304
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJFsG76ByZPNX36RriDJAmc&google_cver=1
Request Chain 305
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxNzYwMDc0NTg5MjQ2MzgyNA%3D%3D
Request Chain 329
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1042432/63102463/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fsubject.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:1d95ce3a-456c-0ea4-a7cd-8397ee9c27f1,c:phInCe,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-b97f7975-kr5b8,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,dvs:visible,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tivl0nV+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1c3%7C1d*.1042432-63102463%7C1d1%7C1e%7C1f,idMap:1d*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:28,oid:340e180c-3d45-11ed-a8ae-8a38821fc46c,v:19.8.352,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://www.googletagservices.com/dcm/dcmads.js
Request Chain 347
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEA9iUBOZ3OueIUnj2EGM1EM&google_cver=1&google_push=AZmPxg_hfR1YywBb3fvtXbl7BdP6Ni24p9S38fP2b5-iIyIxKk_xwmSLP1ENbHpYftRQpZDigjgx5LPOkV86hdmSZDYoPIO5vs4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_hfR1YywBb3fvtXbl7BdP6Ni24p9S38fP2b5-iIyIxKk_xwmSLP1ENbHpYftRQpZDigjgx5LPOkV86hdmSZDYoPIO5vs4&google_hm=xKv-Y-Rl1-cWwOCa-RGFqA
Request Chain 348
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEI9kXznQJ-88CydFI_rvg9c&google_cver=1&google_push=AZmPxg9oP9O9g3cS3cYNHfvxN69miklzRC--mTJtSmwTiR1yqGYXuujcsyLe_7MW_T1kkrIfPYz3qoMndA1bbIt7H1rR2rGqJQI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9oP9O9g3cS3cYNHfvxN69miklzRC--mTJtSmwTiR1yqGYXuujcsyLe_7MW_T1kkrIfPYz3qoMndA1bbIt7H1rR2rGqJQI
Request Chain 349
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEJlL3nhUgmAswWi07-Ip1g8&google_cver=1&google_push=AZmPxg9wrMEtSOwjaawDCwZk6IEaFzVzku6cV1q5TMntMDKryJ6c0cmgcUqt7Q-DGYCzgK-sDe8S-dWVTz3uk5BxQ50t53sikKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg9wrMEtSOwjaawDCwZk6IEaFzVzku6cV1q5TMntMDKryJ6c0cmgcUqt7Q-DGYCzgK-sDe8S-dWVTz3uk5BxQ50t53sikKA&google_hm=ZzNjNGI1YWZlNDI4NDU3MDBmYjc=
Request Chain 350
  • https://match.360yield.com/match/ebda?google_gid=CAESEGJU9whwnkatVSpFJFoMODc&google_cver=1&google_push=AZmPxg9r2IjCTnCqxchyc1OkbabtRDXkF9eYkboBNlt4hpHYtUQxqU2vdE1re7ctAGuHUO5wdMgFXtjr8agKbg1R0WBn01Mqe-Q HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGJU9whwnkatVSpFJFoMODc&google_cver=1&google_push=AZmPxg9r2IjCTnCqxchyc1OkbabtRDXkF9eYkboBNlt4hpHYtUQxqU2vdE1re7ctAGuHUO5wdMgFXtjr8agKbg1R0WBn01Mqe-Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ETNtlB6_SCuJF-uilPLE4g&google_push=AZmPxg9r2IjCTnCqxchyc1OkbabtRDXkF9eYkboBNlt4hpHYtUQxqU2vdE1re7ctAGuHUO5wdMgFXtjr8agKbg1R0WBn01Mqe-Q
Request Chain 351
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGBtWLkkO9uoaM1wYXnhVIE&google_cver=1&google_push=AZmPxg-Jr2ed2LGqvWm3c5ObojF4qkwxrZootAe9nccuY-c0phxjcHccMA4KoZBhsH3B6waWWH3DmbxhPi4BPet7-RA4HgITmMc HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg-Jr2ed2LGqvWm3c5ObojF4qkwxrZootAe9nccuY-c0phxjcHccMA4KoZBhsH3B6waWWH3DmbxhPi4BPet7-RA4HgITmMc&google_gid=CAESEGBtWLkkO9uoaM1wYXnhVIE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjEwMjQwMTgxMTU0NTYzNTg3NjA1MQ%3D%3D&google_push=AZmPxg-Jr2ed2LGqvWm3c5ObojF4qkwxrZootAe9nccuY-c0phxjcHccMA4KoZBhsH3B6waWWH3DmbxhPi4BPet7-RA4HgITmMc
Request Chain 352
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEK0S7VUZ01RGMP4NrnuRWsk&google_cver=1&google_push=AZmPxg-LVUsdqs640FDWKU0yZCuXplbOTCmWN2oCIn6ztaJRRnRB5HRDzgNATI_x-qTeEUJQbWLxuCIP0I7bA5GZrItU_4gYiAs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg-LVUsdqs640FDWKU0yZCuXplbOTCmWN2oCIn6ztaJRRnRB5HRDzgNATI_x-qTeEUJQbWLxuCIP0I7bA5GZrItU_4gYiAs&google_hm=WXpFU0tNQ284WFVBQUZhM2dEb0FBQUFB
Request Chain 353
  • https://an.yandex.ru/mapuid/google/CAESEIcJyGfi-4TBBmVGiQ-rNyA?ext-param=AZmPxg8aeFKoKeFyZFgQKVgJPxZKqbGSisQ5BewSPYlEH8jQ22JLk7XonJRcaSXIgHud7xhbc0toRLMujk-FKbTzZgD_uSL1uQRO&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEIcJyGfi-4TBBmVGiQ-rNyA?redir-setuniq=1&ext-param=AZmPxg8aeFKoKeFyZFgQKVgJPxZKqbGSisQ5BewSPYlEH8jQ22JLk7XonJRcaSXIgHud7xhbc0toRLMujk-FKbTzZgD_uSL1uQRO&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEIcJyGfi-4TBBmVGiQ-rNyA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 383
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEK-HBnDCeG539kGX81YIOPo&google_cver=1&google_push=AZmPxg_Surf1Xw3LJPGKXTl_l_J4COKWqaZweP3pdbd_VFPyntseN6n53YgfxRZcn3jV_1Dh6plkB-M-xogC7BwN2X0BfpDqztY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0NzUxNDA0NjYyOTg2OTcyMA%3D%3D&google_push=AZmPxg_Surf1Xw3LJPGKXTl_l_J4COKWqaZweP3pdbd_VFPyntseN6n53YgfxRZcn3jV_1Dh6plkB-M-xogC7BwN2X0BfpDqztY
Request Chain 384
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEJWxYPRnTpK8j2DvXhemsXs&google_cver=1&google_push=AZmPxg8Hl_1oa3AjvX-vf0JV6_Sf8-V-ATnV5TZIgUf9CZcUip1CUaH1rFEzBnVgm1lYc9D7L0zKgyggkreprtYsDzavTbV3PJI HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJWxYPRnTpK8j2DvXhemsXs&google_cver=1&google_push=AZmPxg8Hl_1oa3AjvX-vf0JV6_Sf8-V-ATnV5TZIgUf9CZcUip1CUaH1rFEzBnVgm1lYc9D7L0zKgyggkreprtYsDzavTbV3PJI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg8Hl_1oa3AjvX-vf0JV6_Sf8-V-ATnV5TZIgUf9CZcUip1CUaH1rFEzBnVgm1lYc9D7L0zKgyggkreprtYsDzavTbV3PJI
Request Chain 385
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEED6_W3LytHbIr8q3MMx5pY&google_cver=1&google_push=AZmPxg_zjbJZwaXWNW5fN1dMCnXMxogbPjLc-qluAlVBYJ3Da2XYiI9F7hbs2doxtdYJiTNPIeLzvXhCrnmoa_abhQgFXs7D_Oo HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg_zjbJZwaXWNW5fN1dMCnXMxogbPjLc-qluAlVBYJ3Da2XYiI9F7hbs2doxtdYJiTNPIeLzvXhCrnmoa_abhQgFXs7D_Oo&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1664160296417 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2a8c9f64-b67b-4eab-bb59-792ae37e9ec9-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg_zjbJZwaXWNW5fN1dMCnXMxogbPjLc-qluAlVBYJ3Da2XYiI9F7hbs2doxtdYJiTNPIeLzvXhCrnmoa_abhQgFXs7D_Oo%26google_hm%3DAyqMn2S2e06ru1l5KuN-nsk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_zjbJZwaXWNW5fN1dMCnXMxogbPjLc-qluAlVBYJ3Da2XYiI9F7hbs2doxtdYJiTNPIeLzvXhCrnmoa_abhQgFXs7D_Oo&google_hm=AyqMn2S2e06ru1l5KuN-nsk
Request Chain 386
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHOMzdFJEZetlxKtHeJaGdE&google_cver=1&google_push=AZmPxg8xpNUQWMJsSiCiFyW11NPVEbPe8Oj0tx7r8yCccvMXeUDsUFCSoWkfj2eEwuGOmmvMvuTawG1kEs2OJcVE9NkfcQc0UAzx HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHOMzdFJEZetlxKtHeJaGdE&google_cver=1&google_push=AZmPxg8xpNUQWMJsSiCiFyW11NPVEbPe8Oj0tx7r8yCccvMXeUDsUFCSoWkfj2eEwuGOmmvMvuTawG1kEs2OJcVE9NkfcQc0UAzx&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1MTlNzclQ5RTJ1RmR2MVNwQVR2SU5GVVBZenR4SFROZ35B&google_push=AZmPxg8xpNUQWMJsSiCiFyW11NPVEbPe8Oj0tx7r8yCccvMXeUDsUFCSoWkfj2eEwuGOmmvMvuTawG1kEs2OJcVE9NkfcQc0UAzx
Request Chain 387
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEbA530otz2HynX_DFIaUIE&google_cver=1&google_push=AZmPxg-MsYyq6UlcrQpGwFcdOvl9w51gvGxqFR087ZmHPtJEcT4TyyKvGdg9GNfsxrybDYiWJMtfQhl9rKbLJbOeOD-2tknSIRE HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEEbA530otz2HynX_DFIaUIE&google_push=AZmPxg-MsYyq6UlcrQpGwFcdOvl9w51gvGxqFR087ZmHPtJEcT4TyyKvGdg9GNfsxrybDYiWJMtfQhl9rKbLJbOeOD-2tknSIRE&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg-MsYyq6UlcrQpGwFcdOvl9w51gvGxqFR087ZmHPtJEcT4TyyKvGdg9GNfsxrybDYiWJMtfQhl9rKbLJbOeOD-2tknSIRE&google_hm=V1VRRlNuYk14ZGE0SUFIdldfcnA= HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Request Chain 399
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsubject.com.ua%2F&domain=subject.com.ua&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=owS2-nx3OFZMckZvMm81RjRKeE8xWkVidmxSV3JUWFNleU5PUFhWRy9hSERja2JTNXBoUUxrYllJTmRzYVNPMFBTUThic0V1RVQ5MmpMTTB1NFpDOWlTdUt1cDRFSDlsNlVka2dYVm9CSHUwdkVjeFl2VERIM3JyUzMySnoyZ0x0aXZtK2QxWlo2RDhrNzVJYkxESFVuRk1OYStscE9uZE1KamhKdG1aT0RRR0hOd0hZVDByZy84NWI1ckpYaGFURk1nN0xEWXNUU2V2ekVBMk41YWpaSVFpRjlxeTgxQkVVTkJ2MGhMYmNSazdzM0EwPXw&cppv=2
Request Chain 426
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID HTTP 302
  • https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=6917600745892463824
Request Chain 428
  • https://x.bidswitch.net/sync?ssp=vidoomy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=e06623de-0cc7-408b-9e24-f0ac6c78182c&google_hm=ZTA2NjIzZGUtMGNjNy00MDhiLTllMjQtZjBhYzZjNzgxODJj HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKm8w-TEMAq3T9qEs0esAEk&google_cver=1&ssp=vidoomy&bsw_param=e06623de-0cc7-408b-9e24-f0ac6c78182c HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=e06623de-0cc7-408b-9e24-f0ac6c78182c
Request Chain 429
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=undefined HTTP 302
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=undefined&verify=true HTTP 302
  • https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A&gdpr=0&gdpr_consent=
Request Chain 436
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 438
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A
Request Chain 439
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6917600745892463824
Request Chain 440
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-10af90a8-69e3-3789-b600-089a26852cd1
Request Chain 442
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9d278200-bc40-520d-945b-be3af76aac12
Request Chain 445
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 447
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A
Request Chain 448
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-10af90a8-69e3-3789-b600-089a26852cd1
Request Chain 449
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6917600745892463824
Request Chain 451
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9d278200-bc40-520d-945b-be3af76aac12
Request Chain 454
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 456
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A
Request Chain 457
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6917600745892463824
Request Chain 458
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-10af90a8-69e3-3789-b600-089a26852cd1
Request Chain 460
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9d278200-bc40-520d-945b-be3af76aac12
Request Chain 465
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9d278200-bc40-520d-945b-be3af76aac12
Request Chain 466
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6917600745892463824
Request Chain 468
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 470
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A
Request Chain 471
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-10af90a8-69e3-3789-b600-089a26852cd1
Request Chain 473
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 478
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 482
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 491
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 495
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9d278200-bc40-520d-945b-be3af76aac12
Request Chain 496
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-10af90a8-69e3-3789-b600-089a26852cd1
Request Chain 499
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6917600745892463824
Request Chain 501
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 502
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A
Request Chain 514
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 516
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECnK2sNr-7PYJupbGtquzD8&google_cver=1
Request Chain 518
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB&dcc=t
Request Chain 520
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=QArlPZha1OCE775
Request Chain 521
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Request Chain 523
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 525
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6917600745892463824
Request Chain 527
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB
Request Chain 528
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3713660117584974244
Request Chain 531
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6917600745892463824
Request Chain 532
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 534
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6917600745892463824
Request Chain 536
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3641602523547046308
Request Chain 537
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=affc6331-1228-4900-9a95-acf8014d3840
Request Chain 539
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YzESJrEZEq9GDHQcFbh0DgAA%264457 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=e571765c-1bc4-46e1-b564-96826d2ccaaa-tucta2a97a8
Request Chain 541
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YzESJrEZEq9GDHQcFbh0DgAA%264457?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YzESJrEZEq9GDHQcFbh0DgAA%264457
Request Chain 543
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6917600745892463824
Request Chain 544
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3785717711622902180
Request Chain 546
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=0a116331-1228-4d00-bbfb-d71d749eeb74
Request Chain 547
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=WUQFSnbMxda4IAHvW_rp
Request Chain 548
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=efaa6146-b310-41c1-8920-71aa658bd3fb
Request Chain 550
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB&dcc=t
Request Chain 559
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1664246697
Request Chain 560
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7066546449786629330&expiration=1665369897
Request Chain 561
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=ctnVLnXY1Clp3IB7d9LLfnLT0ipp0tZ5IIh7cNe2
Request Chain 563
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB&dcc=t
Request Chain 564
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECnK2sNr-7PYJupbGtquzD8&google_cver=1
Request Chain 565
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e06623de-0cc7-408b-9e24-f0ac6c78182c&ssp=index&gdpr=&gdpr_consent=
Request Chain 566
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=WUQFSnbMxda4IAHvW_rp
Request Chain 609
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=subject.com.ua&sn=ChromeSyncframe&so=3&topUrl=subject.com.ua&bundle=ePR3XF9TUHA5MWkxbHh3RlNjUEttZW91cWdQZWsxdG12cVY5R1JKZDAwSWRnJTJCRlYxJTJGUW95amp3SVhIWFZmaVJnT2cyVyUyRkkzcXR3UnZuMk14UmFkZUt0bk0zZ0twSlVKcjM2dmFjd3NXN3d2ektUJTJCZHJGNFhac3RPUmR5d3R2a2YlMkJLJTJGMw&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=G058LHxrcTNTRFhkMXZOUHBHTStrUktQODlOZmt1VWREWkNmOVJEYzgxaWFZdVMzcFFDRjlkRllVeitnK3IvckxqSWJySldTbGU0UlFZdXFFdzFYY2lMMU1WRUhmWXIwVHRLZVQ1OENTd3dicUR3aDAvQ09sTDJvRGdlZTJNWFVpNjY3NnRPTEhoQ21TbXVIMnFMcmJvL3hWMnlXYnpuQkRzbjF4RFlEYU01S09iaTkwNzJZWm5McjNZZnJUWC9DVHZCYVdsYndRc2FkSlRDWU56TWxyZzZ0VllvWVpYbjdyS1pEcmg1aUJOSVh6RGpzZDhLSkVlZmp4UFBZQVhsOEJWUXQ5eEVRak4vTlZINXVkSWNNOFJubG1SeUxiSTA5cUU1VXhKV3RFWWdMQ3hpRT18&cppv=2
Request Chain 657
  • https://pbjs.e-planning.net/pbjs/1/2a156/1/subject.com.ua/ROS?rnd=0.7768029918170243&e=26323%3A300x600%2C240x400%2C250x360%2C300x1050%2C320x480&ur=https%3A%2F%2Fsubject.com.ua%2F&pbv=6.24.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fsubject.com.ua%2F&e_criteoId=HPnI9182dFdDUHoyczY1dnI2UCUyQnRZcEUlMkZBSndISFYlMkZOc1hzc3RwaUhEbUR3NXF6MFhaYVM3aTU4V29ia2NqSDZSWiUyRlEzMzNDMFBURHJ1czV2NW9Ka0tJQ1ZnJTNEJTNE&e_pubProvidedId=%255B%255D&e_pubcid=bf4fc228-2d77-45c2-aebd-998e30fd76fb&e_uid2=%257B%2522id%2522%253A%257B%2522criteoId%2522%253A%2522HPnI9182dFdDUHoyczY1dnI2UCUyQnRZcEUlMkZBSndISFYlMkZOc1hzc3RwaUhEbUR3NXF6MFhaYVM3aTU4V29ia2NqSDZSWiUyRlEzMzNDMFBURHJ1czV2NW9Ka0tJQ1ZnJTNEJTNE%2522%257D%257D HTTP 302
  • https://pbjs.e-planning.net/hb/1/2a156/1/subject.com.ua/ROS?ct=1&r=pbjs&rnd=0.7768029918170243&e=26323%3A300x600%2C240x400%2C250x360%2C300x1050%2C320x480&ur=https%3A%2F%2Fsubject.com.ua%2F&pbv=6.24.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fsubject.com.ua%2F&e_criteoId=HPnI9182dFdDUHoyczY1dnI2UCUyQnRZcEUlMkZBSndISFYlMkZOc1hzc3RwaUhEbUR3NXF6MFhaYVM3aTU4V29ia2NqSDZSWiUyRlEzMzNDMFBURHJ1czV2NW9Ka0tJQ1ZnJTNEJTNE&e_pubProvidedId=%255B%255D&e_pubcid=bf4fc228-2d77-45c2-aebd-998e30fd76fb&e_uid2=%257B%2522id%2522%253A%257B%2522criteoId%2522%253A%2522HPnI9182dFdDUHoyczY1dnI2UCUyQnRZcEUlMkZBSndISFYlMkZOc1hzc3RwaUhEbUR3NXF6MFhaYVM3aTU4V29ia2NqSDZSWiUyRlEzMzNDMFBURHJ1czV2NW9Ka0tJQ1ZnJTNEJTNE%2522%257D%257D

669 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
subject.com.ua/
Redirect Chain
  • http://subject.com.ua/
  • https://subject.com.ua/
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subject.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.26.2 , Ukraine, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
valerym.sv
Software
Apache /
Resource Hash
c138289957b80cb663a620eff0a1604be0142d84f1598f28f81a23b8af28b8c5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, s-maxage=10
Connection
close
Content-Encoding
gzip
Content-Length
4165
Content-Type
text/html; charset=utf-8
Date
Mon, 26 Sep 2022 02:34:20 GMT
Server
Apache
Vary
Accept-Encoding
X-Mod-Pagespeed
1.13.35.2-0

Redirect headers

Connection
close
Content-Length
231
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 26 Sep 2022 02:34:20 GMT
Location
https://subject.com.ua/
Server
Apache
style.min.css
subject.com.ua/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subject.com.ua/css/style.min.css
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.26.2 , Ukraine, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
valerym.sv
Software
Apache /
Resource Hash
707c74e779762b2e450b6959ae22c2c6b0b26079fffe308b6427dcf8347506f2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 02:34:20 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Nov 2021 09:42:02 GMT
Server
Apache
ETag
"15dc-5d1c205107e0e-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=3600
Connection
close
Accept-Ranges
bytes
Content-Length
1430
97672d69-12a2-43ea-9222-362234514ff0.min.js
cmp.optad360.io/items/ 		258 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/97672d69-12a2-43ea-9222-362234514ff0.min.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b600:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da9da6cc08f4fae96cb11b10e093fc4d19f871c3d4b46a2a48ee7f26637b92e5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
content-encoding
gzip
last-modified
Fri, 15 Jan 2021 12:06:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
W/"c7b5c09d2b1684bb417714719df59bd9"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-id
yJ5HPqSbT1w8nOfCrh9cIaT0IyPHDxE-Oa4j71grhhIOgBPy3qCTwA==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		167 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c416915427342ac1a251c425798317daa8a6a33445fa0b46588b4292f6d8df19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58162
x-xss-protection
0
server
cafe
etag
8530888365763189549
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 02:44:52 GMT
dev2pub.js
tag.eu.dev2pub.com/ 		102 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.eu.dev2pub.com/dev2pub.js?id=%27d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f%27
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.91.60.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
33797c8ad76837a6437df8b58d028881706fe1d5a851880c24dca125a35ccd04

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 02:44:52 GMT
Last-Modified
Fri, 16 Sep 2022 15:30:17 GMT
Server
nginx
X-IPLB-Request-ID
D98AC469:A6CC_335B3C26:01BB_63311224_14A4657C:10DBE
ETag
"63249689-1969d"
X-IPLB-Instance
42215
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
104093
js
www.googletagmanager.com/gtag/ 		106 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-1099121-7
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a87695c44f101f0ca8d5eb45ed5a670d36f6ae31b81df1b97ab0850b6ae53ff3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42288
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 26 Sep 2022 02:44:52 GMT
cse.js
cse.google.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
344f5f4920b083cf07c3fd52478dc7d768c15bf776251d31b0e4bd26da0f3091
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Mon, 26 Sep 2022 02:44:52 GMT
content-encoding
br
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3509
x-xss-protection
0
server
gws
expires
Mon, 26 Sep 2022 02:44:52 GMT
plugin.min.js
get.optad360.io/sf/e630b43e-4175-11e8-9881-06048607e8f8/ 		267 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/e630b43e-4175-11e8-9881-06048607e8f8/plugin.min.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4419aae3c6d7ac5591ca891844b14a4443107883cb4c30b1563c83abcf3fc02

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 12:10:51 GMT
content-encoding
gzip
last-modified
Wed, 21 Sep 2022 12:10:31 GMT
server
AmazonS3
age
398042
etag
W/"555dbb30b4f895f012436b3367155765"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
cache-control
public, max-age=604800
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
gO8QqPpRkQA3-1oq70qQJ_-6x9GjXAiWjoiUInp4LNmEnzUAwr5jKA==
loader2.js
cdn.admixer.net/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc8
date
Mon, 26 Sep 2022 02:44:52 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:39 GMT
server
nginx
etag
W/"63049f2f-2c101"
x-cached-since
2022-09-26T02:42:29+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Tue, 23 Aug 2022 09:45:59 GMT
Roboto.woff2
subject.com.ua/fonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://subject.com.ua/fonts/Roboto.woff2
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/css/style.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.26.2 , Ukraine, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
valerym.sv
Software
Apache /
Resource Hash
57d4944ce0cbe8e3daba4cb5fcd014b2bf5d4e1d06a2bc6c24bab30eabf3109e

Request headers

Referer
https://subject.com.ua/css/style.min.css
Origin
https://subject.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 02:34:20 GMT
Last-Modified
Wed, 04 Dec 2019 15:02:31 GMT
Server
Apache
ETag
"6d84-598e21a197121"
Content-Type
font/woff2
Cache-Control
s-maxage=10
Connection
close
Accept-Ranges
bytes
Content-Length
28036
vdo.ai.js
a.vdo.ai/core/subject/ 		26 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.vdo.ai/core/subject/vdo.ai.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.105.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d716f37b664afe964ed94764c22d8dc938c382b425627731ccb48f3c60b5d5d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
via
1.1 varnish-v4
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
vdo-server
Tag2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish
52639119 48613891
last-modified
Sun, 25 Sep 2022 22:17:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSiTAsT7sQvfdTipoDiXu5YEgkRzr8M9OVwJ0H%2BtflAvX4l%2BBxTzIQWN%2BuGU0cr78N1B7NwQE6NNQVEMq6mQMx1NiS54tA54KAxy%2BhudFb59aQEzMtcTAIEmXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cache-control
public, max-age=1800
cf-ray
7508a907f8597318-LHR
cse_element__uk.js
www.google.com/cse/static/element/fd562c898514f252/ 		306 KB
306 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/fd562c898514f252/cse_element__uk.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c77d76b79ca5c885e274de881b3e76eaafe89137c60a80e65039e0662481b223
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 22:42:45 GMT
x-content-type-options
nosniff
age
446527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312833
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 20:48:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 20 Sep 2023 22:42:45 GMT
default+uk.css
www.google.com/cse/static/element/fd562c898514f252/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/fd562c898514f252/default+uk.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 22:51:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9086
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 20:48:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Fri, 22 Sep 2023 22:51:16 GMT
espresso.css
www.google.com/cse/static/style/look/v4/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/espresso.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79079035ef85018e365005353caff57c4797c437cb07f6460e77bf6477cd3805
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:08:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1538
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Mon, 26 Sep 2022 02:58:41 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209200101/ 		347 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua&bust=31069778
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f90f6220d05433b54f896f59a8a96090d81e322094630619951b2b4c5859cf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125283
x-xss-protection
0
server
cafe
etag
9566223732741280094
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 02:44:52 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/ Frame 7F5D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
14119
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 25 Sep 2022 22:49:34 GMT
etag
9671129459699598864
expires
Sun, 09 Oct 2022 22:49:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1099121-7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
5335
date
Mon, 26 Sep 2022 01:15:58 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Mon, 26 Sep 2022 03:15:58 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/e630b43e-4175-11e8-9881-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da80d5d67e564e0aae877774fdfc2f5c921f2f1704be1267513ca165728130aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27831
x-xss-protection
0
server
sffe
etag
"1345 / 455 of 1000 / last-modified: 1663970755"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 26 Sep 2022 02:44:53 GMT
prebid7.4.0.js
get.optad360.io/sf/ 		489 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid7.4.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/e630b43e-4175-11e8-9881-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
974e273832eda34a4be17276099fc4b24df1c01ce07fcd52e89d8a023dd1c4f0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:42:08 GMT
content-encoding
gzip
last-modified
Tue, 05 Jul 2022 07:01:35 GMT
server
AmazonS3
age
4050165
etag
W/"a0bddabb480a5fb345c76e9ee90ca693"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
8_7f3G_GebzSYPsKka9P_n9Zfsd9IUBfMSle75lMau2TG9JJxC9BiA==
branding-ads.svg
optad360.mgr.consensu.org/icons/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optad360.mgr.consensu.org/icons/branding-ads.svg
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-2.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 01:32:54 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2022 12:02:24 GMT
server
AmazonS3
age
20005
etag
W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
8KaX9Y7gV_p7Z1O_LLqxIq7JqKrDP0cm9L6442sahpSO65sPV4RW4Q==
GetLastCurrenciesRates
api.eu.dev2pub.com/api/public/Dev2Pub/ 		423 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.eu.dev2pub.com/api/public/Dev2Pub/GetLastCurrenciesRates
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/dev2pub.js?id=%27d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.91.60.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
0f74c6caba42a81bdad72569c74774db1d2151c53f9accd5eb6a9fb96169588a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 26 Sep 2022 02:44:53 GMT
Server
nginx
X-IPLB-Request-ID
D98AC469:A6EE_335B3C26:01BB_63311225_14A5CC62:26F3B
Content-Length
423
X-IPLB-Instance
42214
Content-Type
application/json; charset=utf-8
cookie.js
partner.googleadservices.com/gampad/ 		218 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=subject.com.ua&callback=_gfp_s_&client=ca-pub-2062463022593482
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua&bust=31069778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d09acff1aebb2843b5141bec320d21bc6ab46c42cd59f3ed36aba7622e28449c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua&bust=31069778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 02:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua&bust=31069778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 02:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CCBA 		143 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&adk=1812271804&adf=3025194257&lmt=1664160293&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsubject.com.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664160292899&bpp=2&bdt=393&idt=150&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6039425552057&frm=20&pv=2&ga_vid=2035559868.1664160293&ga_sid=1664160293&ga_hid=251655650&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069778%2C31067825%2C31062930&oid=2&pvsid=3670890927833525&tmod=1781350794&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=165
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua&bust=31069778
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63c2f299c614b413590ac50678d5d757d40a37def81f91449af6868af85f569e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
47019
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 02:44:53 GMT
expires
Mon, 26 Sep 2022 02:44:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CC16 		86 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1664160293&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664160292901&bpp=2&bdt=395&idt=182&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6039425552057&frm=20&pv=1&ga_vid=2035559868.1664160293&ga_sid=1664160293&ga_hid=251655650&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069778%2C31067825%2C31062930&oid=2&pvsid=3670890927833525&tmod=1781350794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zn6dqrl8NN&p=https%3A//subject.com.ua&dtd=185
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua&bust=31069778
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c1923c63e2f4e4b406f308d646d2d8cab65b9ba45f5e50e2b37b4c008efbde3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
31668
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 02:44:53 GMT
expires
Mon, 26 Sep 2022 02:44:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220926
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d5fad4eaf43197bd1a013863815cb39fc56a3ce2332a93f518e7bd77154c3a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
42234
x-jsd-version
1.0.1474
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19151-FRA, cache-itm18849-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66c-w41ZYyLlo5ripo3jotvDeZoD5rM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iA9KMqafCbYOb8eNBcxrtiMZuXesDvR4iE8iZPLGUoCjezd6W4tsM2F69nxLNdBl0kNm4EMotIkyMdaqbmLnAzb7oR2eRXVZ3UOo8J6NJc1sTtRTeImc0Ue%2BVmA4OK%2BbAMEPURVoPhUW19pWzA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
7508a9087bfd76ff-LHR
/
ssp.wp.pl/bidder/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.6&pbver=7.4.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
uber-trace-id
0000000000000000e0463ebdeb9f3567:bc28d2f01e5a148e:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.4.0&cb=93591429678
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Sep 2022 02:44:52 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
913c23970520582ffcd03c13e3ec65a8630a4465578623a9839a1eec59c6cf4d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:53 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
cd94c2a1-5919-4da5-85f7-2d5117aac960
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://subject.com.ua
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=35361&adtype=banner&auc=oa-360-1664160292979_na9zo9gkz&w=336&h=280&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&l=en&dt=1&pid=62135&requestId=101f0dfe339dff4&schain=%5Bobject%20Object%5D&bidfloor=0&d=subject.com.ua&sp=https%253A%252F%252Fsubject.com.ua%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.18.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-18-59.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:53 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
c
prebid.a-mo.net/a/ 		0
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:52 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
0
vary
origin, Accept-Encoding
pbjs
useast.quantumdex.io/auction/ 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:53 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a9088a1471e7-LHR
access-control-allow-methods
POST, GET
openrtb
adx.adform.net/adx/ 		0
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:53 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:53 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
auction
rtb.adxpremium.services/openrtb2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
148.251.44.111 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sundoro
Software
/
Resource Hash
39004ca64603aa9cb9cf7ecfa6e098bae5d1bddaa548d4084a1dd13041c30287

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:53 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
auction
rtb.adxpremium.services/openrtb2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
148.251.44.111 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sundoro
Software
/
Resource Hash
c499f5081ece3f1e8387cbc52a49d16ce5678a4ef7e572ba8ad30911d2b9d5a8

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:53 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5348eae4e481d978edd98af71ea349806beaa0776feed08ab16da89c1c0a4e66
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:53 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
02e13170-d072-436f-b84b-396475266664
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:53 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
c
prebid.a-mo.net/a/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:53 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=35361&adtype=banner&auc=oa-360-1664160292981_v0an47q8d&w=970&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&l=en&dt=1&pid=62135&requestId=32e2b94b94969a6&schain=%5Bobject%20Object%5D&bidfloor=0&d=subject.com.ua&sp=https%253A%252F%252Fsubject.com.ua%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.18.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-18-59.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:53 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
openrtb
adx.adform.net/adx/ 		0
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:53 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
ssp.wp.pl/bidder/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.6&pbver=7.4.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
uber-trace-id
000000000000000036616fe3fe0e0614:5c547982716b5a25:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
cdb
bidder.criteo.com/ 		18 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.4.0&cb=81249850719
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Sep 2022 02:44:52 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
pbjs
useast.quantumdex.io/auction/ 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:53 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a9088a1771e7-LHR
access-control-allow-methods
POST, GET
prebid-request
onetag-sys.com/ 		15 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://subject.com.ua
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.4.0&cb=3167982892
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Sep 2022 02:44:52 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
openrtb
adx.adform.net/adx/ 		0
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:53 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
auction
rtb.adxpremium.services/openrtb2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
148.251.44.111 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sundoro
Software
/
Resource Hash
c072267249edc4bf604fbfd5d25ebdc7ee6fd5197ae71ba6a0dab9a68dbda7f1

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:53 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=35361&adtype=banner&auc=oa-360-1664160292982_apj946ju8&w=120&h=600&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&l=en&dt=1&pid=62135&requestId=54267c0ec45c842&schain=%5Bobject%20Object%5D&bidfloor=0&d=subject.com.ua&sp=https%253A%252F%252Fsubject.com.ua%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.18.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-18-59.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:53 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f68dd1ca6db74cf62629f34befff8a40bc9b3e6230af4788b4dd579a762291cf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:53 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
f1ec90e7-b281-408f-9f2c-3b50a391ec9a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:53 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid-request
onetag-sys.com/ 		15 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://subject.com.ua
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
pbjs
useast.quantumdex.io/auction/ 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:53 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a9088a1671e7-LHR
access-control-allow-methods
POST, GET
/
ssp.wp.pl/bidder/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.6&pbver=7.4.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
uber-trace-id
0000000000000000d2ec991b86f2a1e6:57c60364e014d14f:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
c
prebid.a-mo.net/a/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:53 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
0
vary
origin, Accept-Encoding
prebid-request
onetag-sys.com/ 		15 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://subject.com.ua
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=35361&adtype=banner&auc=oa-360-1664160292980_o25jql1qp&w=970&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&l=en&dt=1&pid=62135&requestId=70ff0ab34a7d3f9&schain=%5Bobject%20Object%5D&bidfloor=0&d=subject.com.ua&sp=https%253A%252F%252Fsubject.com.ua%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.18.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-18-59.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:53 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:53 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b4f8aa73b2b0dfd39325e5e98bf17051f920d6a088e53c11792de093f3bf92b6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:53 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
a2ab72aa-871e-48a6-b4f6-ecffd8328859
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ssp.wp.pl/bidder/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.6&pbver=7.4.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
uber-trace-id
0000000000000000d44e013655ba4cbe:5d2fd1019fee4692:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
openrtb
adx.adform.net/adx/ 		0
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:53 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
pbjs
useast.quantumdex.io/auction/ 		0
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:53 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a9088a1571e7-LHR
access-control-allow-methods
POST, GET
auction
rtb.adxpremium.services/openrtb2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
148.251.44.111 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sundoro
Software
/
Resource Hash
d05979472753e915330fa42f7553f32639dd6eaad4b9e8ac4ae8d158340161cd

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:53 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
c
prebid.a-mo.net/a/ 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:52 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.4.0&cb=51588588300
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Sep 2022 02:44:52 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
c.html
cdn.admixer.net/scripts3/49044/ Frame 422A 		738 B
542 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Mon, 26 Sep 2022 02:44:53 GMT
etag
W/"63049f42-2e2"
expires
Mon, 25 Sep 2023 06:23:34 GMT
last-modified
Tue, 23 Aug 2022 09:34:58 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-09-24T06:23:34+00:00
x-id
fr5-up-gc8
a21031c0f6a0994b3314.b.js
cdn.admixer.net/scripts3/49044/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/a21031c0f6a0994b3314.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc8
date
Mon, 26 Sep 2022 02:44:53 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:56 GMT
server
nginx
etag
W/"63049f40-5d41"
vary
Accept-Encoding
x-cached-since
2022-09-24T06:33:20+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Mon, 25 Sep 2023 06:33:20 GMT
0a75d04ce9f53a1a35b6.b.js
cdn.admixer.net/scripts3/49044/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/49044/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc8
date
Mon, 26 Sep 2022 02:44:53 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:45 GMT
server
nginx
etag
W/"63049f35-12c39"
vary
Accept-Encoding
x-cached-since
2022-08-23T09:35:59+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Thu, 24 Aug 2023 09:35:59 GMT
async-ads.js
cse.google.com/adsense/search/ 		141 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/fd562c898514f252/cse_element__uk.js?usqp=CAI%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc69152cba66affa5143a503a688298672179fe645c91e0e81762452400c0bed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"3361183995822507346"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Mon, 26 Sep 2022 02:44:53 GMT
clear.png
www.google.com/cse/static/css/v2/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/fd562c898514f252/default+uk.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/cse/static/element/fd562c898514f252/default+uk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 05:46:24 GMT
x-content-type-options
nosniff
age
421109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1018
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 21 Sep 2023 05:46:24 GMT
generate_204
www.googleapis.com/ 		0
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleapis.com/generate_204
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
clients1.google.com/ 		0
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clients1.google.com/generate_204
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=251655650&t=pageview&_s=1&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1829216805&gjid=859960144&cid=2035559868.1664160293&tid=UA-1099121-7&_gid=2021730375.1664160293&_r=1&gtm=2ou9l0&z=344422260
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022092001.js
securepubads.g.doubleclick.net/gpt/ 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 23:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10310
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131075
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 08:35:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 25 Sep 2023 23:53:03 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		368 B
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=subject.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf937f22bb4c5f8e827a344e6726fa957c379738a0e9f4d5d35406ebb35d0143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 02:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166
x-xss-protection
0
expires
Mon, 26 Sep 2022 02:44:53 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-113932176-40
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/subject/vdo.ai.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7ee52169ce707e5ee18d4c08c711438c3f2af99539684fddd10988c91de48adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42210
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 26 Sep 2022 02:44:53 GMT
destination
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=UA-113932176-40&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1099121-7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8b26d2199f9280f668d56bcdac4ab6d2e514f799066062cd46fd77ad8ed7c430
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42304
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 26 Sep 2022 02:44:53 GMT
logger
analytics.vdo.ai/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/subject/vdo.ai.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.0.108.65.clients.your-server.de
Software
openresty/1.19.9.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 26 Sep 2022 02:44:53 GMT
Server
openresty/1.19.9.1
Connection
keep-alive
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
vdo.min.js
a.vdo.ai/core/dependencies_hbv4_latest/ 		409 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/subject/vdo.ai.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.105.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d191188a675a25eac4fb99febdbdaa6d5ac9a0910a55aaa06e9534299e1c0048

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
via
1.1 varnish-v4
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7508a90b3abf7318-LHR
x-cache
HIT
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 22 Sep 2022 12:24:58 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fT3UvNPjdwzkEeGUdYjCqM%2BR9OQ12r8V90nZnLQhbgCWorUNWQZ3YiTEh5d5i5M8IngKaOFbtDhhcazjmShgawQ%2BjeJ24ZFuoP8SC30cwHJh4gJpWnOVnczhyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
51542001 47861490
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
public, max-age=1800
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		378 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/subject/vdo.ai.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5b318376c54a718bcb2422a99b9a38435b3021e0871d7a0c1c4ad6a9f017b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128888
x-xss-protection
0
expires
Mon, 26 Sep 2022 02:44:53 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-1099121-7&cid=2035559868.1664160293&jid=1829216805&gjid=859960144&_gid=2021730375.1664160293&_u=YAhAAUAAAAAAAC~&z=166607279
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 26 Sep 2022 02:44:53 GMT
content-type
text/plain
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=35361&adtype=banner&auc=oa-360-1664160292979_ygm46vbhx&w=336&h=280&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&l=en&dt=1&pid=62135&requestId=9293d7fbe8495a8&schain=%5Bobject%20Object%5D&bidfloor=0&d=subject.com.ua&sp=https%253A%252F%252Fsubject.com.ua%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.18.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-18-59.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:53 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
/
ssp.wp.pl/bidder/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.6&pbver=7.4.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
uber-trace-id
0000000000000000087d770b8b6c96eb:7db9cff75e283c13:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
prebid-request
onetag-sys.com/ 		15 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://subject.com.ua
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/ 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:52 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
auction
rtb.adxpremium.services/openrtb2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
148.251.44.111 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sundoro
Software
/
Resource Hash
4a2e7adb8dda36879e256616f55d90f5336e92a9c90c41b1dddadc2700c7b895

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:53 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
openrtb
adx.adform.net/adx/ 		0
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:53 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		146 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e5803f6fc5b116f01905cf0f565285a7f44a6c03a84cc624091d3e279a125e93
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:53 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
4e3796d6-f0e5-4b9a-a077-efd0c60fe57f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
146
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:53 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
pbjs
useast.quantumdex.io/auction/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:53 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a9099a9b71e7-LHR
access-control-allow-methods
POST, GET
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.4.0&cb=54628627165
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.4.0&cb=61552868148
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Sep 2022 02:44:52 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
auction
rtb.adxpremium.services/openrtb2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
148.251.44.111 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sundoro
Software
/
Resource Hash
b9d099071a1b30f035d938d45118b8ad84c2a031a17adce8f0a3c5e66d01d4bf

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:53 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1192
expires
0
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=35361&adtype=banner&auc=oa-360-1664160292981_o4x42li8f&w=240&h=400&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&l=en&dt=1&pid=62135&requestId=116d1f40fca29611&schain=%5Bobject%20Object%5D&bidfloor=0&d=subject.com.ua&sp=https%253A%252F%252Fsubject.com.ua%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.18.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-18-59.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:53 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
c
prebid.a-mo.net/a/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:52 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
23
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
ssp.wp.pl/bidder/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.6&pbver=7.4.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://subject.com.ua
access-control-allow-credentials
true
uber-trace-id
00000000000000007130b158cafb55f9:9073e4e01fe494d5:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
prebid
ib.adnxs.com/ut/v3/ 		146 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3eb65a9f3878a4e59ff64a9884b6ba68eac5ac115f219a0244605636f735cc1f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:53 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
556bdf46-e034-4197-b37b-9700feb18655
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
146
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
useast.quantumdex.io/auction/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:53 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a909aab271e7-LHR
access-control-allow-methods
POST, GET
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:53 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid-request
onetag-sys.com/ 		15 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://subject.com.ua
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
openrtb
adx.adform.net/adx/ 		0
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:53 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209200101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209200101/reactive_library_fy2021.js?bust=31069778
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua&bust=31069778
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c31d2aec8f4dcf2725f8c7f4a89cf07e1e76322f2d4f89fb4fd23383b8f829f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54614
x-xss-protection
0
server
cafe
etag
11408739422321100175
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Sep 2022 02:44:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=1&c=ca-pub-2062463022593482&eid=44759875%2C44759926%2C44759837%2C31069778%2C31067825%2C31062930
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 02:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 02:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3670890927833525&correlator=3847107936865510&eid=31067825%2C31062930&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fif&iu_parts=121764058%3A22587791099%2Csubject.com.ua_adi_W1&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x600%7C160x600&ifi=3&adks=860533900&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3D25bba7b959468ccb-2298297b2fce0067%3AT%3D1664160293%3ART%3D1664160293%3AS%3DALNI_Mb-xQC-VtWQeLOP5TsE9MKUFw_bIA&abxe=1&dt=1664160293487&lmt=1664160293&dlt=1664160292506&idt=953&adxs=1410&adys=180&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsubject.com.ua%2F&frm=20&vis=1&psz=0x-1&msz=120x-1&fws=128&ohw=0&ga_vid=2035559868.1664160293&ga_sid=1664160293&ga_hid=251655650&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a571850722f024f59c757b7070ebfe50f1fb99118a7aa36c4bf8221d28ba7dd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9922
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		117 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3670890927833525&correlator=3847107936865510&eid=31067825%2C31062930&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fif&iu_parts=121764058%3A22587791099%2Csubject.com.ua_adi_BTF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C970x300%7C1000x250%7C1000x300%7C1000x100%7C580x400&ifi=4&adks=2394081568&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3D25bba7b959468ccb-2298297b2fce0067%3AT%3D1664160293%3ART%3D1664160293%3AS%3DALNI_Mb-xQC-VtWQeLOP5TsE9MKUFw_bIA&abxe=1&dt=1664160293494&lmt=1664160293&dlt=1664160292506&idt=953&adxs=315&adys=2360&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsubject.com.ua%2F&frm=20&vis=1&psz=0x-1&msz=970x-1&fws=640&ohw=0&ga_vid=2035559868.1664160293&ga_sid=1664160293&ga_hid=251655650&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a76bbdf551f86768c8e902c1379e1c9bcf389824b77b9e148d5fc81190936ffa
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7190496471749427572/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7190496471749427572/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPHXt5m4sfoCFULYEQgdaq4Hiw&gqi=&layout=/sadbundle/%24csp%253Der3%24/7190496471749427572/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7190496471749427572/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7190496471749427572/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPHXt5m4sfoCFULYEQgdaq4Hiw&gqi=&layout=/sadbundle/%24csp%253Der3%24/7190496471749427572/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44531
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Mon, 26 Sep 2022 02:44:54 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3670890927833525&correlator=3847107936865510&eid=31067825%2C31062930&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fif&iu_parts=121764058%3A22587791099%2Csubject.com.ua_adi_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C970x300%7C1200x300%7C1000x250%7C1000x300%7C1000x100%7C580x400&ifi=5&adks=3250874430&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3D25bba7b959468ccb-2298297b2fce0067%3AT%3D1664160293%3ART%3D1664160293%3AS%3DALNI_Mb-xQC-VtWQeLOP5TsE9MKUFw_bIA&abxe=1&dt=1664160293497&lmt=1664160293&dlt=1664160292506&idt=953&adxs=315&adys=28&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsubject.com.ua%2F&frm=20&vis=1&psz=0x-1&msz=970x-1&fws=640&ohw=0&ga_vid=2035559868.1664160293&ga_sid=1664160293&ga_hid=251655650&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
743a2dfd05453eaf71abf122ce433061f98dcb32a09526676d0a0c808160e3cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11070
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		117 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3670890927833525&correlator=3847107936865510&eid=31067825%2C31062930&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fif&iu_parts=121764058%3A22587791099%2Csubject.com.ua_am_co_S2&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C750x100%7C728x90%7C750x200%7C750x300%7C580x400%7C360x300&ifi=6&adks=1740042516&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3D25bba7b959468ccb-2298297b2fce0067%3AT%3D1664160293%3ART%3D1664160293%3AS%3DALNI_Mb-xQC-VtWQeLOP5TsE9MKUFw_bIA&abxe=1&dt=1664160293500&lmt=1664160293&dlt=1664160292506&idt=953&adxs=636&adys=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsubject.com.ua%2F&frm=20&vis=1&psz=0x-1&msz=336x-1&fws=644&ohw=1086&ga_vid=2035559868.1664160293&ga_sid=1664160293&ga_hid=251655650&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d79c41895cddfe42989650e3c50cd639773d6c39d3a78e492cd3a17d782a5041
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5605097281663783594/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5605097281663783594/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLr0ppm4sfoCFVZB4AodeG8Asg&gqi=&layout=/sadbundle/%24csp%253Der3%24/5605097281663783594/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5605097281663783594/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5605097281663783594/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLr0ppm4sfoCFVZB4AodeG8Asg&gqi=&layout=/sadbundle/%24csp%253Der3%24/5605097281663783594/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44273
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Mon, 26 Sep 2022 02:44:54 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 28D8 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 02:44:53 GMT
expires
Tue, 26 Sep 2023 02:44:53 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1099121-7&cid=2035559868.1664160293&jid=1829216805&_u=YAhAAUAAAAAAAC~&z=236142441
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1099121-7&cid=2035559868.1664160293&jid=1829216805&_u=YAhAAUAAAAAAAC~&z=236142441
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		117 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3670890927833525&correlator=3847107936865510&eid=31067825%2C31062930&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fif&iu_parts=121764058%3A22587791099%2Csubject.com.ua_adi_W2&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x400%7C240x600%7C160x600&ifi=7&adks=2430813555&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3D25bba7b959468ccb-2298297b2fce0067%3AT%3D1664160293%3ART%3D1664160293%3AS%3DALNI_Mb-xQC-VtWQeLOP5TsE9MKUFw_bIA&abxe=1&dt=1664160293521&lmt=1664160293&dlt=1664160292506&idt=953&adxs=14&adys=1577&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsubject.com.ua%2F&frm=20&vis=1&psz=0x-1&msz=240x-1&fws=640&ohw=0&ga_vid=2035559868.1664160293&ga_sid=1664160293&ga_hid=251655650&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
254363665b84635f4cf8821036845b542e865e0c6bc9d49148d4af5ba293bd43
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18249157524192948938/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18249157524192948938/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COme1pm4sfoCFdeAewod5ZYKNw&gqi=&layout=/sadbundle/%24csp%253Der3%24/18249157524192948938/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18249157524192948938/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18249157524192948938/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COme1pm4sfoCFdeAewod5ZYKNw&gqi=&layout=/sadbundle/%24csp%253Der3%24/18249157524192948938/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44292
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Mon, 26 Sep 2022 02:44:54 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame CC16 		6 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1664160293&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664160292901&bpp=2&bdt=395&idt=182&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6039425552057&frm=20&pv=1&ga_vid=2035559868.1664160293&ga_sid=1664160293&ga_hid=251655650&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069778%2C31067825%2C31062930&oid=2&pvsid=3670890927833525&tmod=1781350794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zn6dqrl8NN&p=https%3A//subject.com.ua&dtd=185
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 01:16:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 26 Sep 2022 02:44:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Sep 2022 02:44:53 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame CC16 		2 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1664160293&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664160292901&bpp=2&bdt=395&idt=182&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6039425552057&frm=20&pv=1&ga_vid=2035559868.1664160293&ga_sid=1664160293&ga_hid=251655650&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069778%2C31067825%2C31062930&oid=2&pvsid=3670890927833525&tmod=1781350794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zn6dqrl8NN&p=https%3A//subject.com.ua&dtd=185
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 01:34:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4218
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 01:34:35 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame CC16 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1664160293&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664160292901&bpp=2&bdt=395&idt=182&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6039425552057&frm=20&pv=1&ga_vid=2035559868.1664160293&ga_sid=1664160293&ga_hid=251655650&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069778%2C31067825%2C31062930&oid=2&pvsid=3670890927833525&tmod=1781350794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zn6dqrl8NN&p=https%3A//subject.com.ua&dtd=185
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:23:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9559
x-xss-protection
0
server
cafe
etag
12142024561622733046
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 02:23:05 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame CC16 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1664160293&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664160292901&bpp=2&bdt=395&idt=182&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6039425552057&frm=20&pv=1&ga_vid=2035559868.1664160293&ga_sid=1664160293&ga_hid=251655650&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069778%2C31067825%2C31062930&oid=2&pvsid=3670890927833525&tmod=1781350794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zn6dqrl8NN&p=https%3A//subject.com.ua&dtd=185
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 00:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6445
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 00:57:28 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame CC16 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1664160293&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664160292901&bpp=2&bdt=395&idt=182&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6039425552057&frm=20&pv=1&ga_vid=2035559868.1664160293&ga_sid=1664160293&ga_hid=251655650&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069778%2C31067825%2C31062930&oid=2&pvsid=3670890927833525&tmod=1781350794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zn6dqrl8NN&p=https%3A//subject.com.ua&dtd=185
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 01:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3402
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 01:48:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CC16 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1664160293&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664160292901&bpp=2&bdt=395&idt=182&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6039425552057&frm=20&pv=1&ga_vid=2035559868.1664160293&ga_sid=1664160293&ga_hid=251655650&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069778%2C31067825%2C31062930&oid=2&pvsid=3670890927833525&tmod=1781350794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zn6dqrl8NN&p=https%3A//subject.com.ua&dtd=185
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 02:44:53 GMT
b6810b6596f7ed55ed76c68d0358aca1.js
www.gstatic.com/mysidia/ Frame CC16 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1664160293&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664160292901&bpp=2&bdt=395&idt=182&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6039425552057&frm=20&pv=1&ga_vid=2035559868.1664160293&ga_sid=1664160293&ga_hid=251655650&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069778%2C31067825%2C31062930&oid=2&pvsid=3670890927833525&tmod=1781350794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zn6dqrl8NN&p=https%3A//subject.com.ua&dtd=185
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 09:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
147080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13684
x-xss-protection
0
last-modified
Fri, 23 Sep 2022 10:37:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 23 Dec 2022 09:53:33 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame CC16 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CjFJVJRIxY_eAC-Gj9u8P8fyc8A_v3pbLbLzsqLW0ENGVr_6TDhABILCesgNgu4aAgNAKoAG-np6iKMgBCakCTPfOg6A3sj6oAwHIA8sEqgTgAU_QRmAHdfBNfebplpFvusVMglJJ5uVwnJQMkTECHFuRp2fGJlUPVwuMdkbZopP-m5yPdORaCEXuPxQgl0q5fEPfKhf7JQesAJZy_wK3uT3n557_J70eIpwSvZPMIcH_Ea75QDLQ7xKXyaQXCh6mCaUmrOUhO9vD4JDI9RNICjl0oRItXgguzFj97hJwgBLL5561UljhqDOEGcIdCfFgrDmGmzbx8-bOvf7e_UDP9iu9r_xoIdbllW_JrVxMQBocsUh2EtBWhUEu3JCmUjnhLdlKiNSMYk-VksW6SKL_-F1CwASV8o79ggSSBQQIBBgBkgUECAUYBKAGLoAHvtbugQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDJpwjSCBEIgOGAcBABGB8yAusCOgKAQIAKAcgLAbgT5APYEwrQFQGAFwGyFxwKGggAEhRwdWItMjA2MjQ2MzAyMjU5MzQ4MhgA&sigh=zPej6sD1q08&uach_m=[UACH]&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1664160293&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664160292901&bpp=2&bdt=395&idt=182&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6039425552057&frm=20&pv=1&ga_vid=2035559868.1664160293&ga_sid=1664160293&ga_hid=251655650&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069778%2C31067825%2C31062930&oid=2&pvsid=3670890927833525&tmod=1781350794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zn6dqrl8NN&p=https%3A//subject.com.ua&dtd=185
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1664160293&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664160292901&bpp=2&bdt=395&idt=182&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6039425552057&frm=20&pv=1&ga_vid=2035559868.1664160293&ga_sid=1664160293&ga_hid=251655650&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069778%2C31067825%2C31062930&oid=2&pvsid=3670890927833525&tmod=1781350794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zn6dqrl8NN&p=https%3A//subject.com.ua&dtd=185
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 26 Sep 2022 02:44:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 26 Sep 2022 02:44:53 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/475065737907002928/ Frame CC16 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/475065737907002928/2076313506083323656
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1664160293&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664160292901&bpp=2&bdt=395&idt=182&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6039425552057&frm=20&pv=1&ga_vid=2035559868.1664160293&ga_sid=1664160293&ga_hid=251655650&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069778%2C31067825%2C31062930&oid=2&pvsid=3670890927833525&tmod=1781350794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zn6dqrl8NN&p=https%3A//subject.com.ua&dtd=185
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a2b9f6ab766b454c356c10dd2c1f324db0c451345cd3f3c4f89a5a31dd96b20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33054
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 09:19:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 26 Sep 2023 02:44:53 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/15145432791649407865/ Frame CC16 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15145432791649407865/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1664160293&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664160292901&bpp=2&bdt=395&idt=182&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6039425552057&frm=20&pv=1&ga_vid=2035559868.1664160293&ga_sid=1664160293&ga_hid=251655650&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069778%2C31067825%2C31062930&oid=2&pvsid=3670890927833525&tmod=1781350794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zn6dqrl8NN&p=https%3A//subject.com.ua&dtd=185
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4d290251f31c48cab112d3f3301aa2c9aba66a3d79172f3905ae59be9f781a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 02:42:32 GMT
x-content-type-options
nosniff
age
86541
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 09:18:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 25 Sep 2023 02:42:32 GMT
truncated
/ Frame CC16 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=1&c=ca-pub-2062463022593482&eid=44759875%2C44759926%2C44759837%2C31069778%2C31067825%2C31062930
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/ Frame 17EB 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua&bust=31069778
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
2179
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 02:08:34 GMT
etag
9671129459699598864
expires
Mon, 10 Oct 2022 02:08:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15123317543869618983/ Frame 792F 		64 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15123317543869618983/index.html
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63024f4a557c487a3bb914ff2bdeda17dac0d3e0903b979530ace833a1900633
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
363652
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22695
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Sep 2022 21:44:01 GMT
expires
Thu, 21 Sep 2023 21:44:01 GMT
last-modified
Thu, 10 Dec 2020 08:33:16 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 17EB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CB7SMJRIxY6D7CpW89u8PtuumkAOutMvFYMXD3P_kDP_1kOPXAhABILCesgNgu4aAgNAKoAHejoqFA8gBCakCTPfOg6A3sj6oAwHIA0iqBM0BT9BSdDP1Ccbmv-oFBwSgiQaLFLcEYpKcVyNcHu85Ggp7DRKKFXikXsFXHwhqrD3K2bpn3UHiSWuq3BrvUcJrtIxyy7jOx6rrklREVgksvRyL8cWKaTTjFkJu4GRL7tadxcj6OHcVCOQR7Ge0OIm16Ko_TBVY81_X5FOcUQKiasOdHU0fglJZh9eXg-lItz4OtDOSWA8iqAyyHc7s4nWPqFmjlwIJusqyJPXCf8g89cXreAaEXLAW_O4k5o9p235KAHfF3QApYV7fRIUn7sAEt-qwsK0DkgUECAQYAZIFBAgFGASgBi6AB4rx9XqoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCG2wrSCBEIgOGAcBABGB8yAusCOgKAQIAKAcgLAaIMCCoGCgT5nrEC2BMK0BUBgBcBshccChoIABIUcHViLTIwNjI0NjMwMjI1OTM0ODIYAA&sigh=4T6dpVNozEc&uach_m=[UACH]&template_id=419
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 26 Sep 2022 02:44:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 17EB 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:23:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9559
x-xss-protection
0
server
cafe
etag
12142024561622733046
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 02:23:05 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=251655650&t=event&_s=1&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=vdoaijs&ea=loaded&el=subject&_u=aAjAAUABAAAAAC~&jid=276429341&gjid=1187594809&cid=2035559868.1664160293&tid=UA-113932176-40&_gid=2021730375.1664160293&_r=1&gtm=2ou9l0&z=547248260
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame CC16 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d92425ed44d47cde4f2bcc71fb47333058cd0bfad42dc92724b93dd08291f6ab

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CC16 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 13:27:29 GMT
x-content-type-options
nosniff
age
220644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Sep 2023 13:27:29 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CC16 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:44:52 GMT
x-content-type-options
nosniff
age
554401
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2023 16:44:52 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CC16 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:39:45 GMT
x-content-type-options
nosniff
age
554708
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2023 16:39:45 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 02:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 02:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3670890927833525&correlator=3847107936865510&eid=31067825%2C31062930&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fif&iu_parts=121764058%3A22587791099%2Csubject.com.ua_am_co_S1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C750x100%7C728x90%7C750x200%7C750x300%7C580x400%7C360x300&ifi=9&adks=3734540612&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3D25bba7b959468ccb-2298297b2fce0067%3AT%3D1664160293%3ART%3D1664160293%3AS%3DALNI_Mb-xQC-VtWQeLOP5TsE9MKUFw_bIA&abxe=1&dt=1664160293792&lmt=1664160293&dlt=1664160292506&idt=953&adxs=636&adys=445&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsubject.com.ua%2F&frm=20&vis=1&psz=0x-1&msz=336x-1&fws=644&ohw=1086&ga_vid=2035559868.1664160293&ga_sid=1664160293&ga_hid=251655650&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42035a062ae9274a8a44fc01be50f62e5ac5fc596570baa5404e312d4ba7c62a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11322
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 792F 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15123317543869618983/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 13:12:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48753
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2655
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 26 Sep 2022 13:12:20 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 792F 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15123317543869618983/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aafb3ee79dc18d6ddc6b5c5503dc051c6e89d25a801b243cd4310ce7e0eac5ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 09:36:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61713
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13218
x-xss-protection
0
server
cafe
etag
5545325275904357113
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 26 Sep 2022 09:36:20 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 792F 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15123317543869618983/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 26 Sep 2022 02:44:53 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 6BBD 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
2004
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 02:11:29 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 17EB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 00:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6445
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 00:57:28 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 17EB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 01:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3402
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 01:48:11 GMT
container.html
3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E8C1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 02:44:53 GMT
expires
Tue, 26 Sep 2023 02:44:53 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 17EB 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 02:44:54 GMT
truncated
/ Frame 17EB 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff687584d02225c12e6eeba4f8c41be712ae6d50e5050475ba90512ee4691d9b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6BBD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 02:44:54 GMT
expires
Mon, 26 Sep 2022 02:44:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 02:44:53 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 4A4F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2062463022593482&output=html&h=600&slotname=2231225757&adk=3129635753&adf=941345768&pi=t.ma~as.2231225757&w=252&fwrn=4&fwrnh=100&lmt=1664160293&rafmt=1&psa=0&format=252x600&url=https%3A%2F%2Fsubject.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664160292901&bpp=2&bdt=395&idt=182&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6039425552057&frm=20&pv=1&ga_vid=2035559868.1664160293&ga_sid=1664160293&ga_hid=251655650&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=957&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069778%2C31067825%2C31062930&oid=2&pvsid=3670890927833525&tmod=1781350794&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zn6dqrl8NN&p=https%3A//subject.com.ua&dtd=185
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 21:45:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363588
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 21:45:06 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E30B 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhiFiObTATAB&v=APEucNWtuRxNELgfKozIF5BQ3nvDkiZX48y6XQQgLOQkGecfOm7bzir-aGCznsB3suaQH2p3YdjuFs3eEjmdh0OiL3gLJHy2yfgcRVekpWNKjk1Fpyew2h7MSmEOy2C6oJi9UQ-qj9Q0d5DiViYkEhCtgVSmx6LJCqrlpiymw4R_nSQlLD5VYIKhi7YwXBvm6ToYumQ5TSyMRzpKf1Q06sfUgb5jluTcEg
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 02:44:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame E8C1 		87 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cp6CrsHd4tCN7LRbi1kTCES_AqfIMXBQdmMNmy45b9bS5m0I7nMzqIfxwgfaFNOeSGif213u7yIVA_DOj48g-Wo8el5xuLpx8PMhtkZq5qAdzVHMNQOqMdhIET1PFsbF30bpyQTQ7mlPAw-L67wjK6YwlJZOx-u_4W6oyTMF9W0yFqZF8&dbm_d=AKAmf-BRIMM1CMFCAa42h4D32YcM-vHGC2JkzZXprT340j28aOogJlb7D64xuHaCnwYMyh5egWXPQnaaA68OLy0PfXJFBpgojzNFE5-59K5xGNNs-sUr2E7bWRQdwAf1BsA7xDGHd4TLq9H3wjPJhoWXhZE6grwbUl7hoQw3RCRijvucV__CUDfrqbTy6p7BEnLNywTxQRxGEWrMkCNwQILr24eZSRvd1B9B1CHWMFw56YcL_xMRDHYBERZv6sQK07FRkcJBP25YAtNm5YVrN7cZIjpwbnV6gwlQbOjVIaZ3ve_XX0EcJV4u8hnSVAMT2-tMNapCqC8rFq0vIYRttvu0RNHUw6vBhgJtIjvE7gtJ_sXnLxevzmSFKXeypBJGbVw8bYhyOQPG9VCokzPthOHxO9_HS_r1dF0Hch1mFy-yndaG0LbMt9eOOZdiDSvKFr5E8TIh6ETIZsaPEDCkcYt2z8EMJvkJiACeUno8_cjkTpL1Bu1k8F2W6pmQqGkYlqa_IrjmR42-V7L1SzCAML7wQKyp-c9cY7fyWHpGqF3h1sudak_IuyxDzqCpkrtGLlaSU0UNxq7kpAKf3unamZBZe7w5K4KaFsqk-RYLXVs6Ybzq0Hkan6so32SEWGZfR3Rf6mprFXoOvlLMIletyeMpWjsssYxmUFFTmKt8pJKHtclRGC6L7gMVUdaNSuRLKjajAkiM3gdL6orjsew-gzwnqPe3QaNA2qiRE64D2FZctO99tOvRsxgxaaZtgjwA8FzklQwCXwlCCtqd7nCgfBn14HQYY6-bp7uiw7sbPwkVoKdagFU8VSKMqkNUI3zSwa-F3ZuOemezZvu2gBGJreRKDf-fj5a9jMZDvEezK3lvpxnHHeqxYN9kiyRSDNHr4uvHsmodBOklCu22I-O60Ub7Pt-VrjpRKTOwWv2MCl-1GggqWnxKtk7tdcy4lfkRa70sZa3EcJH36z0wzNa7HUSVgqn4IKJ06biWfUHi5jkzrP-Dv0ubn7AmvgMvqKr7Q3vo6Xk3nXaCwAA6lfgpTxjW2asXafyBAJ-YvwDIqXI1_Z3EwMblvCzv8iZS6s5yr4dOu8r91FQBmECU7mZIfom8xSPjQdDxiZGrXkg__Wf7UUI0M5TLG0Dvf44s_rLR5T6zl7SJ4J8aYd4jqF-wahs7zjHYNTceV0AgS4YBtMUz6DfI8a1fT_7tdOugv18GO99E6YWxZJM45M6-ven8kfg1Rm5RwQd0n3HAZ9FpP2aGcEj4sv4vlfkCWTWXSMDDiMEthizvvW7IK6-rY-u-yd9EkVZEOcyGejzTTM21DImXXmUN066iFrAixCkaavXdXNEr0xBvDZLjME2ZjFn7Un1c3bRlIzZOLbHMlRwxYpH3_14RudaECXk_yB8f6UEVOuEdM3sOozMuU21wBislnYE1mMud6bOE13z9qcjjPPZWSp9qohXjOzwUjS4hp_5R3yppRmQkvAJb3_5-Vek-g1YUkZ5IETV7X8KMfLAQv2P__rpdBrdKUiDqYIxogo40zXvoeXho2JNiTlQE9D2uYh_qjMZzjXw7UyUS7QIgB5CLzWiw9A0ZXsucwnNP7l-88hqX4Hn0hgE9v0rWOSAiCIY_e5irbTYBa98dfukK1eqVUe5NdHcWb5O9rafNQvZ_THTuREbwHgVVBtvZ-FpEqbypSryYY03kFGu7Hgas6ZYQHCMvSW3DoI1I1pAF3r_IVUQbZssTSNxrufE4iNjj0PVDLw2X4h3fMlnanHpKA9nRubYBEXy2SzperHk9MCeZv4T6F5kN42cM1WN4bIaTH8TUkwNrz21LjTicC8vKxcvu9xYA7avCLS3UWoGUC9tMlc1VaDtMg4crVXKOX8fnjgckKIugyN9Mf06uH_z14JrHv4n1OrUKkqx4YPi2O0MGF29pRb5MrPEiilH2PMmdBAxL1mKoXjYrtDE_fVzOtcKUhOPwrGAp2Bby6PLB9G-CHxIGMFaSviXpD-r6QELpxm-pSN1tJUViRwC0Oobx2wibsulsbgByqpTCcTCd0r3v0Cq-VM7uo1VdmtP0B_Td8BQzFReJNecvrKObBZyK1-6qTn8K-HJo6vYRqNf-vmBOGPpjTQIpZtaZqCmH5rPQmJVZsG9vJQaCryIFKS-3vO5IF3DdxtgMacLsBPvydVmC4RzS9g9lzPlUyvb5awMDg_iCrumaM5q3vjmtHl-r2Eu1WIaxhCo4VDDrIzgKoUrWofcFHRVipEggk8xgnRy5euX5WIpStIVRWydZ1wOHX19Dvm-2KwRyrUESMEqZFZyQ8U1n8P2Ym5yzQJC9u3yJCTzZo38fYhRwkcX3O54z23pqjgb-9Z0pu5xbKiBUI_EuIYHLLVB56ZwhfOEz6xSj-gMx7a3c3RPlRD7p50a5j4Sd7PjZCvenQIvBgVRHpuXiBip4Tzo2JwRbDSBziJZnGcA0OErMwWsSTTB-f0pB14qgOKLV0FiOOb37YdTuiAvJIoJiGCjungeI41wuPczhAY0EMKQ0YdJwh90yktwmJsaA5EfPWTiRyQCkBVK4UruzXBT_QkQ0sWKCHXsXLEngigKy1P-KAsvwm93dgBqfmB6NNudLvXUbLOZjIQA-yH06RoPjM4F7CFuDKjF6_s1L0szFol-zapZBPXrxveEJgHiCS7RdIS9h9ei0KWAp3dPcvPQ59EEeR7g5-HkSdSVPL1-pg8Z22G3Cki-uugzN-B6Iver9b8gEoWuSdAW5zBaTvx6AKsreb5Y9zHxG08Jn_D_jm36HnqXDdUUPix5cXBn8XoeEDzopJk1XwpAc0IEcvNJcmwgRzBLVINogucSZb_7fRUmztmHzKaug86LEi-06pltWzIBG-WnOwqfWaYqUmV3q3uA_vxD4uRZ9pMHbAwfHfQzgycSdkiIltoIff1v5vh-v7qaFmWqhhA7qpvDfcxFuaXjYW_t_wmyx8DwKGuZISmJv0JwnKo6HHPtFQfVDD3v_YHlKoOB9AbuuN5kPbjeaP5keUvwNWvcslwB6MPKmHXtpqz-Tq156oiB436z2lp3FkAEF8-rHPhebd71NmmijBmyzg8RhHf5eiRFBmSI1e4pDMH0Nx51vldJwXddlV9K3SnrXfqNi4F3FrD-fpGPiB5RdWu6FhKwP0lsXwyob8myYdMig3AL_CvK86CtX4M_oRHOOzUxJZ6STqzc8FpWms2f1HfnYZ-o0dE4ZJV3tVdJalRwkMKhZAipNFjL-I95p808E8LSLXyugU8cpB4yZsBD7S3ITU4uRx4CNglP4nUGQKJAzpDvt1Zr6M1j_knIlL0I6JCP1PBBwsLKvPdGQlcFsdEQpZ3I7yyPa0U-hLnxjW-gr7Y0q2_2LxZqfjzHpJ1fnNHxp38Uf34FGSs2IO2cW59DZlFOHKN4r9b-0W-EnA2KVuQ&cid=CAASJORo3g0waLppKuWwIld0OOQkpwFkvSpXi-CRc_kR-Pw6CCmldQ&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e632540fde4d5e1a88a0d6466dc76f211b2f2424ef4ae1815a6283986aa12809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35447
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E8C1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D_XGELjRNjMPAjuoeH7iQqAAnsC2p9xuplxv5VSW2mcfVyy-Ga0ZbDuH8S7qIXwH8OIKrGFW0K5sxpeEpL0FdSxynT6rSFUEX6lq_-ejfIH1bMXis
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame E8C1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 00:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6446
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 00:57:28 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame E8C1 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 01:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3403
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 01:48:11 GMT
l
www.google.com/ads/measurement/ Frame E8C1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTe_7KjV-7bPw310Snn9K2w8d4Pcb_GAsaOQ15zFf0xFb11dF5HzKdM7flN0uMRhQMe7U1iO9S4PjGlPMK0cYNEWQKcoA
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E8C1 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 02:44:54 GMT
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 792F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 21:45:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363588
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 21:45:06 GMT
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:54 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 27 Sep 2022 02:44:54 GMT
allowed_url.php
targeting.vdo.ai/ 		19 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.vdo.ai/allowed_url.php?type=json&url=subject.com.ua%2F&tag=subject&domain=subject.com.ua
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.105.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b9d138531024f707498168fe4f1cdaada235d29450f73b35beaff46fc24785

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlHes65bmYVKh2F2pcTowAAbuY5ZEun7qWcniu9z%2BvWCk1lGJQ4nEQvfmguKfY1qNBriyAu%2FZaT%2BpsCTDyd839gbQNiHsVGS7ILmmHjjGOU8JmAf2Qk6rLu22W6fV%2BkVLY1d"}],"group":"cf-nel","max_age":604800}
cf-ray
7508a9112bad74a9-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rum
dsum-sec.casalemedia.com/ Frame E30B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDJTdsg0lzv6LM0053132g&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDJTdsg0lzv6LM0053132g&google_cver=1&C=1
43 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDJTdsg0lzv6LM0053132g&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhiFiObTATAB&v=APEucNWtuRxNELgfKozIF5BQ3nvDkiZX48y6XQQgLOQkGecfOm7bzir-aGCznsB3suaQH2p3YdjuFs3eEjmdh0OiL3gLJHy2yfgcRVekpWNKjk1Fpyew2h7MSmEOy2C6oJi9UQ-qj9Q0d5DiViYkEhCtgVSmx6LJCqrlpiymw4R_nSQlLD5VYIKhi7YwXBvm6ToYumQ5TSyMRzpKf1Q06sfUgb5jluTcEg
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a9104aae4072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FyUk8CS3hRL9w3EStNZWv8Cj5aYn2x9AimL1y7%2B90xVWYh5upNgRXsYSsWdBnd9dJOj02sNQNj0r%2BP%2B5R3Jjozq9WYvjbkT%2BYY%2F01tZRKkHm8LVYZ5KMwxFwjBJROX2IpDxUG3pRJ%2BZL2A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcnJ3fOLFIQbcbcrUn4mTqD6RN1JyNlshaHISPRrZtDtbP7LI0Tnq8omQCZi1gtrBmzeMWZikGNN8FyaoVYY6J1%2BEToqxzYVVpf504%2BcfQcq69c2uwjqzZC2EqZNGG9pyc%2F0yPCvHkjqsw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEJDJTdsg0lzv6LM0053132g&google_cver=1&C=1
cache-control
no-cache
cf-ray
7508a90fb8107738-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame E30B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzESJp1EEpzspvY4fjBjuQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENyNo8wuEwiTAd4SdGlrusg&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENyNo8wuEwiTAd4SdGlrusg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhiFiObTATAB&v=APEucNWtuRxNELgfKozIF5BQ3nvDkiZX48y6XQQgLOQkGecfOm7bzir-aGCznsB3suaQH2p3YdjuFs3eEjmdh0OiL3gLJHy2yfgcRVekpWNKjk1Fpyew2h7MSmEOy2C6oJi9UQ-qj9Q0d5DiViYkEhCtgVSmx6LJCqrlpiymw4R_nSQlLD5VYIKhi7YwXBvm6ToYumQ5TSyMRzpKf1Q06sfUgb5jluTcEg
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a9112b0a4072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwlNrF0Ptyci85IJBgi4JoQxiS0mMRFVafMvi%2FPLQneBgKewpdZ7ISCK5GokbOL38dnVk3c2LMQEBtPG06Wou1ZkCHqkkXrKiMHcDwhWMhhFhV0xIMqRaSl2H%2BDEehnB5ZBYZdqzRjMcLA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENyNo8wuEwiTAd4SdGlrusg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame E30B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBsV8mwQcxB_wkwiEdaxH80&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBsV8mwQcxB_wkwiEdaxH80&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhiFiObTATAB&v=APEucNWtuRxNELgfKozIF5BQ3nvDkiZX48y6XQQgLOQkGecfOm7bzir-aGCznsB3suaQH2p3YdjuFs3eEjmdh0OiL3gLJHy2yfgcRVekpWNKjk1Fpyew2h7MSmEOy2C6oJi9UQ-qj9Q0d5DiViYkEhCtgVSmx6LJCqrlpiymw4R_nSQlLD5VYIKhi7YwXBvm6ToYumQ5TSyMRzpKf1Q06sfUgb5jluTcEg
Protocol
HTTP/1.1
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:54 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
90422d07-a7c6-4b4b-9394-06ab986b21a2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBsV8mwQcxB_wkwiEdaxH80&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E30B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxNzYwMDc0NTg5MjQ2MzgyNA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxNzYwMDc0NTg5MjQ2MzgyNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCj-8KCAhiFiObTATAB&v=APEucNWtuRxNELgfKozIF5BQ3nvDkiZX48y6XQQgLOQkGecfOm7bzir-aGCznsB3suaQH2p3YdjuFs3eEjmdh0OiL3gLJHy2yfgcRVekpWNKjk1Fpyew2h7MSmEOy2C6oJi9UQ-qj9Q0d5DiViYkEhCtgVSmx6LJCqrlpiymw4R_nSQlLD5VYIKhi7YwXBvm6ToYumQ5TSyMRzpKf1Q06sfUgb5jluTcEg
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:54 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
16955652-f9bf-4805-9b17-536216d8abf7
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxNzYwMDc0NTg5MjQ2MzgyNA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CC2B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 02:44:53 GMT
expires
Tue, 26 Sep 2023 02:44:53 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=251655650&t=pageview&_s=1&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAUABC~&jid=&gjid=&cid=2035559868.1664160293&tid=UA-113932176-40&_gid=2021730375.1664160293&gtm=2ou9l0&z=1972925158
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 05:04:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78021
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame E8C1 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
Origin
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 15:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41136
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 26 Sep 2022 15:19:18 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame E8C1 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cp6CrsHd4tCN7LRbi1kTCES_AqfIMXBQdmMNmy45b9bS5m0I7nMzqIfxwgfaFNOeSGif213u7yIVA_DOj48g-Wo8el5xuLpx8PMhtkZq5qAdzVHMNQOqMdhIET1PFsbF30bpyQTQ7mlPAw-L67wjK6YwlJZOx-u_4W6oyTMF9W0yFqZF8&dbm_d=AKAmf-BRIMM1CMFCAa42h4D32YcM-vHGC2JkzZXprT340j28aOogJlb7D64xuHaCnwYMyh5egWXPQnaaA68OLy0PfXJFBpgojzNFE5-59K5xGNNs-sUr2E7bWRQdwAf1BsA7xDGHd4TLq9H3wjPJhoWXhZE6grwbUl7hoQw3RCRijvucV__CUDfrqbTy6p7BEnLNywTxQRxGEWrMkCNwQILr24eZSRvd1B9B1CHWMFw56YcL_xMRDHYBERZv6sQK07FRkcJBP25YAtNm5YVrN7cZIjpwbnV6gwlQbOjVIaZ3ve_XX0EcJV4u8hnSVAMT2-tMNapCqC8rFq0vIYRttvu0RNHUw6vBhgJtIjvE7gtJ_sXnLxevzmSFKXeypBJGbVw8bYhyOQPG9VCokzPthOHxO9_HS_r1dF0Hch1mFy-yndaG0LbMt9eOOZdiDSvKFr5E8TIh6ETIZsaPEDCkcYt2z8EMJvkJiACeUno8_cjkTpL1Bu1k8F2W6pmQqGkYlqa_IrjmR42-V7L1SzCAML7wQKyp-c9cY7fyWHpGqF3h1sudak_IuyxDzqCpkrtGLlaSU0UNxq7kpAKf3unamZBZe7w5K4KaFsqk-RYLXVs6Ybzq0Hkan6so32SEWGZfR3Rf6mprFXoOvlLMIletyeMpWjsssYxmUFFTmKt8pJKHtclRGC6L7gMVUdaNSuRLKjajAkiM3gdL6orjsew-gzwnqPe3QaNA2qiRE64D2FZctO99tOvRsxgxaaZtgjwA8FzklQwCXwlCCtqd7nCgfBn14HQYY6-bp7uiw7sbPwkVoKdagFU8VSKMqkNUI3zSwa-F3ZuOemezZvu2gBGJreRKDf-fj5a9jMZDvEezK3lvpxnHHeqxYN9kiyRSDNHr4uvHsmodBOklCu22I-O60Ub7Pt-VrjpRKTOwWv2MCl-1GggqWnxKtk7tdcy4lfkRa70sZa3EcJH36z0wzNa7HUSVgqn4IKJ06biWfUHi5jkzrP-Dv0ubn7AmvgMvqKr7Q3vo6Xk3nXaCwAA6lfgpTxjW2asXafyBAJ-YvwDIqXI1_Z3EwMblvCzv8iZS6s5yr4dOu8r91FQBmECU7mZIfom8xSPjQdDxiZGrXkg__Wf7UUI0M5TLG0Dvf44s_rLR5T6zl7SJ4J8aYd4jqF-wahs7zjHYNTceV0AgS4YBtMUz6DfI8a1fT_7tdOugv18GO99E6YWxZJM45M6-ven8kfg1Rm5RwQd0n3HAZ9FpP2aGcEj4sv4vlfkCWTWXSMDDiMEthizvvW7IK6-rY-u-yd9EkVZEOcyGejzTTM21DImXXmUN066iFrAixCkaavXdXNEr0xBvDZLjME2ZjFn7Un1c3bRlIzZOLbHMlRwxYpH3_14RudaECXk_yB8f6UEVOuEdM3sOozMuU21wBislnYE1mMud6bOE13z9qcjjPPZWSp9qohXjOzwUjS4hp_5R3yppRmQkvAJb3_5-Vek-g1YUkZ5IETV7X8KMfLAQv2P__rpdBrdKUiDqYIxogo40zXvoeXho2JNiTlQE9D2uYh_qjMZzjXw7UyUS7QIgB5CLzWiw9A0ZXsucwnNP7l-88hqX4Hn0hgE9v0rWOSAiCIY_e5irbTYBa98dfukK1eqVUe5NdHcWb5O9rafNQvZ_THTuREbwHgVVBtvZ-FpEqbypSryYY03kFGu7Hgas6ZYQHCMvSW3DoI1I1pAF3r_IVUQbZssTSNxrufE4iNjj0PVDLw2X4h3fMlnanHpKA9nRubYBEXy2SzperHk9MCeZv4T6F5kN42cM1WN4bIaTH8TUkwNrz21LjTicC8vKxcvu9xYA7avCLS3UWoGUC9tMlc1VaDtMg4crVXKOX8fnjgckKIugyN9Mf06uH_z14JrHv4n1OrUKkqx4YPi2O0MGF29pRb5MrPEiilH2PMmdBAxL1mKoXjYrtDE_fVzOtcKUhOPwrGAp2Bby6PLB9G-CHxIGMFaSviXpD-r6QELpxm-pSN1tJUViRwC0Oobx2wibsulsbgByqpTCcTCd0r3v0Cq-VM7uo1VdmtP0B_Td8BQzFReJNecvrKObBZyK1-6qTn8K-HJo6vYRqNf-vmBOGPpjTQIpZtaZqCmH5rPQmJVZsG9vJQaCryIFKS-3vO5IF3DdxtgMacLsBPvydVmC4RzS9g9lzPlUyvb5awMDg_iCrumaM5q3vjmtHl-r2Eu1WIaxhCo4VDDrIzgKoUrWofcFHRVipEggk8xgnRy5euX5WIpStIVRWydZ1wOHX19Dvm-2KwRyrUESMEqZFZyQ8U1n8P2Ym5yzQJC9u3yJCTzZo38fYhRwkcX3O54z23pqjgb-9Z0pu5xbKiBUI_EuIYHLLVB56ZwhfOEz6xSj-gMx7a3c3RPlRD7p50a5j4Sd7PjZCvenQIvBgVRHpuXiBip4Tzo2JwRbDSBziJZnGcA0OErMwWsSTTB-f0pB14qgOKLV0FiOOb37YdTuiAvJIoJiGCjungeI41wuPczhAY0EMKQ0YdJwh90yktwmJsaA5EfPWTiRyQCkBVK4UruzXBT_QkQ0sWKCHXsXLEngigKy1P-KAsvwm93dgBqfmB6NNudLvXUbLOZjIQA-yH06RoPjM4F7CFuDKjF6_s1L0szFol-zapZBPXrxveEJgHiCS7RdIS9h9ei0KWAp3dPcvPQ59EEeR7g5-HkSdSVPL1-pg8Z22G3Cki-uugzN-B6Iver9b8gEoWuSdAW5zBaTvx6AKsreb5Y9zHxG08Jn_D_jm36HnqXDdUUPix5cXBn8XoeEDzopJk1XwpAc0IEcvNJcmwgRzBLVINogucSZb_7fRUmztmHzKaug86LEi-06pltWzIBG-WnOwqfWaYqUmV3q3uA_vxD4uRZ9pMHbAwfHfQzgycSdkiIltoIff1v5vh-v7qaFmWqhhA7qpvDfcxFuaXjYW_t_wmyx8DwKGuZISmJv0JwnKo6HHPtFQfVDD3v_YHlKoOB9AbuuN5kPbjeaP5keUvwNWvcslwB6MPKmHXtpqz-Tq156oiB436z2lp3FkAEF8-rHPhebd71NmmijBmyzg8RhHf5eiRFBmSI1e4pDMH0Nx51vldJwXddlV9K3SnrXfqNi4F3FrD-fpGPiB5RdWu6FhKwP0lsXwyob8myYdMig3AL_CvK86CtX4M_oRHOOzUxJZ6STqzc8FpWms2f1HfnYZ-o0dE4ZJV3tVdJalRwkMKhZAipNFjL-I95p808E8LSLXyugU8cpB4yZsBD7S3ITU4uRx4CNglP4nUGQKJAzpDvt1Zr6M1j_knIlL0I6JCP1PBBwsLKvPdGQlcFsdEQpZ3I7yyPa0U-hLnxjW-gr7Y0q2_2LxZqfjzHpJ1fnNHxp38Uf34FGSs2IO2cW59DZlFOHKN4r9b-0W-EnA2KVuQ&cid=CAASJORo3g0waLppKuWwIld0OOQkpwFkvSpXi-CRc_kR-Pw6CCmldQ&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:41:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
214
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 02:41:20 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame E8C1 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cp6CrsHd4tCN7LRbi1kTCES_AqfIMXBQdmMNmy45b9bS5m0I7nMzqIfxwgfaFNOeSGif213u7yIVA_DOj48g-Wo8el5xuLpx8PMhtkZq5qAdzVHMNQOqMdhIET1PFsbF30bpyQTQ7mlPAw-L67wjK6YwlJZOx-u_4W6oyTMF9W0yFqZF8&dbm_d=AKAmf-BRIMM1CMFCAa42h4D32YcM-vHGC2JkzZXprT340j28aOogJlb7D64xuHaCnwYMyh5egWXPQnaaA68OLy0PfXJFBpgojzNFE5-59K5xGNNs-sUr2E7bWRQdwAf1BsA7xDGHd4TLq9H3wjPJhoWXhZE6grwbUl7hoQw3RCRijvucV__CUDfrqbTy6p7BEnLNywTxQRxGEWrMkCNwQILr24eZSRvd1B9B1CHWMFw56YcL_xMRDHYBERZv6sQK07FRkcJBP25YAtNm5YVrN7cZIjpwbnV6gwlQbOjVIaZ3ve_XX0EcJV4u8hnSVAMT2-tMNapCqC8rFq0vIYRttvu0RNHUw6vBhgJtIjvE7gtJ_sXnLxevzmSFKXeypBJGbVw8bYhyOQPG9VCokzPthOHxO9_HS_r1dF0Hch1mFy-yndaG0LbMt9eOOZdiDSvKFr5E8TIh6ETIZsaPEDCkcYt2z8EMJvkJiACeUno8_cjkTpL1Bu1k8F2W6pmQqGkYlqa_IrjmR42-V7L1SzCAML7wQKyp-c9cY7fyWHpGqF3h1sudak_IuyxDzqCpkrtGLlaSU0UNxq7kpAKf3unamZBZe7w5K4KaFsqk-RYLXVs6Ybzq0Hkan6so32SEWGZfR3Rf6mprFXoOvlLMIletyeMpWjsssYxmUFFTmKt8pJKHtclRGC6L7gMVUdaNSuRLKjajAkiM3gdL6orjsew-gzwnqPe3QaNA2qiRE64D2FZctO99tOvRsxgxaaZtgjwA8FzklQwCXwlCCtqd7nCgfBn14HQYY6-bp7uiw7sbPwkVoKdagFU8VSKMqkNUI3zSwa-F3ZuOemezZvu2gBGJreRKDf-fj5a9jMZDvEezK3lvpxnHHeqxYN9kiyRSDNHr4uvHsmodBOklCu22I-O60Ub7Pt-VrjpRKTOwWv2MCl-1GggqWnxKtk7tdcy4lfkRa70sZa3EcJH36z0wzNa7HUSVgqn4IKJ06biWfUHi5jkzrP-Dv0ubn7AmvgMvqKr7Q3vo6Xk3nXaCwAA6lfgpTxjW2asXafyBAJ-YvwDIqXI1_Z3EwMblvCzv8iZS6s5yr4dOu8r91FQBmECU7mZIfom8xSPjQdDxiZGrXkg__Wf7UUI0M5TLG0Dvf44s_rLR5T6zl7SJ4J8aYd4jqF-wahs7zjHYNTceV0AgS4YBtMUz6DfI8a1fT_7tdOugv18GO99E6YWxZJM45M6-ven8kfg1Rm5RwQd0n3HAZ9FpP2aGcEj4sv4vlfkCWTWXSMDDiMEthizvvW7IK6-rY-u-yd9EkVZEOcyGejzTTM21DImXXmUN066iFrAixCkaavXdXNEr0xBvDZLjME2ZjFn7Un1c3bRlIzZOLbHMlRwxYpH3_14RudaECXk_yB8f6UEVOuEdM3sOozMuU21wBislnYE1mMud6bOE13z9qcjjPPZWSp9qohXjOzwUjS4hp_5R3yppRmQkvAJb3_5-Vek-g1YUkZ5IETV7X8KMfLAQv2P__rpdBrdKUiDqYIxogo40zXvoeXho2JNiTlQE9D2uYh_qjMZzjXw7UyUS7QIgB5CLzWiw9A0ZXsucwnNP7l-88hqX4Hn0hgE9v0rWOSAiCIY_e5irbTYBa98dfukK1eqVUe5NdHcWb5O9rafNQvZ_THTuREbwHgVVBtvZ-FpEqbypSryYY03kFGu7Hgas6ZYQHCMvSW3DoI1I1pAF3r_IVUQbZssTSNxrufE4iNjj0PVDLw2X4h3fMlnanHpKA9nRubYBEXy2SzperHk9MCeZv4T6F5kN42cM1WN4bIaTH8TUkwNrz21LjTicC8vKxcvu9xYA7avCLS3UWoGUC9tMlc1VaDtMg4crVXKOX8fnjgckKIugyN9Mf06uH_z14JrHv4n1OrUKkqx4YPi2O0MGF29pRb5MrPEiilH2PMmdBAxL1mKoXjYrtDE_fVzOtcKUhOPwrGAp2Bby6PLB9G-CHxIGMFaSviXpD-r6QELpxm-pSN1tJUViRwC0Oobx2wibsulsbgByqpTCcTCd0r3v0Cq-VM7uo1VdmtP0B_Td8BQzFReJNecvrKObBZyK1-6qTn8K-HJo6vYRqNf-vmBOGPpjTQIpZtaZqCmH5rPQmJVZsG9vJQaCryIFKS-3vO5IF3DdxtgMacLsBPvydVmC4RzS9g9lzPlUyvb5awMDg_iCrumaM5q3vjmtHl-r2Eu1WIaxhCo4VDDrIzgKoUrWofcFHRVipEggk8xgnRy5euX5WIpStIVRWydZ1wOHX19Dvm-2KwRyrUESMEqZFZyQ8U1n8P2Ym5yzQJC9u3yJCTzZo38fYhRwkcX3O54z23pqjgb-9Z0pu5xbKiBUI_EuIYHLLVB56ZwhfOEz6xSj-gMx7a3c3RPlRD7p50a5j4Sd7PjZCvenQIvBgVRHpuXiBip4Tzo2JwRbDSBziJZnGcA0OErMwWsSTTB-f0pB14qgOKLV0FiOOb37YdTuiAvJIoJiGCjungeI41wuPczhAY0EMKQ0YdJwh90yktwmJsaA5EfPWTiRyQCkBVK4UruzXBT_QkQ0sWKCHXsXLEngigKy1P-KAsvwm93dgBqfmB6NNudLvXUbLOZjIQA-yH06RoPjM4F7CFuDKjF6_s1L0szFol-zapZBPXrxveEJgHiCS7RdIS9h9ei0KWAp3dPcvPQ59EEeR7g5-HkSdSVPL1-pg8Z22G3Cki-uugzN-B6Iver9b8gEoWuSdAW5zBaTvx6AKsreb5Y9zHxG08Jn_D_jm36HnqXDdUUPix5cXBn8XoeEDzopJk1XwpAc0IEcvNJcmwgRzBLVINogucSZb_7fRUmztmHzKaug86LEi-06pltWzIBG-WnOwqfWaYqUmV3q3uA_vxD4uRZ9pMHbAwfHfQzgycSdkiIltoIff1v5vh-v7qaFmWqhhA7qpvDfcxFuaXjYW_t_wmyx8DwKGuZISmJv0JwnKo6HHPtFQfVDD3v_YHlKoOB9AbuuN5kPbjeaP5keUvwNWvcslwB6MPKmHXtpqz-Tq156oiB436z2lp3FkAEF8-rHPhebd71NmmijBmyzg8RhHf5eiRFBmSI1e4pDMH0Nx51vldJwXddlV9K3SnrXfqNi4F3FrD-fpGPiB5RdWu6FhKwP0lsXwyob8myYdMig3AL_CvK86CtX4M_oRHOOzUxJZ6STqzc8FpWms2f1HfnYZ-o0dE4ZJV3tVdJalRwkMKhZAipNFjL-I95p808E8LSLXyugU8cpB4yZsBD7S3ITU4uRx4CNglP4nUGQKJAzpDvt1Zr6M1j_knIlL0I6JCP1PBBwsLKvPdGQlcFsdEQpZ3I7yyPa0U-hLnxjW-gr7Y0q2_2LxZqfjzHpJ1fnNHxp38Uf34FGSs2IO2cW59DZlFOHKN4r9b-0W-EnA2KVuQ&cid=CAASJORo3g0waLppKuWwIld0OOQkpwFkvSpXi-CRc_kR-Pw6CCmldQ&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
446
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
server
cafe
etag
16554960040364120486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 02:37:28 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5605097281663783594/ Frame 7542 		66 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5605097281663783594/index.html
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6530d068bdececb91f453d3db60077ece7babf74be302b37a129de7f6389bc3b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
234769
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
23268
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 09:32:05 GMT
expires
Sat, 23 Sep 2023 09:32:05 GMT
last-modified
Thu, 10 Dec 2020 08:33:16 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame CC2B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CaGwkJRIxY_rNMtaCgQf43oGQC660y8VgtcXc_-QMwI23ARABIKqAwyJgu4aAgNAKoAHejoqFA8gBCakCTPfOg6A3sj7gAgCoAwHIA0iqBO0BT9C-es0_llCn7b2li654h-Axen_3CfxxSsiKy8xCoMb-Zgxh01HFqPkX6wfdYyeMa85FYNSM3khwbDcBy8tYz7uah2M2_ufa0MnUibhNGUvFZ0uhnr84wJ6IBAgDjyC0PcqCwmSpOuwzexMKZMVtqd5uE-B1qwvmcfyrLNggw7Jf7GcHRUXhqvUYptYxIXQu66jSlpMDyR6WjH-t3M3umzD9Z4KTQJcVH878kvYJXqFrUiMGMMBTTGsu21qPVE4OnoDxbYhARF0kki9QbNshvyjute02O7zcXGNIsEGJtn1bYRjvEfiphcIlbackwAS36rCwrQPgBAGSBQQIBBgBkgUECAUYBKAGLoAHivH1eqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEICOBdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi05MTkyMjIxNzc2MDk1MjIzgAoDyAsBogwIKgYKBM-nsQLYEwrQFQGAFwGyFx4KHAgAEhRwdWItNTUxMjM5MDcwNTEzNzUwNxiS7yE&sigh=l4pPHalJ5Cg&uach_m=[UACH]&template_id=419
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame CC2B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:23:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1309
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9559
x-xss-protection
0
server
cafe
etag
12142024561622733046
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 02:23:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E8C1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 08:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
323429
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 08:54:25 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2BD5 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
55419
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 25 Sep 2022 11:21:15 GMT
etag
48472445140208031
expires
Mon, 26 Sep 2022 11:21:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E8C1 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
492decf58dbf468199bd31b293adcc16168db5ae8eaa410069af768cafde1900

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 7542 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5605097281663783594/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 13:12:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48754
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2655
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 26 Sep 2022 13:12:20 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7542 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5605097281663783594/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aafb3ee79dc18d6ddc6b5c5503dc051c6e89d25a801b243cd4310ce7e0eac5ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 09:36:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61714
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13218
x-xss-protection
0
server
cafe
etag
5545325275904357113
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 26 Sep 2022 09:36:20 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 7542 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5605097281663783594/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 26 Sep 2022 02:44:54 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2687 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
2005
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 02:11:29 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame CC2B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 00:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6446
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 00:57:28 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame CC2B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 01:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3403
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 01:48:11 GMT
dpixel
cms.quantserve.com/ Frame 2BD5 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC2RoGXuuCkWFxuoElFGLSo&google_cver=1&google_push=AZmPxg-gQcKqHVFDQIwhitITZpR8xT--7NMn0ex8Ku8sbFVuP0Tf4XWi1sUkG-DCamhuHzWGQ4W1xJcbPh3XX1-8ZV_WfV1LW3z9iQ
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 2BD5 		0
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMmRCQLsoNUk5vg3BZLI9xo&google_cver=1&google_push=AZmPxg9I8fqqOMVCVm8Vdwn2APDV1LI4jcTfeMtT_yyBXPbGd_V3FUYYvZKa4UkeM_ij6U29Z7CSUT_FZl9c0oq1aaAeIbhFEJi_Bg
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
via
1.1 varnish
server
Varnish
x-timer
S1664160294.446566,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-lcy19247-LCY
pixel
cm.g.doubleclick.net/ Frame 2BD5
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEAOwCGF7WoS7h70KPQLBWT0&google_cver=1&google_push=AZmPxg_QWcN3ZkSbjRTbvtbwy6JWo3eLW-FAKEMZNmqnUjS5cMQS7IANnhkIyqZY1iXO9yO2RxZFX...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_QWcN3ZkSbjRTbvtbwy6JWo3eLW-FAKEMZNmqnUjS5cMQS7IANnhkIyqZY1iXO9yO2RxZFXqMN2Buz6Jvwyo2lC7pKFnr_
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_QWcN3ZkSbjRTbvtbwy6JWo3eLW-FAKEMZNmqnUjS5cMQS7IANnhkIyqZY1iXO9yO2RxZFXqMN2Buz6Jvwyo2lC7pKFnr_
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 26 Sep 2022 02:44:54 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 722C391295874BC3B8236E34C4284AA2 Ref B: LTSEDGE1120 Ref C: 2022-09-26T02:44:54Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_QWcN3ZkSbjRTbvtbwy6JWo3eLW-FAKEMZNmqnUjS5cMQS7IANnhkIyqZY1iXO9yO2RxZFXqMN2Buz6Jvwyo2lC7pKFnr_
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXpi4Mz42bYtw2ftPC1fQ==
pixel
cm.g.doubleclick.net/ Frame 2BD5
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENmR2cAqhv31p7g9KVeNz8k&google_cver=1&google_push=AZmPxg-JNfrjTRnjvQ89VSyJXbsFwlsN8ct-nc7oGoeQ9ZjUol9tWj48-3MdAarHb8h66uQOkLLe-OvTVWD...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg-JNfrjTRnjvQ89VSyJXbsFwlsN8ct-nc7oGoeQ9ZjUol9tWj48-3MdAarHb8h66uQOkLLe-OvTVWDelKvMch66ZMS9X8Tu&google_hm=ebbFj_tVSWClo9LOt85vCmk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg-JNfrjTRnjvQ89VSyJXbsFwlsN8ct-nc7oGoeQ9ZjUol9tWj48-3MdAarHb8h66uQOkLLe-OvTVWDelKvMch66ZMS9X8Tu&google_hm=ebbFj_tVSWClo9LOt85vCmk
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg-JNfrjTRnjvQ89VSyJXbsFwlsN8ct-nc7oGoeQ9ZjUol9tWj48-3MdAarHb8h66uQOkLLe-OvTVWDelKvMch66ZMS9X8Tu&google_hm=ebbFj_tVSWClo9LOt85vCmk
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2BD5
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEOg2subNiJCagvZZMa1hRwY&google_cver=1&google_push=AZmPxg-3EA4mlHT29kWF1eiWC91-QLE_49nE2XcyJf85J5nsbR_e25zzoh3QPu9WbZTrU4FDR1JHuryBMdUkWTEl67Q0pRvy-eFx
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Qjc5MkQzMzBDRjNFMUFFOA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Qjc5MkQzMzBDRjNFMUFFOA==
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Qjc5MkQzMzBDRjNFMUFFOA==
date
Mon, 26 Sep 2022 02:44:54 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 2BD5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFj715093N2zNR9_eW11iCU&google_cver=1&google_push=AZmPxg-3_n2RnDb5n1PxiVbtTBdZt2GyieZ2dqR0McIdmJ60b4Hfl5MoLUxJDXDa01TGcOZbPK6xv4WBqPFKGzED34Ea...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFj715093N2zNR9_eW11iCU&google_cver=1&google_push=AZmPxg-3_n2RnDb5n1PxiVbtTBdZt2GyieZ2dqR0McIdmJ60b4Hfl5MoLUxJDXDa01TGcOZbPK6xv4WBqPFKGz...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-3_n2RnDb5n1PxiVbtTBdZt2GyieZ2dqR0McIdmJ60b4Hfl5MoLUxJDXDa01TGcOZbPK6xv4WBqPFKGzED34EaG9i8NHmS0Q&google_hm=4GYj3gzHQIueJPCsbHgYLA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-3_n2RnDb5n1PxiVbtTBdZt2GyieZ2dqR0McIdmJ60b4Hfl5MoLUxJDXDa01TGcOZbPK6xv4WBqPFKGzED34EaG9i8NHmS0Q&google_hm=4GYj3gzHQIueJPCsbHgYLA==
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg-3_n2RnDb5n1PxiVbtTBdZt2GyieZ2dqR0McIdmJ60b4Hfl5MoLUxJDXDa01TGcOZbPK6xv4WBqPFKGzED34EaG9i8NHmS0Q&google_hm=4GYj3gzHQIueJPCsbHgYLA==
Date
Mon, 26 Sep 2022 02:44:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 2BD5
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEH2HTbImuvpuANoUIEoDNOE&google_cver=1&google_push=AZmPxg80LGjavycOxymGREZKh4Hksy-s4vWJ9USOxOFa7c9H5VK_D36cZzwEgP3Rbyfarl8ja78nU1zOmRPQgsP0jD3Ac7k0sf9o
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg80LGjavycOxymGREZKh4Hksy-s4vWJ9USOxOFa7c9H5VK_D36cZzwEgP3Rbyfarl8ja78nU1zOmRPQgsP0jD3Ac7k0sf9o&google_hm=ZzNjNGI1YWZlNDI4NDU3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg80LGjavycOxymGREZKh4Hksy-s4vWJ9USOxOFa7c9H5VK_D36cZzwEgP3Rbyfarl8ja78nU1zOmRPQgsP0jD3Ac7k0sf9o&google_hm=ZzNjNGI1YWZlNDI4NDU3MDBmYjc=
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg80LGjavycOxymGREZKh4Hksy-s4vWJ9USOxOFa7c9H5VK_D36cZzwEgP3Rbyfarl8ja78nU1zOmRPQgsP0jD3Ac7k0sf9o&google_hm=ZzNjNGI1YWZlNDI4NDU3MDBmYjc=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 2BD5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lid9LRngQpWe3xaSZNd3zlVNEXDxzwtN1QQfiXOOfYQEAFYRbTBCEm9ArJ0XMuInbxcipB
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9E18 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
323406
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 08:54:48 GMT
expires
Fri, 22 Sep 2023 08:54:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 447C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 02:44:53 GMT
expires
Tue, 26 Sep 2023 02:44:53 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/ Frame 5AFD 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77ae105b6d44f31d97fc180c0c827901d4fc211427015b663b6b93edcdb6e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3738
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 02:44:54 GMT
expires
Tue, 26 Sep 2023 02:44:54 GMT
last-modified
Fri, 16 Sep 2022 13:56:25 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E8C1 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssR3gYrNtVh5wkwiU83lZw54TVE2jjIRiU3HZnsDkvtDW9WSQDyohwMNaqEySC9SkVU8Sf3gt4SfF2J3wPGvb2ZmM2VuG1QCKTe2w20u6ndWBE61fWR4mKvLxPPO-Pu2gvNpea2_UTcZ5wgxdgJIxMqLBIXuhqs4jgHJcaVFap6TvGwZOY8jdWSeQZMhsoVXkbkDDMPWbS5tjxEVXG8aYkHu4ofgn8Y30QTgyU4sF_JXrwKH8Erdj0EjFhWbWtCzFisTmAqu0gtPqGAS0RnQg9TewVhfmDQ2Ek7qF4-TosuGJfvQIPm7J4CvE-UcGp5YueeQjl2HsBEth5deCO3z0s7XTFTQc4OICk51I4j5bCpXF8M_iZv_EDVlY5SqAkiAKSK7SoC1Ti4zKLD23pQHcLJlHi7_BAOuF7O70fbQJqEKqj_Cgfw6eR0s9mMJVRGgPnhmTJA21HOmOqSGjTWAGx-O58_AFryqtVHByrlFOQRvIMjkxXe4cnHchf2kRv3wTEtrTA1fFapqPQayDfQMS9gy8eREI-NDH6_2uA_3eu-Aot_xhc3h6vMQ-V2twzjoVJPIK1mosaB6MrMawvJxO6eQE7Pl6htG-MUs9i-rGy59uUr2qbrxXcCdQQuFnQZnf_vLT1aKcZvDjEkxZGh7AODn_XUzEFzMSsvzuocyWUsN5QgTWbuE4FgAFWyZHr2YJZJXjMArd30Z1JAAUDPNaBkA1uf-Qd67nrC7I7cBkY8b_LVoqepFEhvgwpvez0DynvQNcsGHDIMdL567gAucrwBDkZGwcwQL6fP9zxKXMUFjICzcdOWizA1uN-Nq1MsVmGeA-1mJ5A1WSzKRO6kjNGDPT1Rf0aUGMqrlDAlgxlYJY4B01QFZxdbbD3vknRIlEtrmfLOfaTVygwwM0Fg3Fiu4b60SqdSiHKsmdRnVNuiu5EXV2EaExoonL9AJljVyqGuxFvGd74KH4zI3CaUSdfVVy0pzPrl2lfSIAOWOf6MRecqoWh7oARBSykRVtZEZWzlXooGU1cunIGtdZEkpDmR-whfq-_ee4SDrrdFyjNkZwO1I3HdGeZMoFeNDY4NMds1gp1kByzAkQjsOsGAsLwLuq_NK4MTQXAiukWy1VwLdKAFmeWhD3duFG_ceHfBymOzP2W5A7y8XFHjBaTarrOrTBlXmcMZfDX6iW8z1CReW9g8cPOZKCrkQZmQ3WVILqBHyGdSnBt6nrntnN9WcJ6Izk4DKI9eZ8Bqkc2l_0U0MppxiVP2X3Gb7Ltge1EifsyHIEC-Jg6fU6eHAQe0A0giMJJuylHFPcJXCihozzeaO345XBzXssiw0zpO4a4&sai=AMfl-YR_UCOkzYVoHQUKNSn1fvCy0aTNEGLn9xmaRIfGUoJFiraXoOKo1GeodJBYaSu1g3sQ17HnRxCK8sIrs_iqvBNKwJQuEbuDLqWPZvB-msf75TXKR0XnoZGaYzaeeLehPXo9Ios2aIuy8dMLf-KcB5NseOJpYeKq5rgl9lyMUAC4LIfKgkxXCWrDksqFqYc-OG3EAom9OhxezWe7S76I0QTtVE2mHL50byc6AJNLRvdHSNp3&sig=Cg0ArKJSzPC_AYojkfAdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=207&cbvp=1&cstd=202&cisv=r20220921.62382&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 26 Sep 2022 02:44:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
l
www.google.com/ads/measurement/ Frame CC2B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQF20Kz5bTaLpjRiDsamFQ3DwInCX9EeZPK59pQzgj1s8vqjrHlGpe1vDx-mtXi6BdwEWTD0zqNAHQVzn1W8j4UmcR0wA
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CC2B 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 02:44:54 GMT
truncated
/ Frame CC2B 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
571faa925d7717aa16d0e8fcf8bbebdc71a822771feb80ff88940e8e47ff6039

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2687
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 02:44:54 GMT
expires
Mon, 26 Sep 2022 02:44:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 02:44:54 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:54 GMT
content-encoding
gzip
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 27 Sep 2022 02:44:54 GMT
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 9E18 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 21:45:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363588
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 21:45:06 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7190496471749427572/ Frame B0F8 		77 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7190496471749427572/index.html
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
197f78b3a280ec5bc36af9031a7008bee1982b9d7bfbbb71ad40e0cec3979ccc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
467720
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
26247
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 16:49:34 GMT
expires
Wed, 20 Sep 2023 16:49:34 GMT
last-modified
Thu, 10 Dec 2020 08:33:15 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 447C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CyQgSJhIxY_GsBsKwx_AP6tye2AiutMvFYK283P_kDMCNtwEQASCqgMMiYLuGgIDQCqAB3o6KhQPIAQmpAkz3zoOgN7I-4AIAqAMByANIqgToAU_Q7aXValyPJzH-DwzY_vHFV6KnNbVF9JlKjLX1G_yEX_ETD-_jC7Yvf8NlmUN0iTlX3vbJJmhFGOl1OBM1VNTb9eQmJ45UOH0j_-Bu5gxa4tWNnaXZ8osY8-6SlgCDASctKhoA00iOD_98ZIZnEq3USSlx0ACf9oTSi51JZtPtVJyfgjVXM_d9NWecpuzNIYlLyjJO-CfuRydK9HJ2HvAQk4_CsKqpnOd5uT1sXvEvDrtmJoPoKF_Fr8AHEXiJHfxhsrmW6zGHllgG71PJpI7IT4KOcz3u3QR_BGIunR1yX0grZBgRAxrABLfqsLCtA-AEAZIFBAgEGAGSBQQIBRgEoAYugAeK8fV6qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ7rQH0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTkxOTIyMjE3NzYwOTUyMjOACgPICwHYEwrQFQGAFwGyFx4KHAgAEhRwdWItNTUxMjM5MDcwNTEzNzUwNxiS7yE&sigh=7a_YlWqr2iY&uach_m=[UACH]&template_id=419
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 447C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:23:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1309
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9559
x-xss-protection
0
server
cafe
etag
12142024561622733046
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 02:23:05 GMT
adlib.css
s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/ Frame 5AFD 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/adlib.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
437b62002b3aa74ee137d19b391dca8654b56dae86142648176149bc0d7b823c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 17:32:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
465161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1976
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 13:56:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 17:32:13 GMT
adStyle.css
s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/ Frame 5AFD 		5 KB
832 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/adStyle.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67aabe986491a87b3c73d96b8546ebc1992ce2da06d7582c69166d409cbd3bc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 17:32:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
465161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
803
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 13:56:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 17:32:13 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 5AFD 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 15:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41135
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 26 Sep 2022 15:19:19 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 5AFD 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 26 Sep 2022 02:44:54 GMT
Line1.png
s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/ Frame 5AFD 		90 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/Line1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26257f526f756a7a174e3594f12fbfaaa9433dad761332a05f24e61af3e86269
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 17:32:13 GMT
x-content-type-options
nosniff
age
465161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 13:56:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 17:32:13 GMT
Line2.png
s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/ Frame 5AFD 		90 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/Line2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26257f526f756a7a174e3594f12fbfaaa9433dad761332a05f24e61af3e86269
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 17:32:13 GMT
x-content-type-options
nosniff
age
465161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 13:56:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 17:32:13 GMT
adlibUtils-v3.js
s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/ Frame 5AFD 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/adlibUtils-v3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 17:32:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
465161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10657
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 13:56:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 17:32:13 GMT
animation.js
s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/ Frame 5AFD 		7 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/animation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
401aeeebb9ab58cc24707d8a03534d967605fe913d578a740adcfff2ba9c7d28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 17:32:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
465161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1309
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 13:56:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 17:32:13 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame B0F8 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7190496471749427572/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 13:12:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48754
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2655
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 26 Sep 2022 13:12:20 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B0F8 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7190496471749427572/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aafb3ee79dc18d6ddc6b5c5503dc051c6e89d25a801b243cd4310ce7e0eac5ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 09:36:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61714
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13218
x-xss-protection
0
server
cafe
etag
5545325275904357113
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 26 Sep 2022 09:36:20 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B0F8 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7190496471749427572/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 26 Sep 2022 02:44:54 GMT
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 7542 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 21:45:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363588
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 21:45:06 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5DC1 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
2005
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 02:11:29 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 447C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 00:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6446
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 00:57:28 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 447C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 01:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3403
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 01:48:11 GMT
logger
analytics.vdo.ai/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.0.108.65.clients.your-server.de
Software
openresty/1.19.9.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 26 Sep 2022 02:44:54 GMT
Server
openresty/1.19.9.1
Connection
keep-alive
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
vdo.player.js
a.vdo.ai/core/assets/ 		651 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.vdo.ai/core/assets/vdo.player.js
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.105.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e32695eb554644820130b6b6c39187282bfaef34cf5b88b9a8c9b10d2da1e03

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:55 GMT
via
1.1 varnish-v4
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7508a913cf9f7318-LHR
x-cache
HIT
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 23 Jul 2021 13:25:49 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LnqkCUGrJ%2FNGHb7TUhJpgQpwwTkHQoqG1dkYL9hqjIRJO0dZhQXix90IyZyXTnmZl4zM6onZe69D3Psyh2SGsD2VGN108isvjJ%2BK6pQLbhnLlZSlMWqLpjd1CA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
51982423 163851
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
public, max-age=1800
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
rtb_v6.24.1.js
a.vdo.ai/core/assets/ 		450 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.vdo.ai/core/assets/rtb_v6.24.1.js
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.105.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f48cb3b87eb20bd424c98e36cf7b228f52239e5b9265ecf20b4f8598407af88d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:55 GMT
via
1.1 varnish-v4
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7508a913cfa07318-LHR
x-cache
HIT
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 01 Sep 2022 06:21:51 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3%2B%2FGXPswxtOYjiggXVUPJLM%2F7l2RULRLyOc8hRcEDy12nBJtE2kIUlUbsjbgyF1bwicTWLlNh3BsI%2F87jAbmrQXjJY8wykygo6uP4TijQBV2mtPsQQFOwk0eA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
52892588 393232
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
public, max-age=1800
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=251655650&t=event&_s=2&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=initVdo&el=subject&_u=SACAAUABC~&jid=&gjid=&cid=2035559868.1664160293&tid=UA-113932176-40&_gid=2021730375.1664160293&gtm=2ou9l0&z=147931788
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 05:04:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78021
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
container.html
3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9814 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 02:44:53 GMT
expires
Tue, 26 Sep 2023 02:44:53 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E8C1 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssR3gYrNtVh5wkwiU83lZw54TVE2jjIRiU3HZnsDkvtDW9WSQDyohwMNaqEySC9SkVU8Sf3gt4SfF2J3wPGvb2ZmM2VuG1QCKTe2w20u6ndWBE61fWR4mKvLxPPO-Pu2gvNpea2_UTcZ5wgxdgJIxMqLBIXuhqs4jgHJcaVFap6TvGwZOY8jdWSeQZMhsoVXkbkDDMPWbS5tjxEVXG8aYkHu4ofgn8Y30QTgyU4sF_JXrwKH8Erdj0EjFhWbWtCzFisTmAqu0gtPqGAS0RnQg9TewVhfmDQ2Ek7qF4-TosuGJfvQIPm7J4CvE-UcGp5YueeQjl2HsBEth5deCO3z0s7XTFTQc4OICk51I4j5bCpXF8M_iZv_EDVlY5SqAkiAKSK7SoC1Ti4zKLD23pQHcLJlHi7_BAOuF7O70fbQJqEKqj_Cgfw6eR0s9mMJVRGgPnhmTJA21HOmOqSGjTWAGx-O58_AFryqtVHByrlFOQRvIMjkxXe4cnHchf2kRv3wTEtrTA1fFapqPQayDfQMS9gy8eREI-NDH6_2uA_3eu-Aot_xhc3h6vMQ-V2twzjoVJPIK1mosaB6MrMawvJxO6eQE7Pl6htG-MUs9i-rGy59uUr2qbrxXcCdQQuFnQZnf_vLT1aKcZvDjEkxZGh7AODn_XUzEFzMSsvzuocyWUsN5QgTWbuE4FgAFWyZHr2YJZJXjMArd30Z1JAAUDPNaBkA1uf-Qd67nrC7I7cBkY8b_LVoqepFEhvgwpvez0DynvQNcsGHDIMdL567gAucrwBDkZGwcwQL6fP9zxKXMUFjICzcdOWizA1uN-Nq1MsVmGeA-1mJ5A1WSzKRO6kjNGDPT1Rf0aUGMqrlDAlgxlYJY4B01QFZxdbbD3vknRIlEtrmfLOfaTVygwwM0Fg3Fiu4b60SqdSiHKsmdRnVNuiu5EXV2EaExoonL9AJljVyqGuxFvGd74KH4zI3CaUSdfVVy0pzPrl2lfSIAOWOf6MRecqoWh7oARBSykRVtZEZWzlXooGU1cunIGtdZEkpDmR-whfq-_ee4SDrrdFyjNkZwO1I3HdGeZMoFeNDY4NMds1gp1kByzAkQjsOsGAsLwLuq_NK4MTQXAiukWy1VwLdKAFmeWhD3duFG_ceHfBymOzP2W5A7y8XFHjBaTarrOrTBlXmcMZfDX6iW8z1CReW9g8cPOZKCrkQZmQ3WVILqBHyGdSnBt6nrntnN9WcJ6Izk4DKI9eZ8Bqkc2l_0U0MppxiVP2X3Gb7Ltge1EifsyHIEC-Jg6fU6eHAQe0A0giMJJuylHFPcJXCihozzeaO345XBzXssiw0zpO4a4&sai=AMfl-YR_UCOkzYVoHQUKNSn1fvCy0aTNEGLn9xmaRIfGUoJFiraXoOKo1GeodJBYaSu1g3sQ17HnRxCK8sIrs_iqvBNKwJQuEbuDLqWPZvB-msf75TXKR0XnoZGaYzaeeLehPXo9Ios2aIuy8dMLf-KcB5NseOJpYeKq5rgl9lyMUAC4LIfKgkxXCWrDksqFqYc-OG3EAom9OhxezWe7S76I0QTtVE2mHL50byc6AJNLRvdHSNp3&sig=Cg0ArKJSzPC_AYojkfAdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=508&vt=11&dtpt=301&dett=3&cstd=202&cisv=r20220921.62382&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 02:44:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
l
www.google.com/ads/measurement/ Frame 447C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSGhfZ2ZTxCEIuZxegbnmafgMHztBbVhFVnaGoVOfdtE-AghewNwI4jnN6HELH478Ov6cJnPtw-HFJCfEIRkqyx0-uHVA
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 447C 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 02:44:54 GMT
truncated
/ Frame 447C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab98662410a6a4b8c7ea68edc9b6b195a8c9c6de779f06889c20959c646c5007

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame B0F8 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 21:45:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363588
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 21:45:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5AFD 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b6b404a6284e3994181e1b900ca645fd580ff3e780f8d96f536703b6c4c74d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 02:44:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5686
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5DC1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 02:44:54 GMT
expires
Mon, 26 Sep 2022 02:44:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 02:44:54 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame DBE0 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGKiD7tIBMAE&v=APEucNUJFAZ3r96uUDgJQx3LD9R4lI_uSPj1a1ROtavFs3FZUkvY3cdQGE7liI9Une-nTIEaE85xZsQaYhKexGAGi2cMIINp0z2W7KbYvPHD9E_uCGWbBLWjkwKsD8ci6SaTaIEkUbi2NLkoDg-v9FYlqmwjNfB6LP49EzaBoYUW4pXoJFeQcPcc0ewgxj4xub24PUufALpU3uOa_Rz0RXJZkqPbklvLsQ
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 02:44:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 9814 		28 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DWqrFDoKSNmFyuO65SO1nc4Yb3ikL9S1pvPYWmtn5EVT1mGaVF25Kr9147pFvnMkpfbM-fVG3MMjIpiNRoMdbQ_Zzcna63_SaZ-GHTg8jry_j7NskjmCS17oova4OJ2lgHfbbR9Zm99LAwcj018_nz9-GESiZngkfI2R1frKSOFT43xm4&cry=1&dbm_d=AKAmf-DMotrX7DRZ30vGvDmeT0PiH6ENO6AT4U1ETGJNk7utVU-KV50bt6oIhoyFxz8Dw2rCuRxeVMq4Vc6BMSxuLTVhwNb5x9dFTrvuMrBwDclZD3tLNr111hMhD4HDKBCpTS99gWGUMIplaS-1aJerzjDAzpJKgJKHdu0xYupcrDiHOAflBT6XuYo4iainQOJzWD1DOIIR-hgYJjSNeO6RuCq4bercVDfS9n1EZ-mBhMG3debwhCbMXqO_lRwyBVATuUUIF9H4nt84FYJbgurfliZCocD5BP9hGMQbw95OpcWKVE7rWF56r5Qq3fnZadA2itm1tzkkXC6VD8UOYr1nIXmNQJigMAWe1NqwK5LLSKrZLNzvNB-4VBElX2BpOBiji0BDIfnG3h4LMZRmYFO_Lyt9MrDx7XEfw2e-oYv9k8F6zKT3j4PQopoQlIKnetZC0Pz1KCDrGRUwnC_qXQvb4BxZl-P0A52FwVz2jUPlVyCFBK54h_V4RYTsppZIJDBGNxi4wnFHY3K0ZlAQ87ogFtDkEdSqUICa0AHO1TQTXZ4GZ6IrKadnBTRadTLifoMP1dmSlzHv3QsQAEMkzap_q65oN-3nvdBwgzGoRhdS0zVaoXeBwPPeC9NOsXRfupA0m1McOVMDWIhBKZWA3BwTi8Tjbs9sDIAj9ielwpDQkH0yyHKy-Tc1-DqFsNEraeiH5F-96V-hFdoCTdsqVxoZzTLPB5jBvXeKm0RaKTxOefDslnFTtv9QaywMHqKLQ79qgIZNk1zm__XdoqjfPhQ7AX9D-drpK0igxlE2jLKrVAnFClomQsrtNfUIKyM0vrwZ1YauEjIuSJ6SwaELi56XxlseSC6xU-b764DyJhN3qWomz764UZYlcRY1QEy6Fh9oPfXU3LD2DO-sqqKiqY_WhPk2cIFF60r_en_Zjs6LqKb6ScuHKHEpYrkJd-AfJIT0WzoNjJR4a0vdzD-NYKSxeYBlOfBGC7jmVNwMe1IkkBGTKAy7iigNmJXasnXA4X_ya9uEBlC3TL5N1HsFu9QceLZmy1P6f4s-d6XXguuLlRSXu9nmOCwvAJ-pUZTN_GrZ1j5_wvRjXglb753dKbrjEF5TmMF_2c7IdC_KtPdehnBOLFs1KFwKRYLMgBc2sX_7adpS8-gVR2mtYDoAIuwxdPhbFb6tWxLRSWbFc-6bfCFzP0Siy5fLvYRAFsMCrFNFq4xx-DBOrvYjzu2UKYjzNNETzKCdsQGJIVrBkltknQQTOY3Ru938YCgUdq62tvc8FaqspAbRfKIqk1FRERGmut5l_nk1vH8Qjzm0jSZKKqZyV1W4C340HhtyD4R79ZK7b5X6xlfzzQi-Q7nOxHlxE4cAcu-WOQynxvBbQmIJGfceoN0YBUjtjK4cMiFxPMQXD8XZSaxwTv1nVI3FaA-pLgR1Y3k4jJQsK-5_bbRhHSXfkXLm-t2AC2olT0Ck9zurzl04wfo9i10XGN8kTLRMGkmIDG0U2ZUVXN7484rXb5lNRXervOU23lNvV7hqraj5lTc0yzmIW3zLkDy6IIPLS-CFt80mi6lz0T7IUwFZ62HgVp5ouLuOfnTvVMkZpQPXP5wjI7-qSC1cl38QQyd4d0DiJhhKY8gJDnAF9wpeXAt968C2l079uhfyAcGk-45bA3Op83p4kAVCpyC1cftiJstJns1mwPQWqsikuQv9FsY0kjH0KHkeSvu5vjWM1xhEevT_zIzef61eaUuCV_eNaofDYQkHFMbu4DzIRpd5ztxKPqlWkq9o7tz6Q10uLEW6RqjeDGJEkwGuLutPA-Q-0tJVvyLP2ZjRa_DP21rR8YPQRS-V0IQe_KANk9CW3W9nPTN-MFTKNmvjrcAMFmX9Z1tqppDQlNFyXMRFFUWF_Pbv5BnL5qxZOb1q--iyhbmY5GXAWRX3Wq8VYzH3vlcuhPflWqd5MycdMULBrMImauNeoA9wfxA3UUbF6TGbTeJOiOXog6eU4fT-ycf2wrC1cvcBKx_UZ3UapZERwasXUHwvJizmRZAI1HNVr9r0vIr6gEUNEZjUV64S4fdI3Fmy59mKr-oZRUSjq523DxAgplDIPFW1EgaLcGpDtwOOKBcLjSzwsVipj3AghcpNuiJYd1FC7zSSIeXIym9P5B11gSFbQh3Nnpk4LZk3oYVFCcus9_6shDfyB16IuiKRR5u3hwOONuK9QAqqeFHX5uphKQUs1ofn8x0JBBKO6i7E6IV-4O3AUbY5svjt-HJ-P-3O3MboCuE5c2JpFr7u45PRC0vi_5orWlEBMttE6-lDKUSb-5DBG1CoYmQwxlIOpvQ7rMaNLUe0PUEHV6JUPw285HCbIaMnuKNJnqw1aXTu3Dnw7dD_wW8I0rJqKleI4WDCCLro_byDL3s-uS3YKCQX_iMz-K7Rc5kClNdMFvivhtTtPuq43Lv19N9YAPZF6Et4LfK4-erXQpireLNLVM7xLYMAZed0NYI7oOyQpbD71XR2f6QF3ZyBrLIfZR1AIwyb9-JslnYZ3Ig80jIvpFeo1eE0CE6o6vqlc5aFerU-tKt1g6fw89GSB_2ZPTSHIzIR8lTSlw_KDhwBcwEkWe8abAx7c04kv6r7bBtSb1wIcvOAZTkCVeA80G6Y1qsxu2hSEiyw8KQxAKuEF3wF59TfdodAo1P-B9ZgiBH-cLmea3xOOm7NO13CvhqwWbrZ3tTQGJ6BXEXIiN3tXFheKM9viv-uOcpEL4j59Sp_jVJXSp2_m6Y-gbqLU7NoQj4TdoegQhDhttFnLCcobT1pCkPbequzeNAEU8qmD2neFlFIz8YpBAB9ldZ3XmSpRclMDOpwZ6lF24h0NwFkvcbV-s7p2fvuV9wOFfx--rxO-fIScOogjFj10qqY_d-j4nT5LP8R5CLy3-remt3u7HBqksYXyQzOYdoRhjf2Qif4cTvfl2URWWDtrRtaTDZTfMJ-e1_9BKvGEi16hk49wJVHOsL3vKUcOm7gA_Nb9WKhf4vFUViBwVWsDLgTB758DDH05M0ZeXkUvKAJKZKNpu3qeSHZcxvOA7N2tQd326Vv12unozraMm0gSbQBo6Of1iECukO5AzdPuTLm6keCxipN5wwAavZ9NeqX_htgpNXYH7E7JlVxHqINRHA-x6OH36_ghmEBxedHH29yEqqLSqjgjUS5EF6kFh4sAoREDGrzioxygDShyKBHBko0fhu4mb3n5N0iBJBjJ6Jx1paYL96Yap0odDZoIHMs3Xeq16VqYmxq5aA7OaGQNA6gaRMuRVTSL4SoOTqrBiEW9fVRvnMnuGlcjzlhfiVcuFXA92YlzPX-8vp4wnX9LXEFm0Gca0bYr1ldRVH6roM36tNz00N_xFrRFLhIWHXQJ12X-J7pmYUrTVeHdtZ9tL_LcpFm_10xf0EcBJ2c-0Vimsn84JlS17vKkmxgqKS-7SQzt4YfWCEeiyVaWAqg2XDnD42guv6ChteHquRYF3XGtJB0lU_eF_YPDUWmqkymoP9aWA-ylY14K8SrxfudIy8OeXGPVK4LSq7rEnUNFRRXa0oBYajTCA3U9YmzZJTSZO3qTzgL6iaVJbj8ojwbE3474eOSXYoUYfYYOyewPauOjw8IX3nkXw7SIrvv5w2fw-auKccCakR4XkYSFmfg2LYo_oemWNyriZ3QW7kX7fcEiz0QCaxAk2f2x4hpwr-FCirEw9nXU6h-1Wn_f2Lv3YUeENxh1M5Wa7Ip1h_XIZB5ziLv8K7JMIcMNGe1zL4vSwpSdixFvlAskF4q1HvHgfEwH3cau5QxyG8VMSjKnzcGanA5ppK3urS-lgLtIA7ucy616xWkybFShqYliSOHtCne&cid=CAASJORolrIQskAyjKHs4XCAVbXJwJBD00bknjxWjpuNmERWalCUCQ&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9378552ed88555f9834b2511b350b7d144e1c09a76e4a37048caf89b1d582c2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17107
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9814 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BikxPOlmyx1EARwkAyISc_VokNWtqDNLZEIyxAs3IExXuGXAZteai-Kk8I7l_ZVYhcMmFX0sZRPQCtIpk6XADdqBqgIU0O7-FsDkrmBs85Obfp-yU
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
fw.adsafeprotected.com/rjss/www.googletagservices.com/1168448/65593785/dcm/ Frame 9814 		236 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/www.googletagservices.com/1168448/65593785/dcm/dcmads.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.148.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-148-45.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d8ae2456d454bfef06d18262ce0a208af8484bd148ae9d716d2ae91ef806bdfe

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
jload
pixel.adsafeprotected.com/ Frame 9814 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10933&advId=22571342&campId=15011189519&pubId=1&chanId=42757578513&placementId=442204584&dealId=549644393847897261&adsafe_par&impId=ABAjH0gBz1JF1V01RkLttkL1Ajiq&bidurl=https://subject.com.ua/
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.71.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-71-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f1d73b245960d6e7ae79aec14d64b70dd05c6b9489e4172725d62c27312dc4ae

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 9814 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 00:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6446
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 00:57:28 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 9814 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 01:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3403
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 01:48:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9814 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 02:44:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E18 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJofdJhIxY_P5BY2p3gPqyq2IBAAAAAA4AeAEAg&bg=!AwClAETNAAYIxsuQKMY7ACkAdvg8Whl7bv-OIRHZkXYn5fv7i7iO95nSBl1D-1ruv6ZEFU7xlRU1PQIAAAEwUgAAAANoAQeZAvO1c3EUqeMOQo8BLcCZjF_5QWvJzkd3GTeuvCyGjsct7bKNug2_ZI2i4FE3hDretT0VgQrZss1hDGV-XamuyjTZlW6VlHs4kbuYRMLw6R01t5KijNT3quUf-JT2v_5AITOXcDbyCA4k1r3NKZPRZMcB5iK9rmLA_ffE_CsFZ1VqHUlMcudmEJL1qcnPhU2Ic_nx6SUzuN5GelPhhk5TmSK38ZfSs36b0RSBRZHgp1lsGSHzBWI8JcURII5KOWXjGOxWX0L6uLeIWs7nuFxXgdBkSUzNb3vlQY4g9Ld3MmrY6JtzIwQXzONZCsqNdw2_rCGIILMLncGgSiuFyQci0z1qH44IhKuOdB0Njtg_p1ea4zLoiDz-KTj4OqEnt6J_b7wkE7jDjb80JqtlOP6yAa5WZGMZDtBL2WgBmLJEvI_Bdbi-E8pBVi20cHiLlz6vfGr9D4DTeBoks7k-mOsw01_XSFBsz6vsdb22OF0UibiEyXLxeVOTuzTGNBzqmzRCX8tWRMR0I8VpA-4Zn2TKRqlqWN_frY4xO0dyQ2796_5pgOV_nADWl2BNQEultXjseofc3S267B5ZE4EyUT7AVLtidaFWTUFdYmSeuQ6COgvWYi-9fTB6lHTXR5ztQzIgfN7zvy4cHr2t-NxzujaAxZLY1J5dIFsC0wo7eFRlo4sljfLDVNELBzk2f2UHDexxjAd8lYurpKwhZmv3_kJHv635iZ5KgvO1SaBKZxqrpE0Gaz4pki86ZvHN128JKh3a7aZNB253OkOvXEO-5ZOk_bY3V89pnKy_vMFLaAcVQCXDJxCd6HwbEY54DsoUPnoEFFdtbq2sWDDMDwpEG9LcalluC_KLcWR-X4Vm-mNWnwtfJM2Zv1W3ktj7EJzOOxMB8pMs5cetMCUq0JOYIv-dsEPDVlRqir3Ht7QNrock18wjR_Lqr4QpmRkwAVoHVzDMHjHMFBu7Uqqvj-PJHPrL-ZUUU2_bUyXRQb9QZe4yCVPivopNIg
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DBE0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlM4araYEcJy_0ISyhc46Y&google_cver=1
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlM4araYEcJy_0ISyhc46Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGKiD7tIBMAE&v=APEucNUJFAZ3r96uUDgJQx3LD9R4lI_uSPj1a1ROtavFs3FZUkvY3cdQGE7liI9Une-nTIEaE85xZsQaYhKexGAGi2cMIINp0z2W7KbYvPHD9E_uCGWbBLWjkwKsD8ci6SaTaIEkUbi2NLkoDg-v9FYlqmwjNfB6LP49EzaBoYUW4pXoJFeQcPcc0ewgxj4xub24PUufALpU3uOa_Rz0RXJZkqPbklvLsQ
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a9139c484072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fh55wt%2FVzV2t0GZ0kuY9vBrahr4EtmtGNyfC%2FpGE2RhdVzjsNQr0%2BqZ307J0jRjeITxeMCnql4pDj1o32FKWqxilYJALS%2FCIQmjTAIt9Fk11pn%2FA62zjTkCSxQnUxzRn%2FaCcBmIXyEMngg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlM4araYEcJy_0ISyhc46Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DBE0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzESJrEZEq9GDHQcFbh0DgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlM4araYEcJy_0ISyhc46Y&google_cver=1
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlM4araYEcJy_0ISyhc46Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGKiD7tIBMAE&v=APEucNUJFAZ3r96uUDgJQx3LD9R4lI_uSPj1a1ROtavFs3FZUkvY3cdQGE7liI9Une-nTIEaE85xZsQaYhKexGAGi2cMIINp0z2W7KbYvPHD9E_uCGWbBLWjkwKsD8ci6SaTaIEkUbi2NLkoDg-v9FYlqmwjNfB6LP49EzaBoYUW4pXoJFeQcPcc0ewgxj4xub24PUufALpU3uOa_Rz0RXJZkqPbklvLsQ
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a9145ca84072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KnlQ3dJ%2FyE%2FZs%2Fds5cQDLQgn%2FCcfloNv94L2YPvYoSrbCOCTVRjKBfaLtKZty%2FoTUsBjGx2XXtd0EVGNbOuZ2divUl5oEOHA%2B1G6xNAhgoA46p3WW734%2F5WtQpMaYgaK3Flm%2FITrZjrj6A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlM4araYEcJy_0ISyhc46Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame DBE0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECu9kE0Zxt-r4mmF-sMU37k&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESECu9kE0Zxt-r4mmF-sMU37k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGKiD7tIBMAE&v=APEucNUJFAZ3r96uUDgJQx3LD9R4lI_uSPj1a1ROtavFs3FZUkvY3cdQGE7liI9Une-nTIEaE85xZsQaYhKexGAGi2cMIINp0z2W7KbYvPHD9E_uCGWbBLWjkwKsD8ci6SaTaIEkUbi2NLkoDg-v9FYlqmwjNfB6LP49EzaBoYUW4pXoJFeQcPcc0ewgxj4xub24PUufALpU3uOa_Rz0RXJZkqPbklvLsQ
Protocol
HTTP/1.1
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:54 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
d6b1c350-d610-4750-b38b-3a63e0065316
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESECu9kE0Zxt-r4mmF-sMU37k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DBE0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxNzYwMDc0NTg5MjQ2MzgyNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxNzYwMDc0NTg5MjQ2MzgyNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGKiD7tIBMAE&v=APEucNUJFAZ3r96uUDgJQx3LD9R4lI_uSPj1a1ROtavFs3FZUkvY3cdQGE7liI9Une-nTIEaE85xZsQaYhKexGAGi2cMIINp0z2W7KbYvPHD9E_uCGWbBLWjkwKsD8ci6SaTaIEkUbi2NLkoDg-v9FYlqmwjNfB6LP49EzaBoYUW4pXoJFeQcPcc0ewgxj4xub24PUufALpU3uOa_Rz0RXJZkqPbklvLsQ
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:54 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
56f7605d-209e-4b27-8cb3-5173d8f1e9b5
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxNzYwMDc0NTg5MjQ2MzgyNA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bgPizza.png_1663252159749_bgPizza.png
s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267fd11fb31e7820d837763/content/ Frame 5AFD 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267fd11fb31e7820d837763/content/bgPizza.png_1663252159749_bgPizza.png
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84eda06fb0e7a97ac73a8b9cd81f25a754a534bb46a38a2e6591cceaae931ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 16:49:33 GMT
x-content-type-options
nosniff
age
467721
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139009
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 14:29:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 16:49:33 GMT
newbgBurger_160x600.png_1663252159749_newbgBurger_160x600.png
s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v3/partners/5f97d957694f690006bb0887/assets/singleFiles/6318d45f6220bf489bc9b8fd/original/ Frame 5AFD 		293 KB
293 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v3/partners/5f97d957694f690006bb0887/assets/singleFiles/6318d45f6220bf489bc9b8fd/original/newbgBurger_160x600.png_1663252159749_newbgBurger_160x600.png
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ff72baa14c598eead50162d03549c3987c4d370d16e3714e0ad78bad3368b63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 16:49:40 GMT
x-content-type-options
nosniff
age
467714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
300237
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 14:29:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 16:49:40 GMT
bgGreen.png_1663252159749_bgGreen.png
s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267fd11fb31e7820d837763/content/ Frame 5AFD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267fd11fb31e7820d837763/content/bgGreen.png_1663252159749_bgGreen.png
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56ea42e9abee0dee184e17c10be89ce3c54b1c59e5f643a36c76b0bea344deef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 16:49:39 GMT
x-content-type-options
nosniff
age
467715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2696
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 14:29:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 16:49:39 GMT
deliverooPresents.png_1663252159749_deliverooPresents.png
s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267fd11fb31e7820d837763/content/ Frame 5AFD 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267fd11fb31e7820d837763/content/deliverooPresents.png_1663252159749_deliverooPresents.png
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5119cd6572709b118ba42b8a63800d762d60f9a0beb50c0583dbaf4815c4784f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 16:49:34 GMT
x-content-type-options
nosniff
age
467720
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10859
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 14:29:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 16:49:34 GMT
morrisonsLogo.png_1663252159749_morrisonsLogo.png
s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267fd11fb31e7820d837763/content/ Frame 5AFD 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267fd11fb31e7820d837763/content/morrisonsLogo.png_1663252159749_morrisonsLogo.png
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2d5e937f6c5374bb949676c2b77cbfe4c263bbbc16fef2f58f6b0d3fe314dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 17:32:25 GMT
x-content-type-options
nosniff
age
465149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5023
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 14:29:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 17:32:25 GMT
waitroseLogo.png_1663252159749_waitroseLogo.png
s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267fd11fb31e7820d837763/content/ Frame 5AFD 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267fd11fb31e7820d837763/content/waitroseLogo.png_1663252159749_waitroseLogo.png
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22b6842aa09453819e001f6e728ab1903111e0d51dfec2cfad3cf37b83934f8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 17:32:25 GMT
x-content-type-options
nosniff
age
465149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3827
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 14:29:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 17:32:25 GMT
sainsburyLogo.png_1663252159749_sainsburyLogo.png
s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267fd11fb31e7820d837763/content/ Frame 5AFD 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267fd11fb31e7820d837763/content/sainsburyLogo.png_1663252159749_sainsburyLogo.png
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b19e3558f61d77fefde0bdf7f62db03dc3ccd78fceea8e1bf89762d1c81127c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 17:32:25 GMT
x-content-type-options
nosniff
age
465149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4203
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 14:29:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 17:32:25 GMT
smallLogoGreen.png_1663252159749_smallLogoGreen.png
s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267fd11fb31e7820d837763/content/ Frame 5AFD 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267fd11fb31e7820d837763/content/smallLogoGreen.png_1663252159749_smallLogoGreen.png
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
381a124d638ab510f71d09722a1023400d0dce2be6cf0212f29c17eb4dd2255e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 17:32:25 GMT
x-content-type-options
nosniff
age
465149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1192
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 14:29:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 17:32:25 GMT
smallLogoWhite.png_1663252159749_smallLogoWhite.png
s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267fd11fb31e7820d837763/content/ Frame 5AFD 		975 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267fd11fb31e7820d837763/content/smallLogoWhite.png_1663252159749_smallLogoWhite.png
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bed4a74b7635879aa6e90938d83ac7aabb21ebbd258a62c9edbb2661d4c25918
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 17:32:25 GMT
x-content-type-options
nosniff
age
465149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
975
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 14:29:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 17:32:25 GMT
engLogo.png_1663252159749_engLogo.png
s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267fd11fb31e7820d837763/content/ Frame 5AFD 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11009353/cdn.ad-lib.io/v2/partners/5f97d957694f690006bb0887/assets/concepts/624c5c1c43129612afb40e2a/templates/6267fd11fb31e7820d837763/content/engLogo.png_1663252159749_engLogo.png
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35e4f11d5b6195be51a9c7bce166a21287bf6820f3a6e65516f6d3d4217fcf13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/index.html?e=69&leftOffset=0&topOffset=0&c=pxBbwy4RyQ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 17:32:25 GMT
x-content-type-options
nosniff
age
465149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6193
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 14:29:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 17:32:25 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 9814 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DWqrFDoKSNmFyuO65SO1nc4Yb3ikL9S1pvPYWmtn5EVT1mGaVF25Kr9147pFvnMkpfbM-fVG3MMjIpiNRoMdbQ_Zzcna63_SaZ-GHTg8jry_j7NskjmCS17oova4OJ2lgHfbbR9Zm99LAwcj018_nz9-GESiZngkfI2R1frKSOFT43xm4&cry=1&dbm_d=AKAmf-DMotrX7DRZ30vGvDmeT0PiH6ENO6AT4U1ETGJNk7utVU-KV50bt6oIhoyFxz8Dw2rCuRxeVMq4Vc6BMSxuLTVhwNb5x9dFTrvuMrBwDclZD3tLNr111hMhD4HDKBCpTS99gWGUMIplaS-1aJerzjDAzpJKgJKHdu0xYupcrDiHOAflBT6XuYo4iainQOJzWD1DOIIR-hgYJjSNeO6RuCq4bercVDfS9n1EZ-mBhMG3debwhCbMXqO_lRwyBVATuUUIF9H4nt84FYJbgurfliZCocD5BP9hGMQbw95OpcWKVE7rWF56r5Qq3fnZadA2itm1tzkkXC6VD8UOYr1nIXmNQJigMAWe1NqwK5LLSKrZLNzvNB-4VBElX2BpOBiji0BDIfnG3h4LMZRmYFO_Lyt9MrDx7XEfw2e-oYv9k8F6zKT3j4PQopoQlIKnetZC0Pz1KCDrGRUwnC_qXQvb4BxZl-P0A52FwVz2jUPlVyCFBK54h_V4RYTsppZIJDBGNxi4wnFHY3K0ZlAQ87ogFtDkEdSqUICa0AHO1TQTXZ4GZ6IrKadnBTRadTLifoMP1dmSlzHv3QsQAEMkzap_q65oN-3nvdBwgzGoRhdS0zVaoXeBwPPeC9NOsXRfupA0m1McOVMDWIhBKZWA3BwTi8Tjbs9sDIAj9ielwpDQkH0yyHKy-Tc1-DqFsNEraeiH5F-96V-hFdoCTdsqVxoZzTLPB5jBvXeKm0RaKTxOefDslnFTtv9QaywMHqKLQ79qgIZNk1zm__XdoqjfPhQ7AX9D-drpK0igxlE2jLKrVAnFClomQsrtNfUIKyM0vrwZ1YauEjIuSJ6SwaELi56XxlseSC6xU-b764DyJhN3qWomz764UZYlcRY1QEy6Fh9oPfXU3LD2DO-sqqKiqY_WhPk2cIFF60r_en_Zjs6LqKb6ScuHKHEpYrkJd-AfJIT0WzoNjJR4a0vdzD-NYKSxeYBlOfBGC7jmVNwMe1IkkBGTKAy7iigNmJXasnXA4X_ya9uEBlC3TL5N1HsFu9QceLZmy1P6f4s-d6XXguuLlRSXu9nmOCwvAJ-pUZTN_GrZ1j5_wvRjXglb753dKbrjEF5TmMF_2c7IdC_KtPdehnBOLFs1KFwKRYLMgBc2sX_7adpS8-gVR2mtYDoAIuwxdPhbFb6tWxLRSWbFc-6bfCFzP0Siy5fLvYRAFsMCrFNFq4xx-DBOrvYjzu2UKYjzNNETzKCdsQGJIVrBkltknQQTOY3Ru938YCgUdq62tvc8FaqspAbRfKIqk1FRERGmut5l_nk1vH8Qjzm0jSZKKqZyV1W4C340HhtyD4R79ZK7b5X6xlfzzQi-Q7nOxHlxE4cAcu-WOQynxvBbQmIJGfceoN0YBUjtjK4cMiFxPMQXD8XZSaxwTv1nVI3FaA-pLgR1Y3k4jJQsK-5_bbRhHSXfkXLm-t2AC2olT0Ck9zurzl04wfo9i10XGN8kTLRMGkmIDG0U2ZUVXN7484rXb5lNRXervOU23lNvV7hqraj5lTc0yzmIW3zLkDy6IIPLS-CFt80mi6lz0T7IUwFZ62HgVp5ouLuOfnTvVMkZpQPXP5wjI7-qSC1cl38QQyd4d0DiJhhKY8gJDnAF9wpeXAt968C2l079uhfyAcGk-45bA3Op83p4kAVCpyC1cftiJstJns1mwPQWqsikuQv9FsY0kjH0KHkeSvu5vjWM1xhEevT_zIzef61eaUuCV_eNaofDYQkHFMbu4DzIRpd5ztxKPqlWkq9o7tz6Q10uLEW6RqjeDGJEkwGuLutPA-Q-0tJVvyLP2ZjRa_DP21rR8YPQRS-V0IQe_KANk9CW3W9nPTN-MFTKNmvjrcAMFmX9Z1tqppDQlNFyXMRFFUWF_Pbv5BnL5qxZOb1q--iyhbmY5GXAWRX3Wq8VYzH3vlcuhPflWqd5MycdMULBrMImauNeoA9wfxA3UUbF6TGbTeJOiOXog6eU4fT-ycf2wrC1cvcBKx_UZ3UapZERwasXUHwvJizmRZAI1HNVr9r0vIr6gEUNEZjUV64S4fdI3Fmy59mKr-oZRUSjq523DxAgplDIPFW1EgaLcGpDtwOOKBcLjSzwsVipj3AghcpNuiJYd1FC7zSSIeXIym9P5B11gSFbQh3Nnpk4LZk3oYVFCcus9_6shDfyB16IuiKRR5u3hwOONuK9QAqqeFHX5uphKQUs1ofn8x0JBBKO6i7E6IV-4O3AUbY5svjt-HJ-P-3O3MboCuE5c2JpFr7u45PRC0vi_5orWlEBMttE6-lDKUSb-5DBG1CoYmQwxlIOpvQ7rMaNLUe0PUEHV6JUPw285HCbIaMnuKNJnqw1aXTu3Dnw7dD_wW8I0rJqKleI4WDCCLro_byDL3s-uS3YKCQX_iMz-K7Rc5kClNdMFvivhtTtPuq43Lv19N9YAPZF6Et4LfK4-erXQpireLNLVM7xLYMAZed0NYI7oOyQpbD71XR2f6QF3ZyBrLIfZR1AIwyb9-JslnYZ3Ig80jIvpFeo1eE0CE6o6vqlc5aFerU-tKt1g6fw89GSB_2ZPTSHIzIR8lTSlw_KDhwBcwEkWe8abAx7c04kv6r7bBtSb1wIcvOAZTkCVeA80G6Y1qsxu2hSEiyw8KQxAKuEF3wF59TfdodAo1P-B9ZgiBH-cLmea3xOOm7NO13CvhqwWbrZ3tTQGJ6BXEXIiN3tXFheKM9viv-uOcpEL4j59Sp_jVJXSp2_m6Y-gbqLU7NoQj4TdoegQhDhttFnLCcobT1pCkPbequzeNAEU8qmD2neFlFIz8YpBAB9ldZ3XmSpRclMDOpwZ6lF24h0NwFkvcbV-s7p2fvuV9wOFfx--rxO-fIScOogjFj10qqY_d-j4nT5LP8R5CLy3-remt3u7HBqksYXyQzOYdoRhjf2Qif4cTvfl2URWWDtrRtaTDZTfMJ-e1_9BKvGEi16hk49wJVHOsL3vKUcOm7gA_Nb9WKhf4vFUViBwVWsDLgTB758DDH05M0ZeXkUvKAJKZKNpu3qeSHZcxvOA7N2tQd326Vv12unozraMm0gSbQBo6Of1iECukO5AzdPuTLm6keCxipN5wwAavZ9NeqX_htgpNXYH7E7JlVxHqINRHA-x6OH36_ghmEBxedHH29yEqqLSqjgjUS5EF6kFh4sAoREDGrzioxygDShyKBHBko0fhu4mb3n5N0iBJBjJ6Jx1paYL96Yap0odDZoIHMs3Xeq16VqYmxq5aA7OaGQNA6gaRMuRVTSL4SoOTqrBiEW9fVRvnMnuGlcjzlhfiVcuFXA92YlzPX-8vp4wnX9LXEFm0Gca0bYr1ldRVH6roM36tNz00N_xFrRFLhIWHXQJ12X-J7pmYUrTVeHdtZ9tL_LcpFm_10xf0EcBJ2c-0Vimsn84JlS17vKkmxgqKS-7SQzt4YfWCEeiyVaWAqg2XDnD42guv6ChteHquRYF3XGtJB0lU_eF_YPDUWmqkymoP9aWA-ylY14K8SrxfudIy8OeXGPVK4LSq7rEnUNFRRXa0oBYajTCA3U9YmzZJTSZO3qTzgL6iaVJbj8ojwbE3474eOSXYoUYfYYOyewPauOjw8IX3nkXw7SIrvv5w2fw-auKccCakR4XkYSFmfg2LYo_oemWNyriZ3QW7kX7fcEiz0QCaxAk2f2x4hpwr-FCirEw9nXU6h-1Wn_f2Lv3YUeENxh1M5Wa7Ip1h_XIZB5ziLv8K7JMIcMNGe1zL4vSwpSdixFvlAskF4q1HvHgfEwH3cau5QxyG8VMSjKnzcGanA5ppK3urS-lgLtIA7ucy616xWkybFShqYliSOHtCne&cid=CAASJORolrIQskAyjKHs4XCAVbXJwJBD00bknjxWjpuNmERWalCUCQ&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
446
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
server
cafe
etag
16554960040364120486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 02:37:28 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9814 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DWqrFDoKSNmFyuO65SO1nc4Yb3ikL9S1pvPYWmtn5EVT1mGaVF25Kr9147pFvnMkpfbM-fVG3MMjIpiNRoMdbQ_Zzcna63_SaZ-GHTg8jry_j7NskjmCS17oova4OJ2lgHfbbR9Zm99LAwcj018_nz9-GESiZngkfI2R1frKSOFT43xm4&cry=1&dbm_d=AKAmf-DMotrX7DRZ30vGvDmeT0PiH6ENO6AT4U1ETGJNk7utVU-KV50bt6oIhoyFxz8Dw2rCuRxeVMq4Vc6BMSxuLTVhwNb5x9dFTrvuMrBwDclZD3tLNr111hMhD4HDKBCpTS99gWGUMIplaS-1aJerzjDAzpJKgJKHdu0xYupcrDiHOAflBT6XuYo4iainQOJzWD1DOIIR-hgYJjSNeO6RuCq4bercVDfS9n1EZ-mBhMG3debwhCbMXqO_lRwyBVATuUUIF9H4nt84FYJbgurfliZCocD5BP9hGMQbw95OpcWKVE7rWF56r5Qq3fnZadA2itm1tzkkXC6VD8UOYr1nIXmNQJigMAWe1NqwK5LLSKrZLNzvNB-4VBElX2BpOBiji0BDIfnG3h4LMZRmYFO_Lyt9MrDx7XEfw2e-oYv9k8F6zKT3j4PQopoQlIKnetZC0Pz1KCDrGRUwnC_qXQvb4BxZl-P0A52FwVz2jUPlVyCFBK54h_V4RYTsppZIJDBGNxi4wnFHY3K0ZlAQ87ogFtDkEdSqUICa0AHO1TQTXZ4GZ6IrKadnBTRadTLifoMP1dmSlzHv3QsQAEMkzap_q65oN-3nvdBwgzGoRhdS0zVaoXeBwPPeC9NOsXRfupA0m1McOVMDWIhBKZWA3BwTi8Tjbs9sDIAj9ielwpDQkH0yyHKy-Tc1-DqFsNEraeiH5F-96V-hFdoCTdsqVxoZzTLPB5jBvXeKm0RaKTxOefDslnFTtv9QaywMHqKLQ79qgIZNk1zm__XdoqjfPhQ7AX9D-drpK0igxlE2jLKrVAnFClomQsrtNfUIKyM0vrwZ1YauEjIuSJ6SwaELi56XxlseSC6xU-b764DyJhN3qWomz764UZYlcRY1QEy6Fh9oPfXU3LD2DO-sqqKiqY_WhPk2cIFF60r_en_Zjs6LqKb6ScuHKHEpYrkJd-AfJIT0WzoNjJR4a0vdzD-NYKSxeYBlOfBGC7jmVNwMe1IkkBGTKAy7iigNmJXasnXA4X_ya9uEBlC3TL5N1HsFu9QceLZmy1P6f4s-d6XXguuLlRSXu9nmOCwvAJ-pUZTN_GrZ1j5_wvRjXglb753dKbrjEF5TmMF_2c7IdC_KtPdehnBOLFs1KFwKRYLMgBc2sX_7adpS8-gVR2mtYDoAIuwxdPhbFb6tWxLRSWbFc-6bfCFzP0Siy5fLvYRAFsMCrFNFq4xx-DBOrvYjzu2UKYjzNNETzKCdsQGJIVrBkltknQQTOY3Ru938YCgUdq62tvc8FaqspAbRfKIqk1FRERGmut5l_nk1vH8Qjzm0jSZKKqZyV1W4C340HhtyD4R79ZK7b5X6xlfzzQi-Q7nOxHlxE4cAcu-WOQynxvBbQmIJGfceoN0YBUjtjK4cMiFxPMQXD8XZSaxwTv1nVI3FaA-pLgR1Y3k4jJQsK-5_bbRhHSXfkXLm-t2AC2olT0Ck9zurzl04wfo9i10XGN8kTLRMGkmIDG0U2ZUVXN7484rXb5lNRXervOU23lNvV7hqraj5lTc0yzmIW3zLkDy6IIPLS-CFt80mi6lz0T7IUwFZ62HgVp5ouLuOfnTvVMkZpQPXP5wjI7-qSC1cl38QQyd4d0DiJhhKY8gJDnAF9wpeXAt968C2l079uhfyAcGk-45bA3Op83p4kAVCpyC1cftiJstJns1mwPQWqsikuQv9FsY0kjH0KHkeSvu5vjWM1xhEevT_zIzef61eaUuCV_eNaofDYQkHFMbu4DzIRpd5ztxKPqlWkq9o7tz6Q10uLEW6RqjeDGJEkwGuLutPA-Q-0tJVvyLP2ZjRa_DP21rR8YPQRS-V0IQe_KANk9CW3W9nPTN-MFTKNmvjrcAMFmX9Z1tqppDQlNFyXMRFFUWF_Pbv5BnL5qxZOb1q--iyhbmY5GXAWRX3Wq8VYzH3vlcuhPflWqd5MycdMULBrMImauNeoA9wfxA3UUbF6TGbTeJOiOXog6eU4fT-ycf2wrC1cvcBKx_UZ3UapZERwasXUHwvJizmRZAI1HNVr9r0vIr6gEUNEZjUV64S4fdI3Fmy59mKr-oZRUSjq523DxAgplDIPFW1EgaLcGpDtwOOKBcLjSzwsVipj3AghcpNuiJYd1FC7zSSIeXIym9P5B11gSFbQh3Nnpk4LZk3oYVFCcus9_6shDfyB16IuiKRR5u3hwOONuK9QAqqeFHX5uphKQUs1ofn8x0JBBKO6i7E6IV-4O3AUbY5svjt-HJ-P-3O3MboCuE5c2JpFr7u45PRC0vi_5orWlEBMttE6-lDKUSb-5DBG1CoYmQwxlIOpvQ7rMaNLUe0PUEHV6JUPw285HCbIaMnuKNJnqw1aXTu3Dnw7dD_wW8I0rJqKleI4WDCCLro_byDL3s-uS3YKCQX_iMz-K7Rc5kClNdMFvivhtTtPuq43Lv19N9YAPZF6Et4LfK4-erXQpireLNLVM7xLYMAZed0NYI7oOyQpbD71XR2f6QF3ZyBrLIfZR1AIwyb9-JslnYZ3Ig80jIvpFeo1eE0CE6o6vqlc5aFerU-tKt1g6fw89GSB_2ZPTSHIzIR8lTSlw_KDhwBcwEkWe8abAx7c04kv6r7bBtSb1wIcvOAZTkCVeA80G6Y1qsxu2hSEiyw8KQxAKuEF3wF59TfdodAo1P-B9ZgiBH-cLmea3xOOm7NO13CvhqwWbrZ3tTQGJ6BXEXIiN3tXFheKM9viv-uOcpEL4j59Sp_jVJXSp2_m6Y-gbqLU7NoQj4TdoegQhDhttFnLCcobT1pCkPbequzeNAEU8qmD2neFlFIz8YpBAB9ldZ3XmSpRclMDOpwZ6lF24h0NwFkvcbV-s7p2fvuV9wOFfx--rxO-fIScOogjFj10qqY_d-j4nT5LP8R5CLy3-remt3u7HBqksYXyQzOYdoRhjf2Qif4cTvfl2URWWDtrRtaTDZTfMJ-e1_9BKvGEi16hk49wJVHOsL3vKUcOm7gA_Nb9WKhf4vFUViBwVWsDLgTB758DDH05M0ZeXkUvKAJKZKNpu3qeSHZcxvOA7N2tQd326Vv12unozraMm0gSbQBo6Of1iECukO5AzdPuTLm6keCxipN5wwAavZ9NeqX_htgpNXYH7E7JlVxHqINRHA-x6OH36_ghmEBxedHH29yEqqLSqjgjUS5EF6kFh4sAoREDGrzioxygDShyKBHBko0fhu4mb3n5N0iBJBjJ6Jx1paYL96Yap0odDZoIHMs3Xeq16VqYmxq5aA7OaGQNA6gaRMuRVTSL4SoOTqrBiEW9fVRvnMnuGlcjzlhfiVcuFXA92YlzPX-8vp4wnX9LXEFm0Gca0bYr1ldRVH6roM36tNz00N_xFrRFLhIWHXQJ12X-J7pmYUrTVeHdtZ9tL_LcpFm_10xf0EcBJ2c-0Vimsn84JlS17vKkmxgqKS-7SQzt4YfWCEeiyVaWAqg2XDnD42guv6ChteHquRYF3XGtJB0lU_eF_YPDUWmqkymoP9aWA-ylY14K8SrxfudIy8OeXGPVK4LSq7rEnUNFRRXa0oBYajTCA3U9YmzZJTSZO3qTzgL6iaVJbj8ojwbE3474eOSXYoUYfYYOyewPauOjw8IX3nkXw7SIrvv5w2fw-auKccCakR4XkYSFmfg2LYo_oemWNyriZ3QW7kX7fcEiz0QCaxAk2f2x4hpwr-FCirEw9nXU6h-1Wn_f2Lv3YUeENxh1M5Wa7Ip1h_XIZB5ziLv8K7JMIcMNGe1zL4vSwpSdixFvlAskF4q1HvHgfEwH3cau5QxyG8VMSjKnzcGanA5ppK3urS-lgLtIA7ucy616xWkybFShqYliSOHtCne&cid=CAASJORolrIQskAyjKHs4XCAVbXJwJBD00bknjxWjpuNmERWalCUCQ&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 08:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
323429
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 08:54:25 GMT
stratosdeliveroo-regular.woff
s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/ Frame 5AFD 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/stratosdeliveroo-regular.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/adlib.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f60710f6e068b35323439bfa0c7db81caf2796d43b9edc5d5cffadfcc7b80dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/adlib.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 17:32:23 GMT
x-content-type-options
nosniff
age
465151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43644
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 13:56:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 17:32:23 GMT
stratosdeliveroo-bold.woff
s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/ Frame 5AFD 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/stratosdeliveroo-bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/adlib.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35059cdc43401fbcf730189eb26b53bbda8e45d58f16b89c2d236b6bbe6d839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/adlib.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 17:32:23 GMT
x-content-type-options
nosniff
age
465151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45640
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 13:56:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 17:32:23 GMT
stratosdeliveroo-light.woff
s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/ Frame 5AFD 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/stratosdeliveroo-light.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/adlib.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a14b003ffe0e950c19ee590ea71d46f6ba7faa8412ac5442f95ec9df010751d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/10513231771741454336/160x600-SprintCities/adlib.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 17:32:23 GMT
x-content-type-options
nosniff
age
465151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43352
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 13:56:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 17:32:23 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5AFD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 02:44:54 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4FB5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
323406
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 08:54:48 GMT
expires
Fri, 22 Sep 2023 08:54:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 6849 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 21:45:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363589
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 21:45:06 GMT
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 4FB5 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 21:45:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363589
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 21:45:06 GMT
container.html
3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6038 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 02:44:53 GMT
expires
Tue, 26 Sep 2023 02:44:53 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dcmads.js
www.googletagservices.com/dcm/ Frame 9814
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1168448/65593785/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fsubject.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F3e9a5eca38fdecb31d74d8d...
  • https://www.googletagservices.com/dcm/dcmads.js
28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:32:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
753
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10831
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 13:41:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 26 Sep 2022 03:32:22 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
x-server-name
app01.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://www.googletagservices.com/dcm/dcmads.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.6.2.js
static.adsafeprotected.com/ Frame 27EE 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
content-encoding
gzip
age
385719
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
ILNZgA7jgJsViljHkd-SaL_n5LYkur8uJ7mmFq3Q9JepHomwt7NHIw==
dt
dt.adsafeprotected.com/ Frame 9814 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1168448&asId=2364d187-8cc3-fdb6-254f-f711c7ac0949&tv=%7Bc:phIns3,pingTime:-3,time:53,type:v,im:%7BpBlk:43%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:54,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B48~0%5D,as:%5B48~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.1168448-65593785%7C1b1%7C1b2%7C1c,idMap:1b*,rmeas:1,rend:0,renddet:svg.us,siq:21%7D&br=c
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 9814 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1168448&asId=2364d187-8cc3-fdb6-254f-f711c7ac0949&tv=%7Bc:phIns5,pingTime:-6,time:55,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:55,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B49~0%5D,as:%5B49~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.1168448-65593785%7C1b1%7C1b2%7C1c,idMap:1b*,rmeas:1,rend:0,renddet:svg.us,siq:21%7D&tpiLookup=ao:subject.com.ua*&br=c
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 9814 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1168448&asId=2364d187-8cc3-fdb6-254f-f711c7ac0949&tv=%7Bc:phInsk,pingTime:-2,time:70,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:99,mdZ:321,beA:335,beZ:337,mfA:338,cmA:340,inA:340,inZ:344,prA:344,prZ:351,si:357,poA:358,bl:379,poZ:379,cmZ:379,mfZ:379,loA:391,loZ:393,ltA:406,ltZ:406%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:70,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B64~0%5D,as:%5B64~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.1168448-65593785%7C1b1%7C1b2%7C1c,idMap:1b*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:svg.us,siq:21,sinceFw:48,readyFired:false%7D&br=c
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18249157524192948938/ Frame 0B76 		65 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18249157524192948938/index.html
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54f0e16f632b630cb414c87263c96a28dff9fbcfecf5132d1b90bfb5b029fa72
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
298683
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22987
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 15:46:52 GMT
expires
Fri, 22 Sep 2023 15:46:52 GMT
last-modified
Thu, 10 Dec 2020 08:33:15 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 6038 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQtxOJhIxY-nzJNeB7gPlraq4A660y8Vg1bzc_-QMwI23ARABIKqAwyJgu4aAgNAKoAHejoqFA8gBCakCTPfOg6A3sj7gAgCoAwHIA0iqBOcBT9DbaXVwxe7cCWWv-Sx4lvoSsSyr5MQEUOf4oh2aKVj4HcRPzgbETTOKI1Y0xfYOeURc_UEGvulWqjuGoRyHx8bzyghkJ8B6IjKSHOCJFPcIduXjZs65JUJ99WAzrpOdPsiN0hd15EUbcqpJvvqhNd59uOp4AwrSias0gm77EzGF8tNJrkBg86QZMy8xlye9Scnr06FpMuq85kf17PoYQTNKhyw868s46Aa119j6S3J-viWDwJUm2J3XnMvySkCH9VMnjiXQXixEzPu_PsdBpXOZTmKIENCW1foPpCAZZ1NA29EOxKF4wAS36rCwrQPgBAGSBQQIBBgBkgUECAUYBKAGLoAHivH1eqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEM5X0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTkxOTIyMjE3NzYwOTUyMjOACgPICwHYEwrQFQGAFwGyFx4KHAgAEhRwdWItNTUxMjM5MDcwNTEzNzUwNxiS7yE&sigh=TQowi7OLZAo&uach_m=[UACH]&template_id=419
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 6038 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:23:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1310
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9559
x-xss-protection
0
server
cafe
etag
12142024561622733046
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 02:23:05 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 17EB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8eD46EfM8szn58cJOoQz-loZQExBmcpi46A49jL-bZfRyvx7a-khuElalMN0k1lu5hJBfsXgGraQfOtIqS9uJN35nuqNQRpl5V4dtRmEla7yDXjJEnP0KraM9bUbIw0YGZ6DZMQ&sai=AMfl-YQ_5ffN-gQFfHGuJ7cfGIa23mtxscsAt2ArA5HBmJa_DdXmk70yVlvZIjJU2XT6WqjffxvvvkjHUjOK&sig=Cg0ArKJSzKY7vbyAEIB8EAE&id=lidar2&mcvt=1038&p=0,1,124.25,1006&mtos=0,960,1038,1038,1038&tos=0,960,78,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664160293560&rpt=575&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl_v91.js
www.googletagservices.com/dcm/ Frame 9814 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v91.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1168448/65593785/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fsubject.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:2364d187-8cc3-fdb6-254f-f711c7ac0949,c:phInrw,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-b97f7975-npc5t,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.1168448-65593785%7C1b1%7C1b2%7C1c,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:21,oid:33c94737-3d45-11ed-955c-e25dcf8dd2de,v:19.8.352,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 14:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
561937
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23646
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:32:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Sep 2023 14:39:18 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 0B76 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18249157524192948938/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 13:12:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2655
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 26 Sep 2022 13:12:20 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0B76 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18249157524192948938/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aafb3ee79dc18d6ddc6b5c5503dc051c6e89d25a801b243cd4310ce7e0eac5ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 09:36:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61715
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13218
x-xss-protection
0
server
cafe
etag
5545325275904357113
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 26 Sep 2022 09:36:20 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 0B76 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18249157524192948938/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 26 Sep 2022 02:44:55 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame C16C 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
2006
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 02:11:29 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 6038 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 00:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 00:57:28 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 6038 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 01:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3404
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 01:48:11 GMT
B27487152.342161331;dc_ver=91.268;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=943508953;ord=7h1nnt;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjMCJJhIxY42IFdfJgAfz3Kj4...
ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/ Frame 9814 		61 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.342161331;dc_ver=91.268;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=943508953;ord=7h1nnt;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjMCJJhIxY42IFdfJgAfz3Kj4CePA4sFs3LCE2PAQnZKDkqAlEAEgqoDDImC7hoCA0AqgAfiv_ssCyAEJqQJM986DoDeyPqgDAaoE8wFP0PCr38-tZQBWE9sCIS63cKpTFnAS-7tsv8lZKh5f9UXZ4OjigWfeSBGUicd2T53h5-WYMQVRFQLfGNyBUdYDv7BxJfoPusxtHta835w9_b6BKusaJvapxOew2iBSU-k5J2AZvq7vVaMlo0bAdR4c0CgUU8VKkewxhi47NVaIB6AK3gRIVII0_PU_GtTEpH646nKlIBbDjeOGHQrbmbDO_74GLbyy_ZxLNoJh2ug6s0mmy1RV0WuizhACKnbtQddvNSFA8Swg3uJ5dL6NVzYJkWFU9eCzrHWazFjiuuzTjoQj1lMsH89x3sxecnRw9pJ1SanABPWnvdPTA-AEA5AGAaAGTYAH8M-BtAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTkxOTIyMjE3NzYwOTUyMjOACgOYCwHICwGADAGwE-X6zxDQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORolrIQskAyjKHs4XCAVbXJwJBD00bknjxWjpuNmERWalCUCQ%26sig%3DAOD64_1xqDq2ltabioht7d4TiM8bM4_gxw%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-AD0kIuX2jMnBhHGF7vwhbZ9PorQSwcVrVrQkMeB8MeNqZShe4oEGi-Ru57hGuC796ibsyR8yn8t980SFh-c4mGUlI3mRmaAxN8bXS21pZ6pPWJsCRwlHNIITQYOslb-EiNLmVJpGpQhimbQuPfVo-ARN_8E4oppFVab8nNG4Sj96eNv_E%26cry%3D1%26dbm_d%3DAKAmf-AIpx9Y2joZxSrU7HOJKD0_JAfOCob7j9Cdrrcodp1XcSzi_M0xQURG14pQEnG-5cZZYMVwGXbLqHY5MmcJhoi9yX93XmU2b4kM9kzy8_5X4gnBYrZAsqNmVmShp7YPkxXMxkul51EZhqU1eRksOxwPEgJE4OU0c36bruZVQZ5GPPZSLaifZCqfXNdjgudNBuOp0Jv8qKUvB6YS9epDwq89Be7dTmKSeWRrsJ_wORFziIu-zokqU2vlpCpxfFiwdbhpD3uGAdccPQngmuHDcGhVpA739xT-ZGz3Sjxj36tKdKg2JSzYP2IN5wo3aOaFZ7-re7XnJuVHabvvhM3oxKkBtWZNy7EHyXIhNJxtzdpZHkjlwhA3y2HHuzHtm3uGaoUCHoiJ4k-FVqUGvyZkCdP2o6HV1zVVPL5jSHmPD-H9L2QRxN3b-2EChG4zNOSVatlcE90NRgu0-1J16aVHuN4qHRU66VP-SMbJyICFSrdum3Bnpea_Sy98DRFnhbtD070WWlKpw176k4QqdAyES8HRyYw2JRRTTiHWnW0FVxu1AtITgzKR4mK-SrcaOyBrU0gDKz8q%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fsubject.com.ua%2F$0;xdt=1;crlt=BtLkq2eQR1;stc=1;chaa=1;sttr=74;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v91.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f6.1e100.net
Software
cafe /
Resource Hash
3c7264c063544a2c256c35cad9666dd5779b00c60fc88f6e34d39f4226fc30fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28791
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D929 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 02:44:53 GMT
expires
Tue, 26 Sep 2023 02:44:53 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame E8C1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvFYhGW_LtqIDpQXgSEjcLWh3BOrcfKNPu34mefi-g6tszYbVy48UvSXexgTggequBD1EoB85can8pkAZ-8jSIBUaXNlq3nBRQGrCXQqjOwLjVF_4uoEpWDc7DTL85PiE8u-fllg&sai=AMfl-YQgEsGd5muPzDT1f3_8qKPKuyxeI91gs3BT1y8U0fi2-A_5mCuvBMBJn4rzHu53IObJ2rxmsQdp5lbD5Qwyhk5tOUmWldWQnKxhpCqAKKY4UAsucEr4dOeFj64&sig=Cg0ArKJSzHuXkSC1z-xYEAE&cid=CAASJORo3g0waLppKuWwIld0OOQkpwFkvSpXi-CRc_kR-Pw6CCmldQ&id=lidar2&mcvt=1010&p=160,1390,760,1550&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=860533900&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664160293897&rpt=405&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 6038 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSE2-wh4acDr56EJFJjtkVqZyCQTcFDQkDFGiIHjRthaNIQYqO0vWoJUuYzBn_3eIAhv79THtaWO26D0t6clYzEK9mbrg
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6038 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 02:44:55 GMT
dt
dt.adsafeprotected.com/ Frame 9814 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1168448&asId=2364d187-8cc3-fdb6-254f-f711c7ac0949&tv=%7Bc:phInvM,time:284,type:e,im:%7Bimprf:%7Bttecl:391,ecd:92,tsecr:41%7D,pWait:11%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:284,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B278~0%5D,as:%5B278~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.1168448-65593785%7C1b1%7C1b2%7C1c,idMap:1b*,rmeas:1,rend:0,renddet:svg.us,siq:21,sis:154%7D&br=c
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
truncated
/ Frame 6038 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d1d87d753ca524b55037193fc2f4380a8df5eed992342ee3ce4c4cdf799d466

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame C16C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 02:44:55 GMT
expires
Mon, 26 Sep 2022 02:44:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 02:44:55 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5718 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDytckCGMutq8oBMAE&v=APEucNX1EksdUfwjepo0rW_xuO5yvJf3-KzbviVwy5kUl61Cah3ILKMiSDYSWP76ictaMgDzId0ocyGxZpBJEZbndArSPhgAOZKo0_EximpS8SRXeaGdnDkTme0zCEeN_lgGFoWFHN3S8mZ1yL_m41-dtQoq5QvuRO6sM0W5ceD5ZmvBZNpRXQbnzYcmj7VcKqhSuN8efneoHVVnaN_GyN3m-KfeVOC1Dg
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 02:44:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame D929 		28 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-j8jDj7RrH29IYoHDnGh0C40t_XW6PNUOps0fHoMvSkjppM7oDJEXMLnL6944L9sDCsaQd7AhV8zeIZwZm_Da4axLaT2EqgxbNX9W5O-W7DqNSszhiavnSIBf7LILcVoGJyE52-iWekDbUvejuIfo5zpYIw&cry=1&dbm_d=AKAmf-CmLCMJrDBPO_9zlmttrJIdl5-VyxyYkazDNFx8ScJKsz-Tc_bMqKfxcJOKe9at0UgUVS7oGXuxdlfxgp9bzkVp39ae0yZn8IrZrmEdkHMG2NmQAwBr2pza-NDqG3trS82DVKZum2xFdGgBvrZKBaEOmz3JzLGiSlv5ZZ6SwY_H01zQbbraVO50ZIMw015N_u-H5HRzWIuYl62EsCBTdV1NGttgUgF-t_atg4ufEMxvA6tS9KQUcToUTL6SwgAG5CxtGAxuH484AH9lngR7A8DLLpXgZ9LA3_nPb8nKB2mlyvnB3hrjn2gM1orMl6NPGCMDlgoVJQhpUx7RDDGTUciXjJsd5EPSTLM2AsqaksneHz2vGKXvpQTFfFa_OuE3RTRp7uz9EW_nxQt0uAqapA4XqiZsPgxQGk3BxWUYf14G1LagVyo-RzGnvVMykbKmuJJ_Ky1-kcrvzd3LELPr1odvPZNXv3y8fn3DUhQoB8HRtVxQAjgtWB991ccUFB-Jh9qtwWGf-Ep7w62ppBChMCxHkUaGr6luZ26owt9p17pyqy-9kZizYWpTuvFf9WOPnXrPqmBzFkMqfiSDShyO6ZGt9bv6nnNduGSoPRiJKVrcq_I5f59G9xRXOF3KdeCXj32b7fWtKHilfR_5yqv9IE1Z5p3C6v7sfjPQTcxDjf-j14FAol3V5jiYuxfChaC75clBa3VV9ngP0z2fKQVK_xpC6YaXQFQPuOwzyxvVTKhYMxtrJ21U5XS58xE29n7_-JmUR-5-eN3Dbr_nvedE0hoI9qNrUzcronX4paEEk3JnikdbU2kvgPpyeMHFXncfWSWcoxN4bBNEpA68iakxbpIoBrrLntaRhegz2rUhwu_LqpR1tGG1lo_urrwDcgpTNgUVeEeaTLTiJDBNDccBWcs5a6ImVyracRXsZ9HA9AiBA29LNyMUhOPQG_LVdKTXhaweSeyI7tEHH4t6lKMvfZ-HElsUJbkvxz3ENg6uWsOZ5Ypg5m6Yy6mNQxsQMe3wGReeNVytksPZQyv-d3KPMSE2jJXUFxtOLZQEhXeBbACZyke95brcTZfsobVZMUl_ubI8PtaajmET1pxNxO3N4CbRBRvVUhkmm9vEkqSzTSJLNsSoZ2zJ2vMpPImQjigNrv4eb-UzaEP9S77FaDQCaFQKAx-AzPGzJk4JWfqxUwRo5R194mE7R0QmNdHHGhuNSUqShu1C5Em2zIb2U31N5Yy9bprS_sxtBHYSI_nz8v_L4q2V40C9-oTXd-N5_6NLHY83zHP4qWyIZWJYNvbuly8D-EiCXRxzXkCMyCIyYqivR94zV4N-mn7Ux3LxwsXqfz316Bk7q8KIZQpe33SuDe57GUC3JGd_ksc6WpDRyHYWnsNLFXqzYcYVxYjqF7MySIF6BA-jT8fpdyzYQ1JzBu2XOAHLu54FYpmIEnZl4GGFZg79VlTRwEkYTTinE4Asr2C2dW0Uq4rH-v1EvfKYrb28_w_XHUhAk1m70jx4jM20yYH32XbVH9NkgU-sz3SfmL5BI_j427c2mU0N7Sho2EBhijC94I63GTINbM01dNAO4nOmggF0s-CI_Qr4PUnYj48En5NSiekPnWFfct4-ByndvBvpjEzwjrU6vC0BRJlZe1lku5swYnzof978B-z8Q8U8CNBf4gfWohDUyeB9bzU67BpoDPz2AlDBH3XTn7OpgAGK-P_QwKLkJUwRZJjxib6Z_jKBh0La0vLT4I1fJHtUbhaUwyIK6Azo9o7vlJg6D16Y0Gvi4_aW-AOq6Z0vZidIHdKaJH2ATPu_6lApK8YG3GaBDs0Pth4Fd5lhbPLUh0c-HbyR-RQHbFAbzB63aYZkGrxdYSlgDR58dV3ijft-jvO2aVLWaPhy1xZbaGj84mO7b2dwHD_m3JlQKRf0AyvQMphNlMWoKqrA2wzMlNn-RWYAgeJrbgOu8CNCu4g7eWmZ7L-tE3amyLM8pmpzmGUu-e4QNTrj2hqcOQokBzB0XQdFnGKML5tHifVra67D1fCD84nNcW-9MQ68JptKQP7Ek4il8-6VvHab4IWEPvpqnyWj5tu7wcOwC7gORlgkGdtbRtM0ockNLJhx9ZbEqx_LrdeM1m7OLBxVV4S_bTl8qM8mQQVt57aAf52GR595Ar-oaIdXVPdDvz-iAEFdY_wuBsQyQ4uJilrWpOJdByRh0nMXBpskdqcbIwbzjZmZUrh8jLyDX42kLXOKTf6fNuOpnY1qT47puiMXd1jrO3WOpFOgxfZ1q_CAZoCWtjExeKC5TlWc3HV-i_vo7RB-zLJUjWcd1I4Vle38HibY6YBk9im6V7qLFXMF10BXpN4qnQDJyegK__f8iZIdbSI6puxJ37q3NOyNEKH_Lvx5N_8vFZSa5-BR0pAzclm67QxdS3GMXHCQck7vNWOqxjlCUZ4rYmpExQxfwHLTRt7z-WUjqMJfi2QZj3zhvCqgsT9TWZ3GjR-qAr-gdt0D9VdaeuQYmKpzNj-jOafJa4i7Xcpm6g0CHdfKyEK_CEgE2niuHOKjz7Ra7nnjRPOKHLMhwERf_vhO1Ism_zsjABc--1RjzetmewwQ3pCY1tJVMWBO8K1VmVAjsfYNSC9_qWYrzSL02_pRGy4vUf6g3zK7MZPJKhvOcqZCkK6Rrzn3HU7vI64igfgUfpqvAQdJwUvf6RGLKB_qiconwy6wrVnVSePaVoNnTJaxocF8grVyMCNfTXXCDVu1egM7EKLdf5-OyTJkjLIC8QLa_Ui4o9CgTrQZCpsqitZbO1nOiG3FEZkyOFkkms2hqWJzqRbhM4_R1EYXGOlgt8qw9sdGYxmkp1kIpJb8HyV2Aca80NKrXgNACH5FTbjXPECyuFdZgYE00ldELsZEHo7yh85_bhLBJ65-uHEQ6A1FoNZgp9A6E5wLJrZIwLnJg0vu-7v5Iu6FDNV30LelSG2GEOCTK-i_z-2VDoUGND9Snefhbw5QDY5d1OTX9dhM4iYTiLJhaWUKRgusSn10LhPWnv40Dh-WvPl7jLOm3zYYz10rXXq6KS3_YiZQBAz-1L8Vaf7wL7Kq5E6pXgV-ojFINOA43CI44UmvSkTzhs5PjUSRSwx3EwlnttdYR9eo5y6GWlk8s3hr2FUi-B9m16y4_j6cQG6eQ2hXfJXb-I5XEqZkb5D8wL7EouE_6VdlxkWuPPiBerdpoBvgzxG23spsJVbXhsQJJRmRYqFAFaEKkNec5jNdtYigjiTgpGYRpLznJK2sK2q9Kpd2ct14r7AtaCjILqwt0-rhM9-3QTzkFRW97yKOCPdxTuflGwtdkl6Ww2jpUk6iy-fEhGlr5x9rebnMBLxJ_fPYDlux0R2ki-MPR_XY4yCw8GwsqHaqJAaMfLK3XjxaRyhaYJqGKk0fVca5bRcz53b4OoScNb3jOAeEvLYkV9cdLoAsZC4DCB2r1TH93RK1TjTDmzEg0cyernpYcehBk0UIKr9r1HFuE74B9lcdCHDorSUcTdWY0AXn9OfaWBKhI3ZfYFE9D6tQ3aS4-B4fL13w--8oxaUWtk7wSM2cn_5lP1Qrhvg0YByOWbHzSGhZlB-7syN_IN92NlJchiz4g5NGeyCel0eBSYZstKHFPhkaw2FjyQX5tIV_qkEgnNExesMeYDCwjEfrGcYXKiW4k1FHZ88z7zqRLRMlAQGhMoVmDoyF1xZVayeLspCZzHRRyxx6C2Htpm59dQjf8jQsfDD_yzzPYldri9-idm36fzM9O038ZDvC1fpQ1W6sg84Z-2XzGzfcVcgN9s4WLJ4lyBnPOKCphRJQpvR6Tm10b-I0tIjL-7k&cid=CAASJORoitxwKUw9G8n8HfoeekGtMzoo3DWIwUGvXjkbNnW5nBEtZQ&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8396af7f48aa3f379c0cc8a8d4be7d51b241ce8da95f4ac206a2d9352cfee2a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17057
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D929 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CX-amv3KLgtXuZWI6SGDLtFTzhQGVPc1o9Xorz-iemxjZQazlWrtl8pYAyKTPpivgDQwGeqQ47_3kunBO5o2fNUZz_RyL01CqHX3bgNnbrlEtFrq0
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
fw.adsafeprotected.com/rjss/www.googletagservices.com/1042432/63102463/dcm/ Frame D929 		236 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/www.googletagservices.com/1042432/63102463/dcm/dcmads.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.148.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-148-45.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
578e441011943c0eaeb8d74f0b6e0c374e0974368786658e62c617db38fa6320

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
jload
pixel.adsafeprotected.com/ Frame D929 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10933&advId=28493320&campId=17567456057&pubId=1&chanId=42757578513&placementId=424335051&dealId=549644393847897261&adsafe_par&impId=ABAjH0gXVNnmPmMPjTIEjQygfNAO&bidurl=https://subject.com.ua/
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.71.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-71-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
17dfed468736a55371fbebb6e1927ee32d3e9051bdebdf8dd81c7deb8afa4233

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame D929 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 00:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 00:57:28 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame D929 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 01:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3404
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 01:48:11 GMT
l
www.google.com/ads/measurement/ Frame D929 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSXut2pJ-O71382PWn7IuMo4afkV9VPZ9YUisN1ijt2YV1RuH9RJy4_jRH69B59-XDBGlOlYVQQu44Tfn6mnZ_95Pep4Q
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D929 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 02:44:55 GMT
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 0B76 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 21:45:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363589
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 21:45:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4FB5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFZRpJhIxY5WlM_qV7_UP-PmrgAgAAAAAOAHgBAI&bg=!AAOlA0fNAAYIxsuQKMY7ACkAdvg8WjSt4kcI8LX0KWh6IQYDW15Q-89wWQCasd06AEfaNE5FKj2gRQIAAAC4UgAAAAJoAQcKADEHRTLkUIBuevjcXq1j7Vel5MZkCUTGqhNkFOUYxJVBhY1oeE2ttFbcPZSBAOJ4JOsxmQLwiFzqIdhrZ_6Nmu5eWTliXX6_21wferu7QBuVNWFCIOg4hSzwa99yZYcaBPe-Zy6uYLXSduZksnRlQq8Wkzp2xo_NSCWNh8iC32rRUjjx8Xfa4ZLaGYYckd_q0qFa-RVwniFunrNtvtUQLFbHkgZcNAOQIyQurQNGCIwXnvPkDLKQ8wbsh6Phrx8LrpP_INxFNDC6n4tZHRTctj-oT-WQ-kcen5dwuL45jYwVrDPpHQiPBMg3koHdQPJ9b-agy0Rs3c6JLrcTh7y1CdI7Z-YBuZc1H1blko9dMRGWzbfY8hUZ7AC6749Ep4QqcCaOwZONBwdYEBa-OfIk199dECIgQuvr3DrkHXpronvthsXljRkO_bsYsQcfQEugru_J6I9abaG2jgXR2MmQqL7a9PmzjKYDQBG3DhFjgnrfgCYtVqfwbX6OOKF6GL1GpXgoF2FnTOwEIUlJotPZx7BGzKgyIuNaQu3KiovvWNep5v7Lca8p5-kyEhWnGivLJ4Jt4mFRoELvW5Bl-7x6xkwCiswhAdYZh-x639gllZbZ8AVYp3IuyCM7qB_jBLQZghCvXDgdr2Qj-ZXkeThbFNUsP4dsHZwhf2J0WJ7aZs8vQmzXilY68sKfDYUDQWi4OsbHQ2E89T-9z4C1RvFgYfH5v9b_-uuZ5P4yQmsmP4TGjstXlnJsFlTJFygDlX7viZJziix08AinAQc5_32677ZaU3qaKNvtMqgu0_IJWC2-QgdNsxUbJ0skTvNEy2pnLwWqdUh4A0xbZV7bLCmo0yJU1_lUGXPMQ59jENBIRTYSXfFAhKF9VxrstH8Ququ0mK1a6sWoD7K_BLd9c-C5m0lGclIEeD96Sb4aSlXMfI0epqbwvV_7rCPJbvfpE9nais5d5r7EU6Rs51Pa5hA5no0DOZCdnVwaUWwAN4UQLb8WHJZ3Fg0Ncow2K7Ep_i9HH_a6vrqv5eRVYC95x2KzEIk0AJauz8fCwWo8bdeSBFMyj7t9zXw
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5718
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsJPlS_VIvluRHP3OQ3b2Q&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsJPlS_VIvluRHP3OQ3b2Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDytckCGMutq8oBMAE&v=APEucNX1EksdUfwjepo0rW_xuO5yvJf3-KzbviVwy5kUl61Cah3ILKMiSDYSWP76ictaMgDzId0ocyGxZpBJEZbndArSPhgAOZKo0_EximpS8SRXeaGdnDkTme0zCEeN_lgGFoWFHN3S8mZ1yL_m41-dtQoq5QvuRO6sM0W5ceD5ZmvBZNpRXQbnzYcmj7VcKqhSuN8efneoHVVnaN_GyN3m-KfeVOC1Dg
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a9177dfb4072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGqKMbIVSHwcrLfiAXHmQvN3eEq3We8J0%2FKvJLj5%2Fq2wm0s93gA8VtIDlaiFViWfnV6DHeANp1SRFDjxZItg9A8iZ1eAHBNNY%2FpFEGVnJpkhZwZm592bhSILICchOiz6VlYEjWwjaSDOHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsJPlS_VIvluRHP3OQ3b2Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5718
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzESJrEZEq9GDHQcFbh0DgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsJPlS_VIvluRHP3OQ3b2Q&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsJPlS_VIvluRHP3OQ3b2Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDytckCGMutq8oBMAE&v=APEucNX1EksdUfwjepo0rW_xuO5yvJf3-KzbviVwy5kUl61Cah3ILKMiSDYSWP76ictaMgDzId0ocyGxZpBJEZbndArSPhgAOZKo0_EximpS8SRXeaGdnDkTme0zCEeN_lgGFoWFHN3S8mZ1yL_m41-dtQoq5QvuRO6sM0W5ceD5ZmvBZNpRXQbnzYcmj7VcKqhSuN8efneoHVVnaN_GyN3m-KfeVOC1Dg
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a9182e474072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNJfIbgPwcwUQ7XW%2B2BLQRLl813TIwxqFGkR5MD6P5VNGYvheV%2BXdOgFUTbb7GA8D0Y%2FpAMQ6wa1728H0GwcLFoKxFtuYpwvthNZxESQ9ZAnRffETSzTKA5alQq4el8GQ1sLdVvg2YEjNA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsJPlS_VIvluRHP3OQ3b2Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5718
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJFsG76ByZPNX36RriDJAmc&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJFsG76ByZPNX36RriDJAmc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDytckCGMutq8oBMAE&v=APEucNX1EksdUfwjepo0rW_xuO5yvJf3-KzbviVwy5kUl61Cah3ILKMiSDYSWP76ictaMgDzId0ocyGxZpBJEZbndArSPhgAOZKo0_EximpS8SRXeaGdnDkTme0zCEeN_lgGFoWFHN3S8mZ1yL_m41-dtQoq5QvuRO6sM0W5ceD5ZmvBZNpRXQbnzYcmj7VcKqhSuN8efneoHVVnaN_GyN3m-KfeVOC1Dg
Protocol
HTTP/1.1
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:55 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
6771ae4d-c683-4a89-8e96-e731aef0d45d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJFsG76ByZPNX36RriDJAmc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5718
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxNzYwMDc0NTg5MjQ2MzgyNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxNzYwMDc0NTg5MjQ2MzgyNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDytckCGMutq8oBMAE&v=APEucNX1EksdUfwjepo0rW_xuO5yvJf3-KzbviVwy5kUl61Cah3ILKMiSDYSWP76ictaMgDzId0ocyGxZpBJEZbndArSPhgAOZKo0_EximpS8SRXeaGdnDkTme0zCEeN_lgGFoWFHN3S8mZ1yL_m41-dtQoq5QvuRO6sM0W5ceD5ZmvBZNpRXQbnzYcmj7VcKqhSuN8efneoHVVnaN_GyN3m-KfeVOC1Dg
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:55 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
c19697e3-3b73-4f85-9973-80baf84f6460
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxNzYwMDc0NTg5MjQ2MzgyNA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame D929 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-j8jDj7RrH29IYoHDnGh0C40t_XW6PNUOps0fHoMvSkjppM7oDJEXMLnL6944L9sDCsaQd7AhV8zeIZwZm_Da4axLaT2EqgxbNX9W5O-W7DqNSszhiavnSIBf7LILcVoGJyE52-iWekDbUvejuIfo5zpYIw&cry=1&dbm_d=AKAmf-CmLCMJrDBPO_9zlmttrJIdl5-VyxyYkazDNFx8ScJKsz-Tc_bMqKfxcJOKe9at0UgUVS7oGXuxdlfxgp9bzkVp39ae0yZn8IrZrmEdkHMG2NmQAwBr2pza-NDqG3trS82DVKZum2xFdGgBvrZKBaEOmz3JzLGiSlv5ZZ6SwY_H01zQbbraVO50ZIMw015N_u-H5HRzWIuYl62EsCBTdV1NGttgUgF-t_atg4ufEMxvA6tS9KQUcToUTL6SwgAG5CxtGAxuH484AH9lngR7A8DLLpXgZ9LA3_nPb8nKB2mlyvnB3hrjn2gM1orMl6NPGCMDlgoVJQhpUx7RDDGTUciXjJsd5EPSTLM2AsqaksneHz2vGKXvpQTFfFa_OuE3RTRp7uz9EW_nxQt0uAqapA4XqiZsPgxQGk3BxWUYf14G1LagVyo-RzGnvVMykbKmuJJ_Ky1-kcrvzd3LELPr1odvPZNXv3y8fn3DUhQoB8HRtVxQAjgtWB991ccUFB-Jh9qtwWGf-Ep7w62ppBChMCxHkUaGr6luZ26owt9p17pyqy-9kZizYWpTuvFf9WOPnXrPqmBzFkMqfiSDShyO6ZGt9bv6nnNduGSoPRiJKVrcq_I5f59G9xRXOF3KdeCXj32b7fWtKHilfR_5yqv9IE1Z5p3C6v7sfjPQTcxDjf-j14FAol3V5jiYuxfChaC75clBa3VV9ngP0z2fKQVK_xpC6YaXQFQPuOwzyxvVTKhYMxtrJ21U5XS58xE29n7_-JmUR-5-eN3Dbr_nvedE0hoI9qNrUzcronX4paEEk3JnikdbU2kvgPpyeMHFXncfWSWcoxN4bBNEpA68iakxbpIoBrrLntaRhegz2rUhwu_LqpR1tGG1lo_urrwDcgpTNgUVeEeaTLTiJDBNDccBWcs5a6ImVyracRXsZ9HA9AiBA29LNyMUhOPQG_LVdKTXhaweSeyI7tEHH4t6lKMvfZ-HElsUJbkvxz3ENg6uWsOZ5Ypg5m6Yy6mNQxsQMe3wGReeNVytksPZQyv-d3KPMSE2jJXUFxtOLZQEhXeBbACZyke95brcTZfsobVZMUl_ubI8PtaajmET1pxNxO3N4CbRBRvVUhkmm9vEkqSzTSJLNsSoZ2zJ2vMpPImQjigNrv4eb-UzaEP9S77FaDQCaFQKAx-AzPGzJk4JWfqxUwRo5R194mE7R0QmNdHHGhuNSUqShu1C5Em2zIb2U31N5Yy9bprS_sxtBHYSI_nz8v_L4q2V40C9-oTXd-N5_6NLHY83zHP4qWyIZWJYNvbuly8D-EiCXRxzXkCMyCIyYqivR94zV4N-mn7Ux3LxwsXqfz316Bk7q8KIZQpe33SuDe57GUC3JGd_ksc6WpDRyHYWnsNLFXqzYcYVxYjqF7MySIF6BA-jT8fpdyzYQ1JzBu2XOAHLu54FYpmIEnZl4GGFZg79VlTRwEkYTTinE4Asr2C2dW0Uq4rH-v1EvfKYrb28_w_XHUhAk1m70jx4jM20yYH32XbVH9NkgU-sz3SfmL5BI_j427c2mU0N7Sho2EBhijC94I63GTINbM01dNAO4nOmggF0s-CI_Qr4PUnYj48En5NSiekPnWFfct4-ByndvBvpjEzwjrU6vC0BRJlZe1lku5swYnzof978B-z8Q8U8CNBf4gfWohDUyeB9bzU67BpoDPz2AlDBH3XTn7OpgAGK-P_QwKLkJUwRZJjxib6Z_jKBh0La0vLT4I1fJHtUbhaUwyIK6Azo9o7vlJg6D16Y0Gvi4_aW-AOq6Z0vZidIHdKaJH2ATPu_6lApK8YG3GaBDs0Pth4Fd5lhbPLUh0c-HbyR-RQHbFAbzB63aYZkGrxdYSlgDR58dV3ijft-jvO2aVLWaPhy1xZbaGj84mO7b2dwHD_m3JlQKRf0AyvQMphNlMWoKqrA2wzMlNn-RWYAgeJrbgOu8CNCu4g7eWmZ7L-tE3amyLM8pmpzmGUu-e4QNTrj2hqcOQokBzB0XQdFnGKML5tHifVra67D1fCD84nNcW-9MQ68JptKQP7Ek4il8-6VvHab4IWEPvpqnyWj5tu7wcOwC7gORlgkGdtbRtM0ockNLJhx9ZbEqx_LrdeM1m7OLBxVV4S_bTl8qM8mQQVt57aAf52GR595Ar-oaIdXVPdDvz-iAEFdY_wuBsQyQ4uJilrWpOJdByRh0nMXBpskdqcbIwbzjZmZUrh8jLyDX42kLXOKTf6fNuOpnY1qT47puiMXd1jrO3WOpFOgxfZ1q_CAZoCWtjExeKC5TlWc3HV-i_vo7RB-zLJUjWcd1I4Vle38HibY6YBk9im6V7qLFXMF10BXpN4qnQDJyegK__f8iZIdbSI6puxJ37q3NOyNEKH_Lvx5N_8vFZSa5-BR0pAzclm67QxdS3GMXHCQck7vNWOqxjlCUZ4rYmpExQxfwHLTRt7z-WUjqMJfi2QZj3zhvCqgsT9TWZ3GjR-qAr-gdt0D9VdaeuQYmKpzNj-jOafJa4i7Xcpm6g0CHdfKyEK_CEgE2niuHOKjz7Ra7nnjRPOKHLMhwERf_vhO1Ism_zsjABc--1RjzetmewwQ3pCY1tJVMWBO8K1VmVAjsfYNSC9_qWYrzSL02_pRGy4vUf6g3zK7MZPJKhvOcqZCkK6Rrzn3HU7vI64igfgUfpqvAQdJwUvf6RGLKB_qiconwy6wrVnVSePaVoNnTJaxocF8grVyMCNfTXXCDVu1egM7EKLdf5-OyTJkjLIC8QLa_Ui4o9CgTrQZCpsqitZbO1nOiG3FEZkyOFkkms2hqWJzqRbhM4_R1EYXGOlgt8qw9sdGYxmkp1kIpJb8HyV2Aca80NKrXgNACH5FTbjXPECyuFdZgYE00ldELsZEHo7yh85_bhLBJ65-uHEQ6A1FoNZgp9A6E5wLJrZIwLnJg0vu-7v5Iu6FDNV30LelSG2GEOCTK-i_z-2VDoUGND9Snefhbw5QDY5d1OTX9dhM4iYTiLJhaWUKRgusSn10LhPWnv40Dh-WvPl7jLOm3zYYz10rXXq6KS3_YiZQBAz-1L8Vaf7wL7Kq5E6pXgV-ojFINOA43CI44UmvSkTzhs5PjUSRSwx3EwlnttdYR9eo5y6GWlk8s3hr2FUi-B9m16y4_j6cQG6eQ2hXfJXb-I5XEqZkb5D8wL7EouE_6VdlxkWuPPiBerdpoBvgzxG23spsJVbXhsQJJRmRYqFAFaEKkNec5jNdtYigjiTgpGYRpLznJK2sK2q9Kpd2ct14r7AtaCjILqwt0-rhM9-3QTzkFRW97yKOCPdxTuflGwtdkl6Ww2jpUk6iy-fEhGlr5x9rebnMBLxJ_fPYDlux0R2ki-MPR_XY4yCw8GwsqHaqJAaMfLK3XjxaRyhaYJqGKk0fVca5bRcz53b4OoScNb3jOAeEvLYkV9cdLoAsZC4DCB2r1TH93RK1TjTDmzEg0cyernpYcehBk0UIKr9r1HFuE74B9lcdCHDorSUcTdWY0AXn9OfaWBKhI3ZfYFE9D6tQ3aS4-B4fL13w--8oxaUWtk7wSM2cn_5lP1Qrhvg0YByOWbHzSGhZlB-7syN_IN92NlJchiz4g5NGeyCel0eBSYZstKHFPhkaw2FjyQX5tIV_qkEgnNExesMeYDCwjEfrGcYXKiW4k1FHZ88z7zqRLRMlAQGhMoVmDoyF1xZVayeLspCZzHRRyxx6C2Htpm59dQjf8jQsfDD_yzzPYldri9-idm36fzM9O038ZDvC1fpQ1W6sg84Z-2XzGzfcVcgN9s4WLJ4lyBnPOKCphRJQpvR6Tm10b-I0tIjL-7k&cid=CAASJORoitxwKUw9G8n8HfoeekGtMzoo3DWIwUGvXjkbNnW5nBEtZQ&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
server
cafe
etag
16554960040364120486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 02:37:28 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D929 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-j8jDj7RrH29IYoHDnGh0C40t_XW6PNUOps0fHoMvSkjppM7oDJEXMLnL6944L9sDCsaQd7AhV8zeIZwZm_Da4axLaT2EqgxbNX9W5O-W7DqNSszhiavnSIBf7LILcVoGJyE52-iWekDbUvejuIfo5zpYIw&cry=1&dbm_d=AKAmf-CmLCMJrDBPO_9zlmttrJIdl5-VyxyYkazDNFx8ScJKsz-Tc_bMqKfxcJOKe9at0UgUVS7oGXuxdlfxgp9bzkVp39ae0yZn8IrZrmEdkHMG2NmQAwBr2pza-NDqG3trS82DVKZum2xFdGgBvrZKBaEOmz3JzLGiSlv5ZZ6SwY_H01zQbbraVO50ZIMw015N_u-H5HRzWIuYl62EsCBTdV1NGttgUgF-t_atg4ufEMxvA6tS9KQUcToUTL6SwgAG5CxtGAxuH484AH9lngR7A8DLLpXgZ9LA3_nPb8nKB2mlyvnB3hrjn2gM1orMl6NPGCMDlgoVJQhpUx7RDDGTUciXjJsd5EPSTLM2AsqaksneHz2vGKXvpQTFfFa_OuE3RTRp7uz9EW_nxQt0uAqapA4XqiZsPgxQGk3BxWUYf14G1LagVyo-RzGnvVMykbKmuJJ_Ky1-kcrvzd3LELPr1odvPZNXv3y8fn3DUhQoB8HRtVxQAjgtWB991ccUFB-Jh9qtwWGf-Ep7w62ppBChMCxHkUaGr6luZ26owt9p17pyqy-9kZizYWpTuvFf9WOPnXrPqmBzFkMqfiSDShyO6ZGt9bv6nnNduGSoPRiJKVrcq_I5f59G9xRXOF3KdeCXj32b7fWtKHilfR_5yqv9IE1Z5p3C6v7sfjPQTcxDjf-j14FAol3V5jiYuxfChaC75clBa3VV9ngP0z2fKQVK_xpC6YaXQFQPuOwzyxvVTKhYMxtrJ21U5XS58xE29n7_-JmUR-5-eN3Dbr_nvedE0hoI9qNrUzcronX4paEEk3JnikdbU2kvgPpyeMHFXncfWSWcoxN4bBNEpA68iakxbpIoBrrLntaRhegz2rUhwu_LqpR1tGG1lo_urrwDcgpTNgUVeEeaTLTiJDBNDccBWcs5a6ImVyracRXsZ9HA9AiBA29LNyMUhOPQG_LVdKTXhaweSeyI7tEHH4t6lKMvfZ-HElsUJbkvxz3ENg6uWsOZ5Ypg5m6Yy6mNQxsQMe3wGReeNVytksPZQyv-d3KPMSE2jJXUFxtOLZQEhXeBbACZyke95brcTZfsobVZMUl_ubI8PtaajmET1pxNxO3N4CbRBRvVUhkmm9vEkqSzTSJLNsSoZ2zJ2vMpPImQjigNrv4eb-UzaEP9S77FaDQCaFQKAx-AzPGzJk4JWfqxUwRo5R194mE7R0QmNdHHGhuNSUqShu1C5Em2zIb2U31N5Yy9bprS_sxtBHYSI_nz8v_L4q2V40C9-oTXd-N5_6NLHY83zHP4qWyIZWJYNvbuly8D-EiCXRxzXkCMyCIyYqivR94zV4N-mn7Ux3LxwsXqfz316Bk7q8KIZQpe33SuDe57GUC3JGd_ksc6WpDRyHYWnsNLFXqzYcYVxYjqF7MySIF6BA-jT8fpdyzYQ1JzBu2XOAHLu54FYpmIEnZl4GGFZg79VlTRwEkYTTinE4Asr2C2dW0Uq4rH-v1EvfKYrb28_w_XHUhAk1m70jx4jM20yYH32XbVH9NkgU-sz3SfmL5BI_j427c2mU0N7Sho2EBhijC94I63GTINbM01dNAO4nOmggF0s-CI_Qr4PUnYj48En5NSiekPnWFfct4-ByndvBvpjEzwjrU6vC0BRJlZe1lku5swYnzof978B-z8Q8U8CNBf4gfWohDUyeB9bzU67BpoDPz2AlDBH3XTn7OpgAGK-P_QwKLkJUwRZJjxib6Z_jKBh0La0vLT4I1fJHtUbhaUwyIK6Azo9o7vlJg6D16Y0Gvi4_aW-AOq6Z0vZidIHdKaJH2ATPu_6lApK8YG3GaBDs0Pth4Fd5lhbPLUh0c-HbyR-RQHbFAbzB63aYZkGrxdYSlgDR58dV3ijft-jvO2aVLWaPhy1xZbaGj84mO7b2dwHD_m3JlQKRf0AyvQMphNlMWoKqrA2wzMlNn-RWYAgeJrbgOu8CNCu4g7eWmZ7L-tE3amyLM8pmpzmGUu-e4QNTrj2hqcOQokBzB0XQdFnGKML5tHifVra67D1fCD84nNcW-9MQ68JptKQP7Ek4il8-6VvHab4IWEPvpqnyWj5tu7wcOwC7gORlgkGdtbRtM0ockNLJhx9ZbEqx_LrdeM1m7OLBxVV4S_bTl8qM8mQQVt57aAf52GR595Ar-oaIdXVPdDvz-iAEFdY_wuBsQyQ4uJilrWpOJdByRh0nMXBpskdqcbIwbzjZmZUrh8jLyDX42kLXOKTf6fNuOpnY1qT47puiMXd1jrO3WOpFOgxfZ1q_CAZoCWtjExeKC5TlWc3HV-i_vo7RB-zLJUjWcd1I4Vle38HibY6YBk9im6V7qLFXMF10BXpN4qnQDJyegK__f8iZIdbSI6puxJ37q3NOyNEKH_Lvx5N_8vFZSa5-BR0pAzclm67QxdS3GMXHCQck7vNWOqxjlCUZ4rYmpExQxfwHLTRt7z-WUjqMJfi2QZj3zhvCqgsT9TWZ3GjR-qAr-gdt0D9VdaeuQYmKpzNj-jOafJa4i7Xcpm6g0CHdfKyEK_CEgE2niuHOKjz7Ra7nnjRPOKHLMhwERf_vhO1Ism_zsjABc--1RjzetmewwQ3pCY1tJVMWBO8K1VmVAjsfYNSC9_qWYrzSL02_pRGy4vUf6g3zK7MZPJKhvOcqZCkK6Rrzn3HU7vI64igfgUfpqvAQdJwUvf6RGLKB_qiconwy6wrVnVSePaVoNnTJaxocF8grVyMCNfTXXCDVu1egM7EKLdf5-OyTJkjLIC8QLa_Ui4o9CgTrQZCpsqitZbO1nOiG3FEZkyOFkkms2hqWJzqRbhM4_R1EYXGOlgt8qw9sdGYxmkp1kIpJb8HyV2Aca80NKrXgNACH5FTbjXPECyuFdZgYE00ldELsZEHo7yh85_bhLBJ65-uHEQ6A1FoNZgp9A6E5wLJrZIwLnJg0vu-7v5Iu6FDNV30LelSG2GEOCTK-i_z-2VDoUGND9Snefhbw5QDY5d1OTX9dhM4iYTiLJhaWUKRgusSn10LhPWnv40Dh-WvPl7jLOm3zYYz10rXXq6KS3_YiZQBAz-1L8Vaf7wL7Kq5E6pXgV-ojFINOA43CI44UmvSkTzhs5PjUSRSwx3EwlnttdYR9eo5y6GWlk8s3hr2FUi-B9m16y4_j6cQG6eQ2hXfJXb-I5XEqZkb5D8wL7EouE_6VdlxkWuPPiBerdpoBvgzxG23spsJVbXhsQJJRmRYqFAFaEKkNec5jNdtYigjiTgpGYRpLznJK2sK2q9Kpd2ct14r7AtaCjILqwt0-rhM9-3QTzkFRW97yKOCPdxTuflGwtdkl6Ww2jpUk6iy-fEhGlr5x9rebnMBLxJ_fPYDlux0R2ki-MPR_XY4yCw8GwsqHaqJAaMfLK3XjxaRyhaYJqGKk0fVca5bRcz53b4OoScNb3jOAeEvLYkV9cdLoAsZC4DCB2r1TH93RK1TjTDmzEg0cyernpYcehBk0UIKr9r1HFuE74B9lcdCHDorSUcTdWY0AXn9OfaWBKhI3ZfYFE9D6tQ3aS4-B4fL13w--8oxaUWtk7wSM2cn_5lP1Qrhvg0YByOWbHzSGhZlB-7syN_IN92NlJchiz4g5NGeyCel0eBSYZstKHFPhkaw2FjyQX5tIV_qkEgnNExesMeYDCwjEfrGcYXKiW4k1FHZ88z7zqRLRMlAQGhMoVmDoyF1xZVayeLspCZzHRRyxx6C2Htpm59dQjf8jQsfDD_yzzPYldri9-idm36fzM9O038ZDvC1fpQ1W6sg84Z-2XzGzfcVcgN9s4WLJ4lyBnPOKCphRJQpvR6Tm10b-I0tIjL-7k&cid=CAASJORoitxwKUw9G8n8HfoeekGtMzoo3DWIwUGvXjkbNnW5nBEtZQ&rfl=1%2Chttps%253A%252F%252Fsubject.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 08:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
323430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 08:54:25 GMT
iframe_api
www.youtube.com/ 		992 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f82e361d5c2f3b8fed3e54d1aebd1669c6d311356164679e3d6966dc552e6e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Mon, 26 Sep 2022 02:44:55 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=251655650&t=timing&_s=3&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_vdo.player.js&utl=subject&utt=824&_u=SACAAUABC~&jid=&gjid=&cid=2035559868.1664160293&tid=UA-113932176-40&_gid=2021730375.1664160293&gtm=2ou9l0&z=2059603884
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 05:04:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78022
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=251655650&t=timing&_s=4&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_rtb_v6.24.1.js&utl=subject&utt=839&_u=SACAAUABC~&jid=&gjid=&cid=2035559868.1664160293&tid=UA-113932176-40&_gid=2021730375.1664160293&gtm=2ou9l0&z=272805005
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 05:04:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78022
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1648810245326246d905ebe51.png
h5.vdo.ai/media_file/subject/source/uploads/thumbnails/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/thumbnails/1648810245326246d905ebe51.png
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash
2b14b918bb31b4672d92b0287ed00c91c74e5d315759da2deb6028b0b4e9f909

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 02:44:55 GMT
Last-Modified
Fri, 01 Apr 2022 10:50:46 GMT
Server
nginx/1.16.1
ETag
"6246d906-e1af"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
57775
Expires
Tue, 26 Sep 2023 02:44:55 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame 9814 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.342161331;dc_ver=91.268;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=943508953;ord=7h1nnt;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjMCJJhIxY42IFdfJgAfz3Kj4CePA4sFs3LCE2PAQnZKDkqAlEAEgqoDDImC7hoCA0AqgAfiv_ssCyAEJqQJM986DoDeyPqgDAaoE8wFP0PCr38-tZQBWE9sCIS63cKpTFnAS-7tsv8lZKh5f9UXZ4OjigWfeSBGUicd2T53h5-WYMQVRFQLfGNyBUdYDv7BxJfoPusxtHta835w9_b6BKusaJvapxOew2iBSU-k5J2AZvq7vVaMlo0bAdR4c0CgUU8VKkewxhi47NVaIB6AK3gRIVII0_PU_GtTEpH646nKlIBbDjeOGHQrbmbDO_74GLbyy_ZxLNoJh2ug6s0mmy1RV0WuizhACKnbtQddvNSFA8Swg3uJ5dL6NVzYJkWFU9eCzrHWazFjiuuzTjoQj1lMsH89x3sxecnRw9pJ1SanABPWnvdPTA-AEA5AGAaAGTYAH8M-BtAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTkxOTIyMjE3NzYwOTUyMjOACgOYCwHICwGADAGwE-X6zxDQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORolrIQskAyjKHs4XCAVbXJwJBD00bknjxWjpuNmERWalCUCQ%26sig%3DAOD64_1xqDq2ltabioht7d4TiM8bM4_gxw%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-AD0kIuX2jMnBhHGF7vwhbZ9PorQSwcVrVrQkMeB8MeNqZShe4oEGi-Ru57hGuC796ibsyR8yn8t980SFh-c4mGUlI3mRmaAxN8bXS21pZ6pPWJsCRwlHNIITQYOslb-EiNLmVJpGpQhimbQuPfVo-ARN_8E4oppFVab8nNG4Sj96eNv_E%26cry%3D1%26dbm_d%3DAKAmf-AIpx9Y2joZxSrU7HOJKD0_JAfOCob7j9Cdrrcodp1XcSzi_M0xQURG14pQEnG-5cZZYMVwGXbLqHY5MmcJhoi9yX93XmU2b4kM9kzy8_5X4gnBYrZAsqNmVmShp7YPkxXMxkul51EZhqU1eRksOxwPEgJE4OU0c36bruZVQZ5GPPZSLaifZCqfXNdjgudNBuOp0Jv8qKUvB6YS9epDwq89Be7dTmKSeWRrsJ_wORFziIu-zokqU2vlpCpxfFiwdbhpD3uGAdccPQngmuHDcGhVpA739xT-ZGz3Sjxj36tKdKg2JSzYP2IN5wo3aOaFZ7-re7XnJuVHabvvhM3oxKkBtWZNy7EHyXIhNJxtzdpZHkjlwhA3y2HHuzHtm3uGaoUCHoiJ4k-FVqUGvyZkCdP2o6HV1zVVPL5jSHmPD-H9L2QRxN3b-2EChG4zNOSVatlcE90NRgu0-1J16aVHuN4qHRU66VP-SMbJyICFSrdum3Bnpea_Sy98DRFnhbtD070WWlKpw176k4QqdAyES8HRyYw2JRRTTiHWnW0FVxu1AtITgzKR4mK-SrcaOyBrU0gDKz8q%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fsubject.com.ua%2F$0;xdt=1;crlt=BtLkq2eQR1;stc=1;chaa=1;sttr=74;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:41:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
215
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 02:41:20 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9814 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv6TZcegl0PJIDUX7k3CVZmHo_63yiIeuSRDU-mdFEV_4kVCGnn7nKTu8_upLMAujF4jpHV5TOx5LACyjiA7qwzJsVuU2I28ZWPKXLMW56BRuW7CtopAwK9P-NqS8Bp4XIx5sBENnoI6XJgCHq56MwCA5yC44XqxQ&sig=Cg0ArKJSzOjudRM_FDmiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220921.74728&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.342161331;dc_ver=91.268;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=943508953;ord=7h1nnt;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjMCJJhIxY42IFdfJgAfz3Kj4CePA4sFs3LCE2PAQnZKDkqAlEAEgqoDDImC7hoCA0AqgAfiv_ssCyAEJqQJM986DoDeyPqgDAaoE8wFP0PCr38-tZQBWE9sCIS63cKpTFnAS-7tsv8lZKh5f9UXZ4OjigWfeSBGUicd2T53h5-WYMQVRFQLfGNyBUdYDv7BxJfoPusxtHta835w9_b6BKusaJvapxOew2iBSU-k5J2AZvq7vVaMlo0bAdR4c0CgUU8VKkewxhi47NVaIB6AK3gRIVII0_PU_GtTEpH646nKlIBbDjeOGHQrbmbDO_74GLbyy_ZxLNoJh2ug6s0mmy1RV0WuizhACKnbtQddvNSFA8Swg3uJ5dL6NVzYJkWFU9eCzrHWazFjiuuzTjoQj1lMsH89x3sxecnRw9pJ1SanABPWnvdPTA-AEA5AGAaAGTYAH8M-BtAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTkxOTIyMjE3NzYwOTUyMjOACgOYCwHICwGADAGwE-X6zxDQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORolrIQskAyjKHs4XCAVbXJwJBD00bknjxWjpuNmERWalCUCQ%26sig%3DAOD64_1xqDq2ltabioht7d4TiM8bM4_gxw%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-AD0kIuX2jMnBhHGF7vwhbZ9PorQSwcVrVrQkMeB8MeNqZShe4oEGi-Ru57hGuC796ibsyR8yn8t980SFh-c4mGUlI3mRmaAxN8bXS21pZ6pPWJsCRwlHNIITQYOslb-EiNLmVJpGpQhimbQuPfVo-ARN_8E4oppFVab8nNG4Sj96eNv_E%26cry%3D1%26dbm_d%3DAKAmf-AIpx9Y2joZxSrU7HOJKD0_JAfOCob7j9Cdrrcodp1XcSzi_M0xQURG14pQEnG-5cZZYMVwGXbLqHY5MmcJhoi9yX93XmU2b4kM9kzy8_5X4gnBYrZAsqNmVmShp7YPkxXMxkul51EZhqU1eRksOxwPEgJE4OU0c36bruZVQZ5GPPZSLaifZCqfXNdjgudNBuOp0Jv8qKUvB6YS9epDwq89Be7dTmKSeWRrsJ_wORFziIu-zokqU2vlpCpxfFiwdbhpD3uGAdccPQngmuHDcGhVpA739xT-ZGz3Sjxj36tKdKg2JSzYP2IN5wo3aOaFZ7-re7XnJuVHabvvhM3oxKkBtWZNy7EHyXIhNJxtzdpZHkjlwhA3y2HHuzHtm3uGaoUCHoiJ4k-FVqUGvyZkCdP2o6HV1zVVPL5jSHmPD-H9L2QRxN3b-2EChG4zNOSVatlcE90NRgu0-1J16aVHuN4qHRU66VP-SMbJyICFSrdum3Bnpea_Sy98DRFnhbtD070WWlKpw176k4QqdAyES8HRyYw2JRRTTiHWnW0FVxu1AtITgzKR4mK-SrcaOyBrU0gDKz8q%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fsubject.com.ua%2F$0;xdt=1;crlt=BtLkq2eQR1;stc=1;chaa=1;sttr=74;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 02:44:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9814 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.342161331;dc_ver=91.268;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=943508953;ord=7h1nnt;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjMCJJhIxY42IFdfJgAfz3Kj4CePA4sFs3LCE2PAQnZKDkqAlEAEgqoDDImC7hoCA0AqgAfiv_ssCyAEJqQJM986DoDeyPqgDAaoE8wFP0PCr38-tZQBWE9sCIS63cKpTFnAS-7tsv8lZKh5f9UXZ4OjigWfeSBGUicd2T53h5-WYMQVRFQLfGNyBUdYDv7BxJfoPusxtHta835w9_b6BKusaJvapxOew2iBSU-k5J2AZvq7vVaMlo0bAdR4c0CgUU8VKkewxhi47NVaIB6AK3gRIVII0_PU_GtTEpH646nKlIBbDjeOGHQrbmbDO_74GLbyy_ZxLNoJh2ug6s0mmy1RV0WuizhACKnbtQddvNSFA8Swg3uJ5dL6NVzYJkWFU9eCzrHWazFjiuuzTjoQj1lMsH89x3sxecnRw9pJ1SanABPWnvdPTA-AEA5AGAaAGTYAH8M-BtAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTkxOTIyMjE3NzYwOTUyMjOACgOYCwHICwGADAGwE-X6zxDQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORolrIQskAyjKHs4XCAVbXJwJBD00bknjxWjpuNmERWalCUCQ%26sig%3DAOD64_1xqDq2ltabioht7d4TiM8bM4_gxw%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-AD0kIuX2jMnBhHGF7vwhbZ9PorQSwcVrVrQkMeB8MeNqZShe4oEGi-Ru57hGuC796ibsyR8yn8t980SFh-c4mGUlI3mRmaAxN8bXS21pZ6pPWJsCRwlHNIITQYOslb-EiNLmVJpGpQhimbQuPfVo-ARN_8E4oppFVab8nNG4Sj96eNv_E%26cry%3D1%26dbm_d%3DAKAmf-AIpx9Y2joZxSrU7HOJKD0_JAfOCob7j9Cdrrcodp1XcSzi_M0xQURG14pQEnG-5cZZYMVwGXbLqHY5MmcJhoi9yX93XmU2b4kM9kzy8_5X4gnBYrZAsqNmVmShp7YPkxXMxkul51EZhqU1eRksOxwPEgJE4OU0c36bruZVQZ5GPPZSLaifZCqfXNdjgudNBuOp0Jv8qKUvB6YS9epDwq89Be7dTmKSeWRrsJ_wORFziIu-zokqU2vlpCpxfFiwdbhpD3uGAdccPQngmuHDcGhVpA739xT-ZGz3Sjxj36tKdKg2JSzYP2IN5wo3aOaFZ7-re7XnJuVHabvvhM3oxKkBtWZNy7EHyXIhNJxtzdpZHkjlwhA3y2HHuzHtm3uGaoUCHoiJ4k-FVqUGvyZkCdP2o6HV1zVVPL5jSHmPD-H9L2QRxN3b-2EChG4zNOSVatlcE90NRgu0-1J16aVHuN4qHRU66VP-SMbJyICFSrdum3Bnpea_Sy98DRFnhbtD070WWlKpw176k4QqdAyES8HRyYw2JRRTTiHWnW0FVxu1AtITgzKR4mK-SrcaOyBrU0gDKz8q%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fsubject.com.ua%2F$0;xdt=1;crlt=BtLkq2eQR1;stc=1;chaa=1;sttr=74;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 08:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
323430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 08:54:25 GMT
3878730095635798391
s0.2mdn.net/simgad/ Frame 9814 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3878730095635798391
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c015e85cfaf9d0c119dd2db63cccde6b5d90a512e8b346e35b688ef06ba99138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 23:03:03 GMT
x-content-type-options
nosniff
age
445312
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118381
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 16:52:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 23:03:03 GMT
/
d.agkn.com/pixel/2387/ Frame 9814 		43 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/2387/?ct=UK&st=&city=0&dma=0&zp=M32&bw=4&che=1457829378&col=27487152,1108532,342161331,534718827,175628359
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.16.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-16-92.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:55 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 Jan 2000 00:00:00 GMT
1648810245326246d905ebe51.m3u8
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.m3u8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Mon, 26 Sep 2022 02:44:55 GMT
Expires
Tue, 26 Sep 2023 02:44:55 GMT
Server
nginx/1.16.1
1648810245326246d905ebe51.m3u8
h5.vdo.ai/media_file/subject/source/uploads/videos/ 		48 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.m3u8
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash
46b759ba547d4f5f9b135f5f1e004b31472f962d3cc3293641e00a7e06c61dcc

Request headers

Referer
https://subject.com.ua/
vdoai
true
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 02:44:55 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Jul 2022 00:37:11 GMT
Server
nginx/1.16.1
ETag
W/"62e47d37-bf80"
Transfer-Encoding
chunked
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Tue, 26 Sep 2023 02:44:55 GMT
main.19.8.352.js
static.adsafeprotected.com/ Frame 9814 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.352.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=22571342&campId=15011189519&pubId=1&chanId=42757578513&placementId=442204584&dealId=549644393847897261&adsafe_par&impId=ABAjH0gBz1JF1V01RkLttkL1Ajiq&bidurl=https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 16:51:38 GMT
content-encoding
gzip
age
813198
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 16 Sep 2022 14:19:29 GMT
server
AmazonS3
etag
W/"067a9552174cd536b5cfa4275edeb714"
vary
Accept-Encoding
x-amz-version-id
FMIaS.d5OYtGezR2pElSzU33tDJuO5Hk
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
vJvoWakzYX3cC-IkugzNCuOA8izUhZKXE66Q__WJ1NIdyp4zcuFWOQ==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 08AD 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
55420
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 25 Sep 2022 11:21:15 GMT
etag
48472445140208031
expires
Mon, 26 Sep 2022 11:21:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9814 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab77f5ce1a91a962330ef7acfbe2ef27e0c8ef292ced6d8cac24cc90723ee92e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
c8666a99-cb61-4ebc-ac3b-c2f7fb1781cf
https://subject.com.ua/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://subject.com.ua/c8666a99-cb61-4ebc-ac3b-c2f7fb1781cf
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13578d1af4231b0fe1dce97d8c588932ffd2f70cd593575640a8315463bd2c37

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
5417
Content-Type
application/javascript
82657295-5a25-4883-8e37-73a531fe397b
https://subject.com.ua/ 		75 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://subject.com.ua/82657295-5a25-4883-8e37-73a531fe397b
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
77017
Content-Type
application/javascript
f2a8a7c8-4e97-4c86-b830-7bf62c43274a
https://subject.com.ua/ 		75 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://subject.com.ua/f2a8a7c8-4e97-4c86-b830-7bf62c43274a
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
77017
Content-Type
application/javascript
bridge3.532.0_en.html
imasdk.googleapis.com/js/core/ Frame 6451 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23091133c2c9c43412cf7ee8e2471a7cba775e981334be7d13b0d78d9babc5a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
491243
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211807
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Sep 2022 10:17:32 GMT
expires
Wed, 20 Sep 2023 10:17:32 GMT
last-modified
Tue, 20 Sep 2022 10:12:09 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 26 Sep 2022 02:44:55 GMT
logger
analytics.vdo.ai/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.0.108.65.clients.your-server.de
Software
openresty/1.19.9.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 26 Sep 2022 02:44:55 GMT
Server
openresty/1.19.9.1
Connection
keep-alive
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
logo.svg
a.vdo.ai/core/assets/img/ 		1 KB
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vdo.ai/core/assets/img/logo.svg
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.105.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
via
1.1 varnish-v4
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7508a919eb387318-LHR
x-cache
HIT
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 02 Mar 2020 08:12:49 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDPciusVvnKu0Q%2FwzqwSH7MbLt4w%2BPyDnLku1WOX7S4oUWxI9Bhjb8KH9MTTHrIfBz7vlICMkR4zTqQJMpyzTI7k7p92JkTRBKR%2FVzY9SsMnCjtLfcAUEeMATA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
52669812 48096967
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
public, max-age=1800
access-control-allow-credentials
true
content-type
image/svg+xml
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
dcmads.js
www.googletagservices.com/dcm/ Frame D929
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1042432/63102463/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fsubject.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F3e9a5eca38fdecb31d74d8d...
  • https://www.googletagservices.com/dcm/dcmads.js
28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:32:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
753
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10831
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 13:41:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 26 Sep 2022 03:32:22 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
x-server-name
app03.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://www.googletagservices.com/dcm/dcmads.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.6.2.js
static.adsafeprotected.com/ Frame BCCB 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
content-encoding
gzip
age
385719
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
iPa36UphVYZ5zW7oMMWFrYSA_GD3LaJyK8TnFX5T5nYtONMaFVpNtQ==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5F9B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
323407
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 08:54:48 GMT
expires
Fri, 22 Sep 2023 08:54:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9814 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv6TZcegl0PJIDUX7k3CVZmHo_63yiIeuSRDU-mdFEV_4kVCGnn7nKTu8_upLMAujF4jpHV5TOx5LACyjiA7qwzJsVuU2I28ZWPKXLMW56BRuW7CtopAwK9P-NqS8Bp4XIx5sBENnoI6XJgCHq56MwCA5yC44XqxQ&sig=Cg0ArKJSzOjudRM_FDmiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=192&vt=11&dtpt=192&dett=2&cstd=0&cisv=r20220921.74728&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.342161331;dc_ver=91.268;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=943508953;ord=7h1nnt;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjMCJJhIxY42IFdfJgAfz3Kj4CePA4sFs3LCE2PAQnZKDkqAlEAEgqoDDImC7hoCA0AqgAfiv_ssCyAEJqQJM986DoDeyPqgDAaoE8wFP0PCr38-tZQBWE9sCIS63cKpTFnAS-7tsv8lZKh5f9UXZ4OjigWfeSBGUicd2T53h5-WYMQVRFQLfGNyBUdYDv7BxJfoPusxtHta835w9_b6BKusaJvapxOew2iBSU-k5J2AZvq7vVaMlo0bAdR4c0CgUU8VKkewxhi47NVaIB6AK3gRIVII0_PU_GtTEpH646nKlIBbDjeOGHQrbmbDO_74GLbyy_ZxLNoJh2ug6s0mmy1RV0WuizhACKnbtQddvNSFA8Swg3uJ5dL6NVzYJkWFU9eCzrHWazFjiuuzTjoQj1lMsH89x3sxecnRw9pJ1SanABPWnvdPTA-AEA5AGAaAGTYAH8M-BtAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTkxOTIyMjE3NzYwOTUyMjOACgOYCwHICwGADAGwE-X6zxDQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORolrIQskAyjKHs4XCAVbXJwJBD00bknjxWjpuNmERWalCUCQ%26sig%3DAOD64_1xqDq2ltabioht7d4TiM8bM4_gxw%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-AD0kIuX2jMnBhHGF7vwhbZ9PorQSwcVrVrQkMeB8MeNqZShe4oEGi-Ru57hGuC796ibsyR8yn8t980SFh-c4mGUlI3mRmaAxN8bXS21pZ6pPWJsCRwlHNIITQYOslb-EiNLmVJpGpQhimbQuPfVo-ARN_8E4oppFVab8nNG4Sj96eNv_E%26cry%3D1%26dbm_d%3DAKAmf-AIpx9Y2joZxSrU7HOJKD0_JAfOCob7j9Cdrrcodp1XcSzi_M0xQURG14pQEnG-5cZZYMVwGXbLqHY5MmcJhoi9yX93XmU2b4kM9kzy8_5X4gnBYrZAsqNmVmShp7YPkxXMxkul51EZhqU1eRksOxwPEgJE4OU0c36bruZVQZ5GPPZSLaifZCqfXNdjgudNBuOp0Jv8qKUvB6YS9epDwq89Be7dTmKSeWRrsJ_wORFziIu-zokqU2vlpCpxfFiwdbhpD3uGAdccPQngmuHDcGhVpA739xT-ZGz3Sjxj36tKdKg2JSzYP2IN5wo3aOaFZ7-re7XnJuVHabvvhM3oxKkBtWZNy7EHyXIhNJxtzdpZHkjlwhA3y2HHuzHtm3uGaoUCHoiJ4k-FVqUGvyZkCdP2o6HV1zVVPL5jSHmPD-H9L2QRxN3b-2EChG4zNOSVatlcE90NRgu0-1J16aVHuN4qHRU66VP-SMbJyICFSrdum3Bnpea_Sy98DRFnhbtD070WWlKpw176k4QqdAyES8HRyYw2JRRTTiHWnW0FVxu1AtITgzKR4mK-SrcaOyBrU0gDKz8q%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fsubject.com.ua%2F$0;xdt=1;crlt=BtLkq2eQR1;stc=1;chaa=1;sttr=74;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 02:44:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dt
dt.adsafeprotected.com/ Frame 9814 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1168448&asId=2364d187-8cc3-fdb6-254f-f711c7ac0949&tv=%7Bc:phInD8,pingTime:-10,time:740,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1664160295782%7C%7C1accf2e463b8ffb830a9dd4c14bf6556%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Ce23bb8522ee2902d1ad8f6cbaecd041e%7C%7C228a5d0fb9f8e22fcd113fba1f3d3f7f%7C%7C24f6d95f1a0451c6afd6d4caa086fed9%7C%7C6f433aac70258e5340231f8088ae7f21%7C%7Cc664c862cc0dd78321a7123b325974c7%7C%7C1663701684%7D
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D929 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1042432&asId=1d95ce3a-456c-0ea4-a7cd-8397ee9c27f1&tv=%7Bc:phInDj,pingTime:-3,time:94,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:27%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:94,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B88~0%5D,as:%5B88~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tivl0nV+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1c3%7C1d*.1042432-63102463%7C1d1%7C1e%7C1f,idMap:1d*,rmeas:1,rend:0,renddet:svg.us,siq:28%7D&br=c
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D929 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1042432&asId=1d95ce3a-456c-0ea4-a7cd-8397ee9c27f1&tv=%7Bc:phInDk,pingTime:-6,time:95,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:95,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B89~0%5D,as:%5B89~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tivl0nV+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1c3%7C1d*.1042432-63102463%7C1d1%7C1e%7C1f,idMap:1d*,rmeas:1,rend:0,renddet:svg.us,siq:28%7D&tpiLookup=ao:subject.com.ua*&br=c
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
logger
analytics.vdo.ai/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.0.108.65.clients.your-server.de
Software
openresty/1.19.9.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 26 Sep 2022 02:44:55 GMT
Server
openresty/1.19.9.1
Connection
keep-alive
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
logger
analytics.vdo.ai/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.0.108.65.clients.your-server.de
Software
openresty/1.19.9.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 26 Sep 2022 02:44:55 GMT
Server
openresty/1.19.9.1
Connection
keep-alive
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
logger
analytics.vdo.ai/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.0.108.65.clients.your-server.de
Software
openresty/1.19.9.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 26 Sep 2022 02:44:55 GMT
Server
openresty/1.19.9.1
Connection
keep-alive
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
logger
analytics.vdo.ai/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.0.108.65.clients.your-server.de
Software
openresty/1.19.9.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 26 Sep 2022 02:44:55 GMT
Server
openresty/1.19.9.1
Connection
keep-alive
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=251655650&t=event&_s=5&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=pageview&el=subject&_u=SACAAUABC~&jid=&gjid=&cid=2035559868.1664160293&tid=UA-113932176-40&_gid=2021730375.1664160293&gtm=2ou9l0&z=396602364
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 05:04:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78022
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=251655650&t=event&_s=6&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=website_pageview&el=subject&_u=SACAAUABC~&jid=&gjid=&cid=2035559868.1664160293&tid=UA-113932176-40&_gid=2021730375.1664160293&gtm=2ou9l0&z=608444485
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 05:04:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78022
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=251655650&t=event&_s=7&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=began_atf&el=subject&_u=SACAAUABC~&jid=&gjid=&cid=2035559868.1664160293&tid=UA-113932176-40&_gid=2021730375.1664160293&gtm=2ou9l0&z=3697183
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 05:04:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78022
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a

Request headers

Referer
Origin
https://subject.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
dt
dt.adsafeprotected.com/ Frame D929 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1042432&asId=1d95ce3a-456c-0ea4-a7cd-8397ee9c27f1&tv=%7Bc:phInDT,pingTime:-2,time:130,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:68,mdZ:120,beA:415,beZ:416,mfA:418,cmA:419,inA:419,inZ:423,prA:423,prZ:436,si:443,poA:444,poZ:462,cmZ:462,mfZ:462,loA:510,loZ:512,ltA:545,ltZ:545%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:27%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:130,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B124~0%5D,as:%5B124~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b.1168448-65593785%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1c3%7C1d*.1042432-63102463%7C1d1%7C1e%7C1f,idMap:1d*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:svg.us,siq:28,sinceFw:101,readyFired:false%7D&br=c
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
www-widgetapi.js
www.youtube.com/s/player/abfb84fe/www-widgetapi.vflset/ 		161 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/abfb84fe/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be0d1a719a7aa3b6b2c30488567862bda53b0732ceefcbb4aa5dd7c724f3005f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 00:33:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
7867
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53539
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 00:22:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 26 Sep 2023 00:33:48 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6DDF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
323407
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 08:54:48 GMT
expires
Fri, 22 Sep 2023 08:54:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 08AD
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEA9iUBOZ3OueIUnj2EGM1EM&google_cver=1&google_push=AZmPxg_hfR1YywBb3fvtXbl7BdP6Ni24p9S38fP2b5-iIyIxKk_xwmSLP1...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_hfR1YywBb3fvtXbl7BdP6Ni24p9S38fP2b5-iIyIxKk_xwmSLP1ENbHpYftRQpZDigjgx5LPOkV86hdmSZDYoPIO5vs4&google_hm=xKv-Y-Rl1-cWw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_hfR1YywBb3fvtXbl7BdP6Ni24p9S38fP2b5-iIyIxKk_xwmSLP1ENbHpYftRQpZDigjgx5LPOkV86hdmSZDYoPIO5vs4&google_hm=xKv-Y-Rl1-cWwOCa-RGFqA
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_hfR1YywBb3fvtXbl7BdP6Ni24p9S38fP2b5-iIyIxKk_xwmSLP1ENbHpYftRQpZDigjgx5LPOkV86hdmSZDYoPIO5vs4&google_hm=xKv-Y-Rl1-cWwOCa-RGFqA
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 08AD
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEI9kXznQJ-88CydFI_rvg9c&google_cver=1&google_push=AZmPxg9oP9O9g3cS3cYNHfvxN69miklzRC--mTJtSmwTiR1yqGYXuujcsyLe_7MW_T1kkrIfPYz3qoMndA1bbIt7...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9oP9O9g3cS3cYNHfvxN69miklzRC--mTJtSmwTiR1yqGYXuujcsyLe_7MW_T1kkrIfPYz3qoMndA1bbIt7H1rR2rGqJQI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9oP9O9g3cS3cYNHfvxN69miklzRC--mTJtSmwTiR1yqGYXuujcsyLe_7MW_T1kkrIfPYz3qoMndA1bbIt7H1rR2rGqJQI
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 26 Sep 2022 02:44:55 GMT
via
1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9oP9O9g3cS3cYNHfvxN69miklzRC--mTJtSmwTiR1yqGYXuujcsyLe_7MW_T1kkrIfPYz3qoMndA1bbIt7H1rR2rGqJQI
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
m6dChoVgnznncnPIInYYxct_z03htArROntgclRy3s_zWrrfIRbXIg==
pixel
cm.g.doubleclick.net/ Frame 08AD
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEJlL3nhUgmAswWi07-Ip1g8&google_cver=1&google_push=AZmPxg9wrMEtSOwjaawDCwZk6IEaFzVzku6cV1q5TMntMDKryJ6c0cmgcUqt7Q-DGYCzgK-sDe8S-dWVTz3uk5BxQ50t53sikKA
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg9wrMEtSOwjaawDCwZk6IEaFzVzku6cV1q5TMntMDKryJ6c0cmgcUqt7Q-DGYCzgK-sDe8S-dWVTz3uk5BxQ50t53sikKA&google_hm=ZzNjNGI1YWZlNDI4NDU3M...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg9wrMEtSOwjaawDCwZk6IEaFzVzku6cV1q5TMntMDKryJ6c0cmgcUqt7Q-DGYCzgK-sDe8S-dWVTz3uk5BxQ50t53sikKA&google_hm=ZzNjNGI1YWZlNDI4NDU3MDBmYjc=
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg9wrMEtSOwjaawDCwZk6IEaFzVzku6cV1q5TMntMDKryJ6c0cmgcUqt7Q-DGYCzgK-sDe8S-dWVTz3uk5BxQ50t53sikKA&google_hm=ZzNjNGI1YWZlNDI4NDU3MDBmYjc=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 08AD
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEGJU9whwnkatVSpFJFoMODc&google_cver=1&google_push=AZmPxg9r2IjCTnCqxchyc1OkbabtRDXkF9eYkboBNlt4hpHYtUQxqU2vdE1re7ctAGuHUO5wdMgFXtjr8agKbg1R0WBn01...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGJU9whwnkatVSpFJFoMODc&google_cver=1&google_push=AZmPxg9r2IjCTnCqxchyc1OkbabtRDXkF9eYkboBNlt4hpHYtUQxqU2vdE1re7ctAGuHUO5wdMgFXtjr8agKbg1R...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ETNtlB6_SCuJF-uilPLE4g&google_push=AZmPxg9r2IjCTnCqxchyc1OkbabtRDXkF9eYkboBNlt4hpHYtUQxqU2vdE1re7ctAGuHUO5wdMgFXtjr8agKbg1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ETNtlB6_SCuJF-uilPLE4g&google_push=AZmPxg9r2IjCTnCqxchyc1OkbabtRDXkF9eYkboBNlt4hpHYtUQxqU2vdE1re7ctAGuHUO5wdMgFXtjr8agKbg1R0WBn01Mqe-Q
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ETNtlB6_SCuJF-uilPLE4g&google_push=AZmPxg9r2IjCTnCqxchyc1OkbabtRDXkF9eYkboBNlt4hpHYtUQxqU2vdE1re7ctAGuHUO5wdMgFXtjr8agKbg1R0WBn01Mqe-Q
date
Mon, 26 Sep 2022 02:44:56 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 08AD
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGBtWLkkO9uoaM1wYXnhVIE&google_cver=1&google_push=AZmPxg-Jr2ed2LGqvWm3c5ObojF4qkwxrZootAe9nccuY-c0phxjcHccMA4KoZBhsH3B6waWWH3DmbxhPi4BPet7-RA4HgITmMc
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg-Jr2ed2LGqvWm3c5ObojF4qkwxrZootAe9nccuY-c0phxjcHccMA4KoZBhsH3B6waWWH3DmbxhPi4BPet7-RA4HgITmMc...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjEwMjQwMTgxMTU0NTYzNTg3NjA1MQ%3D%3D&google_push=AZmPxg-Jr2ed2LGqvWm3c5ObojF4qkwxrZootAe9nccuY-c0phxjcHcc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjEwMjQwMTgxMTU0NTYzNTg3NjA1MQ%3D%3D&google_push=AZmPxg-Jr2ed2LGqvWm3c5ObojF4qkwxrZootAe9nccuY-c0phxjcHccMA4KoZBhsH3B6waWWH3DmbxhPi4BPet7-RA4HgITmMc
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjEwMjQwMTgxMTU0NTYzNTg3NjA1MQ%3D%3D&google_push=AZmPxg-Jr2ed2LGqvWm3c5ObojF4qkwxrZootAe9nccuY-c0phxjcHccMA4KoZBhsH3B6waWWH3DmbxhPi4BPet7-RA4HgITmMc
date
Mon, 26 Sep 2022 02:44:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 08AD
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEK0S7VUZ01RGMP4NrnuRWsk&google_cver=1&google_push=AZmPxg-LVUsdqs640FDWKU0yZCuXplbOTCmWN2oCIn6ztaJRRnRB5HRDzgNATI_x-qTeEUJQbWLxu...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg-LVUsdqs640FDWKU0yZCuXplbOTCmWN2oCIn6ztaJRRnRB5HRDzgNATI_x-qTeEUJQbWLxuCIP0I7bA5GZrItU_4gYiAs&google_hm=WXpFU0tNQ284...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg-LVUsdqs640FDWKU0yZCuXplbOTCmWN2oCIn6ztaJRRnRB5HRDzgNATI_x-qTeEUJQbWLxuCIP0I7bA5GZrItU_4gYiAs&google_hm=WXpFU0tNQ284WFVBQUZhM2dEb0FBQUFB
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
49
Date
Mon, 26 Sep 2022 02:44:56 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEK0S7VUZ01RGMP4NrnuRWsk&google_push=AZmPxg-LVUsdqs640FDWKU0yZCuXplbOTCmWN2oCIn6ztaJRRnRB5HRDzgNATI_x-qTeEUJQbWLxuCIP0I7bA5GZrItU_4gYiAs&proto=google_ebda","cluster_id":49,"gdpr":true,"ipv4":"0.0.0.0","key":"YzESKMCo8XUAAFa3gDoAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad198"}
X-SO-Ads-Time
5
X-SO-Key
YzESKMCo8XUAAFa3gDoAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad198
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg-LVUsdqs640FDWKU0yZCuXplbOTCmWN2oCIn6ztaJRRnRB5HRDzgNATI_x-qTeEUJQbWLxuCIP0I7bA5GZrItU_4gYiAs&google_hm=WXpFU0tNQ284WFVBQUZhM2dEb0FBQUFB
Cache-Control
private
X-SO-HostName
m-ad198.dc4p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
m-tgng17.dc4p.scaleout.jp
X-SO-IP
217.138.196.105
spacer.gif
an.yandex.ru/resource/ Frame 08AD
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEIcJyGfi-4TBBmVGiQ-rNyA?ext-param=AZmPxg8aeFKoKeFyZFgQKVgJPxZKqbGSisQ5BewSPYlEH8jQ22JLk7XonJRcaSXIgHud7xhbc0toRLMujk-FKbTzZgD_uSL1uQRO&partner-tag=yandex_ag&g...
  • https://an.yandex.ru/mapuid/google/CAESEIcJyGfi-4TBBmVGiQ-rNyA?redir-setuniq=1&ext-param=AZmPxg8aeFKoKeFyZFgQKVgJPxZKqbGSisQ5BewSPYlEH8jQ22JLk7XonJRcaSXIgHud7xhbc0toRLMujk-FKbTzZgD_uSL1uQRO&partner...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEIcJyGfi-4TBBmVGiQ-rNyA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 02:44:56 GMT
content-encoding
gzip
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
x-xss-protection
1; mode=block
expires
Mon, 11 Sep 2023 02:44:56 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://an.yandex.ru/resource/spacer.gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 08AD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LqXGZDBryM_-_xZD-Id51cLJ9o0HQoiBerHrMNe-QZ8CUOeTIh0ihKO60WoGvO8n6uR0vMFA
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
impl_v91.js
www.googletagservices.com/dcm/ Frame D929 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v91.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1042432/63102463/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fsubject.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:1d95ce3a-456c-0ea4-a7cd-8397ee9c27f1,c:phInCe,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-b97f7975-kr5b8,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,dvs:visible,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tivl0nV+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1c3%7C1d*.1042432-63102463%7C1d1%7C1e%7C1f,idMap:1d*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:28,oid:340e180c-3d45-11ed-a8ae-8a38821fc46c,v:19.8.352,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 14:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
561937
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23646
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:32:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Sep 2023 14:39:18 GMT
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 5F9B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 21:45:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363589
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 21:45:06 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame 1345 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
content-encoding
gzip
age
385719
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
e8gLOo3ALB9v_VkcuC1kKSaQjGpNtAjMPYkTWZbzW_LDAmrMO6NN2g==
mon
pixel.adsafeprotected.com/ Frame 9814 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10933&advId=22571342&campId=15011189519&pubId=1&chanId=42757578513&placementId=442204584&dealId=549644393847897261&adsafe_par&impId=ABAjH0gBz1JF1V01RkLttkL1Ajiq&bidurl=https://subject.com.ua/&adsafe_url=https%3A%2F%2Fsubject.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:54a67bd6-fc36-6154-efea-9d5bd2e5101e,c:phInF1,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-b97f7975-zx4d5,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:244,mot:0,app:0,maw:0,fm:tivl0mW+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.10933%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e%7C1f,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:262,oid:33c799a7-3d45-11ed-a3ea-1e8b19963c65,v:19.8.352,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.71.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-71-221.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
x-server-name
app05.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 9814 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=54a67bd6-fc36-6154-efea-9d5bd2e5101e&tv=%7Bc:phInF2,pingTime:-8,time:262,type:l,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:262,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:261,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B16~1%5D,as:%5B16~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tivl0mW+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.10933%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e%7C1f,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:262%7D&br=c
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 9814 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1168448&asId=2364d187-8cc3-fdb6-254f-f711c7ac0949&tv=%7Bc:phInFq,pingTime:-2.1,time:882,type:a,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:882,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B876~0%5D,as:%5B876~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:473,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.1168448-65593785%7C1b1%7C1b2%7C1c%7C1d.1042432-63102463,idMap:1b.54a67bd6-fc36-6154-efea-9d5bd2e5101e.32_10933%7C1b*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:21,sinceFw:48,readyFired:false,sis:154%7D&br=c
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 9814 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=54a67bd6-fc36-6154-efea-9d5bd2e5101e&tv=%7Bc:phInFu,pingTime:-3,time:290,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:261%7D,%7Bpiv:0,vs:o,r:l,t:289%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:290,n:289,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:261,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B42~1,1~0%5D,as:%5B43~970.250%5D%7D%7D,%7Bsl:o,t:289,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tivl0mW+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.10933%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e%7C1f,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:262%7D&br=c
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 9814 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=54a67bd6-fc36-6154-efea-9d5bd2e5101e&tv=%7Bc:phInFv,pingTime:-6,time:291,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:291,n:289,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:261,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B42~1,1~0%5D,as:%5B43~970.250%5D%7D%7D,%7Bsl:o,t:289,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tivl0mW+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.10933%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e%7C1f,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:262%7D&tpiLookup=ao:subject.com.ua*&br=c
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
B27792836.335993461;dc_ver=91.268;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1033480529;ord=0af03q;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKCu_JhIxY6TxO9fkx_APnb6...
ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/ Frame D929 		61 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27792836.335993461;dc_ver=91.268;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1033480529;ord=0af03q;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKCu_JhIxY6TxO9fkx_APnb6l2AjEiMzCbMXg7caXEJ2Sg5KgJRABIKqAwyJgu4aAgNAKoAGHzYHMAsgBCakCTPfOg6A3sj6oAwGqBOwBT9DEFMsHWm-HIelGajIhb_ENdyacleWmMWreApGBJxpFswQb6vnDpy7-z_ljNSuJar1F8iljmQPE6i1Lo-I4jN_T4bfLlpvavwRfSDketCtaVXBs2yL808Y9GVJ-ed0ADd1B0eEmnW4DlRnK2bM_FiAIPpzfuYaeormL-dVay0hrxYAEQrfqwVPzocQ5Fmo20-6qA0IkCnVe4X396e2P1LyYP2fvC3PSm-M2I19IVUrGCn-Hl_iwqZgmCA5-ksnqhczv8watF5Me4l698XchDN-kPz4cY6EGKs7KyaAxIRCh2Izajdxh10jKIcXABKDh_vCDBOAEA5AGAaAGTYAH4bL-swGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTkxOTIyMjE3NzYwOTUyMjOACgOYCwHICwGADAGwE9T4zxDQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoitxwKUw9G8n8HfoeekGtMzoo3DWIwUGvXjkbNnW5nBEtZQ%26sig%3DAOD64_1aujGKYBE4OFDIqEd8wqBsnJAl5Q%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-DGNMtfrn8VTAtPWEV3GcPnQ00-aet2UPjZRAF7woywBB4nUy4O4kyhaKkzV_eTitYr_KH2UZfUOtq1Pha74miHgjiNVY__AAqWEgmZDV_aAYk6vEstyHKCLYl0vGiEBYNpC8eyoTbU5heQK8es3GsE5P9QYA%26cry%3D1%26dbm_d%3DAKAmf-AuXKKgaLn4JtHJm6jC_1ZC0aBhVy4jBK_2zVb4tuuyZ_rzITZpatZDxSiinTirwaOPS8z8u2WVwmEdzMbSDGs4Yk1excgEvS9t1FwQLJQ3upxLMcnMkKHiIFFuCMzF_ej2pMnF3gFF45iipM-2DDopdY2U9_d4OrWVVDPv5fNWDrwXUcFLFxFb4iZC0n7-0Tu0lqhDerPUW97L0mlk9Fi4sdg1DHGFF_2OoTXMg3RPttTqBIWJilix6PWnjJSvspx5o3nNpcAwM9AoYOIJwCMW6B3iWzhORik1VGKFvz-1G8qEP4mndtpcXBQiRBnlbPRxA3flUi4UJGV7dxY2UTTxx99VQKJ5a8hzygCj-CUsxpDSf_c9LOfQYWuVGJ1siQ1zJjb2G2Sk3i4Q_fsvXOiCPvaWfJ1BsZaZiypTCiifpVEN_wR3ro5NJRglar7tFuZw28Gyg3db7wpsvM3S8T_QU3iy438C2svdXU6CBur1HNlBpymMEUTpqG-9D5A4Zt2eatPuc0vTlXC8kA_ReKEFZg9b3RTybNJhvyWNjtcn-n0DaO6wLLYB-na_juSIdmJMjwZk%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fsubject.com.ua%2F$0;xdt=1;crlt=BtLkq2eQR1;stc=1;chaa=1;sttr=116;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v91.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f6.1e100.net
Software
cafe /
Resource Hash
7320df01c7939579b15e4ae5fb81df348ce2af48255ebfbbb40204d97ce3fc8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28972
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 9814 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=54a67bd6-fc36-6154-efea-9d5bd2e5101e&tv=%7Bc:phInGn,pingTime:-2,time:345,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:932,beZ:932,mfA:1176,cmA:1177,inA:1177,inZ:1180,prA:1180,prZ:1188,si:1193,poA:1195,poZ:1208,cmZ:1208,mfZ:1208,loA:1222,loZ:1225,ltA:1276,ltZ:1277,mdA:933,mdZ:1013%7D%7D,sca:%7Bdfp:%7Bdf:2,sz:970.250,dom:img%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:261%7D,%7Bpiv:0,vs:o,r:l,t:289%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:345,n:289,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:261,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B42~1,1~0%5D,as:%5B43~970.250%5D%7D%7D,%7Bsl:o,t:289,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B55~0%5D,as:%5B55~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.10933%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e%7C1f,idMap:1b.2364d187-8cc3-fdb6-254f-f711c7ac0949.54_1168448-65593785%7C1b*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:262,sinceFw:82,readyFired:true%7D&br=c
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 9814 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=54a67bd6-fc36-6154-efea-9d5bd2e5101e&tv=%7Bc:phInGz,pingTime:0,time:357,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:261%7D,%7Bpiv:0,vs:o,r:l,t:289%7D,%7Bpiv:100,vs:i,r:,t:356%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:356,n:289,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:261,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B42~1,1~0%5D,as:%5B43~970.250%5D%7D%7D,%7Bsl:o,t:289,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B66~0%5D,as:%5B66~970.250%5D%7D%7D,%7Bsl:i,t:356,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.10933%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1d3%7C1e%7C1f,idMap:1b.2364d187-8cc3-fdb6-254f-f711c7ac0949.54_1168448-65593785%7C1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:262%7D&br=c
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
pagead2.googlesyndication.com/bg/ Frame 6DDF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
122285db9f84c3c42757d585b75701d549325f150e0d65701389a6a6bfa3a25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 23:29:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15943
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 25 Sep 2023 23:29:00 GMT
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ 		443 KB
444 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash
f2985ff1aa24da33cb50632ba0daed5632c90cd761f6a53c56084988c4ae4cc2

Request headers

Referer
https://subject.com.ua/
vdoai
true
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-453831

Response headers

Date
Mon, 26 Sep 2022 02:44:56 GMT
Last-Modified
Sat, 30 Jul 2022 00:37:11 GMT
Server
nginx/1.16.1
Access-Control-Allow-Origin
*
ETag
"62e47d37-cce09a8"
Content-Type
video/mp2t
Content-Range
bytes 0-453831/214829480
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
453832
Expires
Tue, 26 Sep 2023 02:44:56 GMT
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Mon, 26 Sep 2022 02:44:56 GMT
Expires
Tue, 26 Sep 2023 02:44:56 GMT
Server
nginx/1.16.1
dt
dt.adsafeprotected.com/ Frame D929 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1042432&asId=1d95ce3a-456c-0ea4-a7cd-8397ee9c27f1&tv=%7Bc:phInHN,time:372,type:e,im:%7Bimprf:%7Bttecl:514,ecd:115,tsecr:23%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:372,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B366~0%5D,as:%5B366~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:233,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b.1168448-65593785%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1c3%7C1d*.1042432-63102463%7C1d1%7C1e%7C1f,idMap:1d*,rmeas:1,rend:0,renddet:svg.us,siq:28,sis:168%7D&br=c
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 9814 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1168448&asId=2364d187-8cc3-fdb6-254f-f711c7ac0949&tv=%7Bc:phInJo,time:1128,type:e,im:%7Bpci:%7Btdr:1017%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1128,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1122~0%5D,as:%5B1122~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:209,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.1168448-65593785%7C1b1%7C1b2%7C1c%7C1d.1042432-63102463,idMap:1b.54a67bd6-fc36-6154-efea-9d5bd2e5101e.32_10933%7C1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:21,sis:154%7D&br=c
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame D929 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27792836.335993461;dc_ver=91.268;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1033480529;ord=0af03q;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKCu_JhIxY6TxO9fkx_APnb6l2AjEiMzCbMXg7caXEJ2Sg5KgJRABIKqAwyJgu4aAgNAKoAGHzYHMAsgBCakCTPfOg6A3sj6oAwGqBOwBT9DEFMsHWm-HIelGajIhb_ENdyacleWmMWreApGBJxpFswQb6vnDpy7-z_ljNSuJar1F8iljmQPE6i1Lo-I4jN_T4bfLlpvavwRfSDketCtaVXBs2yL808Y9GVJ-ed0ADd1B0eEmnW4DlRnK2bM_FiAIPpzfuYaeormL-dVay0hrxYAEQrfqwVPzocQ5Fmo20-6qA0IkCnVe4X396e2P1LyYP2fvC3PSm-M2I19IVUrGCn-Hl_iwqZgmCA5-ksnqhczv8watF5Me4l698XchDN-kPz4cY6EGKs7KyaAxIRCh2Izajdxh10jKIcXABKDh_vCDBOAEA5AGAaAGTYAH4bL-swGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTkxOTIyMjE3NzYwOTUyMjOACgOYCwHICwGADAGwE9T4zxDQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoitxwKUw9G8n8HfoeekGtMzoo3DWIwUGvXjkbNnW5nBEtZQ%26sig%3DAOD64_1aujGKYBE4OFDIqEd8wqBsnJAl5Q%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-DGNMtfrn8VTAtPWEV3GcPnQ00-aet2UPjZRAF7woywBB4nUy4O4kyhaKkzV_eTitYr_KH2UZfUOtq1Pha74miHgjiNVY__AAqWEgmZDV_aAYk6vEstyHKCLYl0vGiEBYNpC8eyoTbU5heQK8es3GsE5P9QYA%26cry%3D1%26dbm_d%3DAKAmf-AuXKKgaLn4JtHJm6jC_1ZC0aBhVy4jBK_2zVb4tuuyZ_rzITZpatZDxSiinTirwaOPS8z8u2WVwmEdzMbSDGs4Yk1excgEvS9t1FwQLJQ3upxLMcnMkKHiIFFuCMzF_ej2pMnF3gFF45iipM-2DDopdY2U9_d4OrWVVDPv5fNWDrwXUcFLFxFb4iZC0n7-0Tu0lqhDerPUW97L0mlk9Fi4sdg1DHGFF_2OoTXMg3RPttTqBIWJilix6PWnjJSvspx5o3nNpcAwM9AoYOIJwCMW6B3iWzhORik1VGKFvz-1G8qEP4mndtpcXBQiRBnlbPRxA3flUi4UJGV7dxY2UTTxx99VQKJ5a8hzygCj-CUsxpDSf_c9LOfQYWuVGJ1siQ1zJjb2G2Sk3i4Q_fsvXOiCPvaWfJ1BsZaZiypTCiifpVEN_wR3ro5NJRglar7tFuZw28Gyg3db7wpsvM3S8T_QU3iy438C2svdXU6CBur1HNlBpymMEUTpqG-9D5A4Zt2eatPuc0vTlXC8kA_ReKEFZg9b3RTybNJhvyWNjtcn-n0DaO6wLLYB-na_juSIdmJMjwZk%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fsubject.com.ua%2F$0;xdt=1;crlt=BtLkq2eQR1;stc=1;chaa=1;sttr=116;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:41:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 02:41:20 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D929 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJwmktiM14txuu_1pWk-5_kDlzko_l6TK1zHW1o_Kw-_nDT8V_lPTQN7FpLxlzQidsBvyIyGMx3YakNG4SMl0-sLfAipk_dnWLGq4TiSvwRCw6jkUvS2fi07F9qFGIlkpTfEWbWWQrzcLwi4UDo7h4wjOZULHN3A&sig=Cg0ArKJSzFpbIDF7D5B8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220921.63961&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27792836.335993461;dc_ver=91.268;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1033480529;ord=0af03q;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKCu_JhIxY6TxO9fkx_APnb6l2AjEiMzCbMXg7caXEJ2Sg5KgJRABIKqAwyJgu4aAgNAKoAGHzYHMAsgBCakCTPfOg6A3sj6oAwGqBOwBT9DEFMsHWm-HIelGajIhb_ENdyacleWmMWreApGBJxpFswQb6vnDpy7-z_ljNSuJar1F8iljmQPE6i1Lo-I4jN_T4bfLlpvavwRfSDketCtaVXBs2yL808Y9GVJ-ed0ADd1B0eEmnW4DlRnK2bM_FiAIPpzfuYaeormL-dVay0hrxYAEQrfqwVPzocQ5Fmo20-6qA0IkCnVe4X396e2P1LyYP2fvC3PSm-M2I19IVUrGCn-Hl_iwqZgmCA5-ksnqhczv8watF5Me4l698XchDN-kPz4cY6EGKs7KyaAxIRCh2Izajdxh10jKIcXABKDh_vCDBOAEA5AGAaAGTYAH4bL-swGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTkxOTIyMjE3NzYwOTUyMjOACgOYCwHICwGADAGwE9T4zxDQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoitxwKUw9G8n8HfoeekGtMzoo3DWIwUGvXjkbNnW5nBEtZQ%26sig%3DAOD64_1aujGKYBE4OFDIqEd8wqBsnJAl5Q%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-DGNMtfrn8VTAtPWEV3GcPnQ00-aet2UPjZRAF7woywBB4nUy4O4kyhaKkzV_eTitYr_KH2UZfUOtq1Pha74miHgjiNVY__AAqWEgmZDV_aAYk6vEstyHKCLYl0vGiEBYNpC8eyoTbU5heQK8es3GsE5P9QYA%26cry%3D1%26dbm_d%3DAKAmf-AuXKKgaLn4JtHJm6jC_1ZC0aBhVy4jBK_2zVb4tuuyZ_rzITZpatZDxSiinTirwaOPS8z8u2WVwmEdzMbSDGs4Yk1excgEvS9t1FwQLJQ3upxLMcnMkKHiIFFuCMzF_ej2pMnF3gFF45iipM-2DDopdY2U9_d4OrWVVDPv5fNWDrwXUcFLFxFb4iZC0n7-0Tu0lqhDerPUW97L0mlk9Fi4sdg1DHGFF_2OoTXMg3RPttTqBIWJilix6PWnjJSvspx5o3nNpcAwM9AoYOIJwCMW6B3iWzhORik1VGKFvz-1G8qEP4mndtpcXBQiRBnlbPRxA3flUi4UJGV7dxY2UTTxx99VQKJ5a8hzygCj-CUsxpDSf_c9LOfQYWuVGJ1siQ1zJjb2G2Sk3i4Q_fsvXOiCPvaWfJ1BsZaZiypTCiifpVEN_wR3ro5NJRglar7tFuZw28Gyg3db7wpsvM3S8T_QU3iy438C2svdXU6CBur1HNlBpymMEUTpqG-9D5A4Zt2eatPuc0vTlXC8kA_ReKEFZg9b3RTybNJhvyWNjtcn-n0DaO6wLLYB-na_juSIdmJMjwZk%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fsubject.com.ua%2F$0;xdt=1;crlt=BtLkq2eQR1;stc=1;chaa=1;sttr=116;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 02:44:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
16180827396287188542
s0.2mdn.net/simgad/ Frame D929 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/16180827396287188542
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a18efe833c7307d4ce95bced1c543804647c6da9e256aa5a701d23ab55219d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 08:36:45 GMT
x-content-type-options
nosniff
age
497291
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69777
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 08:36:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Sep 2023 08:36:45 GMT
/
d.agkn.com/pixel/2387/ Frame D929 		43 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/2387/?ct=UK&st=&city=0&dma=0&zp=M32&bw=4&che=683320235&col=27792836,1108532,335993461,531629848,173399683
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.16.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-16-92.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:55 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 Jan 2000 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 18FB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
323408
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 08:54:48 GMT
expires
Fri, 22 Sep 2023 08:54:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
main.19.8.352.js
static.adsafeprotected.com/ Frame D929 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.352.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=28493320&campId=17567456057&pubId=1&chanId=42757578513&placementId=424335051&dealId=549644393847897261&adsafe_par&impId=ABAjH0gXVNnmPmMPjTIEjQygfNAO&bidurl=https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 16:51:38 GMT
content-encoding
gzip
age
813199
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 16 Sep 2022 14:19:29 GMT
server
AmazonS3
etag
W/"067a9552174cd536b5cfa4275edeb714"
vary
Accept-Encoding
x-amz-version-id
FMIaS.d5OYtGezR2pElSzU33tDJuO5Hk
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
06gwmpfNRueYu5F9ZRV3Q3TS0IuRSkGfBmx7ekr5wBRYC389MX_WcQ==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7065 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
55421
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 25 Sep 2022 11:21:15 GMT
etag
48472445140208031
expires
Mon, 26 Sep 2022 11:21:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D929 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cf9c179d74910b3a4c14d4d05b1d05d0b95a79e7cd35e4c402a871d96daa148

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame D929 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJwmktiM14txuu_1pWk-5_kDlzko_l6TK1zHW1o_Kw-_nDT8V_lPTQN7FpLxlzQidsBvyIyGMx3YakNG4SMl0-sLfAipk_dnWLGq4TiSvwRCw6jkUvS2fi07F9qFGIlkpTfEWbWWQrzcLwi4UDo7h4wjOZULHN3A&sig=Cg0ArKJSzFpbIDF7D5B8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=64&vt=11&dtpt=63&dett=2&cstd=0&cisv=r20220921.63961&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27792836.335993461;dc_ver=91.268;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=1033480529;ord=0af03q;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKCu_JhIxY6TxO9fkx_APnb6l2AjEiMzCbMXg7caXEJ2Sg5KgJRABIKqAwyJgu4aAgNAKoAGHzYHMAsgBCakCTPfOg6A3sj6oAwGqBOwBT9DEFMsHWm-HIelGajIhb_ENdyacleWmMWreApGBJxpFswQb6vnDpy7-z_ljNSuJar1F8iljmQPE6i1Lo-I4jN_T4bfLlpvavwRfSDketCtaVXBs2yL808Y9GVJ-ed0ADd1B0eEmnW4DlRnK2bM_FiAIPpzfuYaeormL-dVay0hrxYAEQrfqwVPzocQ5Fmo20-6qA0IkCnVe4X396e2P1LyYP2fvC3PSm-M2I19IVUrGCn-Hl_iwqZgmCA5-ksnqhczv8watF5Me4l698XchDN-kPz4cY6EGKs7KyaAxIRCh2Izajdxh10jKIcXABKDh_vCDBOAEA5AGAaAGTYAH4bL-swGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTkxOTIyMjE3NzYwOTUyMjOACgOYCwHICwGADAGwE9T4zxDQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoitxwKUw9G8n8HfoeekGtMzoo3DWIwUGvXjkbNnW5nBEtZQ%26sig%3DAOD64_1aujGKYBE4OFDIqEd8wqBsnJAl5Q%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-DGNMtfrn8VTAtPWEV3GcPnQ00-aet2UPjZRAF7woywBB4nUy4O4kyhaKkzV_eTitYr_KH2UZfUOtq1Pha74miHgjiNVY__AAqWEgmZDV_aAYk6vEstyHKCLYl0vGiEBYNpC8eyoTbU5heQK8es3GsE5P9QYA%26cry%3D1%26dbm_d%3DAKAmf-AuXKKgaLn4JtHJm6jC_1ZC0aBhVy4jBK_2zVb4tuuyZ_rzITZpatZDxSiinTirwaOPS8z8u2WVwmEdzMbSDGs4Yk1excgEvS9t1FwQLJQ3upxLMcnMkKHiIFFuCMzF_ej2pMnF3gFF45iipM-2DDopdY2U9_d4OrWVVDPv5fNWDrwXUcFLFxFb4iZC0n7-0Tu0lqhDerPUW97L0mlk9Fi4sdg1DHGFF_2OoTXMg3RPttTqBIWJilix6PWnjJSvspx5o3nNpcAwM9AoYOIJwCMW6B3iWzhORik1VGKFvz-1G8qEP4mndtpcXBQiRBnlbPRxA3flUi4UJGV7dxY2UTTxx99VQKJ5a8hzygCj-CUsxpDSf_c9LOfQYWuVGJ1siQ1zJjb2G2Sk3i4Q_fsvXOiCPvaWfJ1BsZaZiypTCiifpVEN_wR3ro5NJRglar7tFuZw28Gyg3db7wpsvM3S8T_QU3iy438C2svdXU6CBur1HNlBpymMEUTpqG-9D5A4Zt2eatPuc0vTlXC8kA_ReKEFZg9b3RTybNJhvyWNjtcn-n0DaO6wLLYB-na_juSIdmJMjwZk%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fsubject.com.ua%2F$0;xdt=1;crlt=BtLkq2eQR1;stc=1;chaa=1;sttr=116;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 02:44:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F9B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3fs_JxIxY7nNF5ev3wPeva_gCAAAAAA4AeAEAg&bg=!i4iliMzNAAYIxsuQKMY7ACkAdvg8Wl59w7mOu8n1-X5BDl5VmmppQvo5zWZzssrx1gRtPyfUnL7muAIAAADnUgAAAAJoAQcKACal7V1tAkxWp8Fj2Q4FBhl8D2FchNber4_QZ6O1-0Ol4qy5sVB61JkC5ymMe_DUvF4mlrF1tSQMamiv0JZE4F2u-zR_S2gB0DhlM6QFZ_wCEsUkrzezuThWCAFrEHBeZC4fx2jha2mQEC7_wA95Tj8qQsqlZ-oDAP1YZtvP4IZAoPvoJE10xIHcTQ1MGuZAUdnjBtFsiIfLKuO29KcdF5LXAba3lN6suW-KCyZySoS6nG0KEiHhfpZitle0P-qD1Ajb3uH6rRNSeJr1R-HLyHsKZUIA5_E-DtdWXath5NelpEIjlRG4n7yJrCV6IdDSSD_zjTLeZ5a0lY0aOyem83xkGhckSwvO9ZEjY2nYaiu784Bn5X2Ch1B7X-h1hyVNu_bszkT2g5dCq8MX6aZ0DBa2-YF11n1_6MJiu5BNNM-1aun90pWTjEUMSOlp_jcINJSc1OUfn09zbtS0L2GJSEruk1D7BueV_y8H-8z6sIMxOTdGFShNg5y-B5VBF0Z4rexgbvEBl78EOIluPki6qX_UFrfwS5XSAdh8XH4E-mH04jbi-9S1sWF-9E8HE3YY5uM5LjNNwOtRNW367FbiE--WYT2qF-PvfhB3T8ChDDJcCxvsuSbtq2EJnlX9btgW6c220w9GY34JIABA1UGIfQ1Jgi9DbLpFs6cn8rELAgQO8yeEekC2kwDTvHNKXh0qL_1zVW8XZEbBkX9I_FbHUor36G13aJAxMj5BTZtcG6iP24PVAlclYEJ3XduE7uWYGfK15qeYXn6VDkegkRQAW4-nb6-8eN0luH7e00z1lY1Vy_xlBGbRe9wnds-7U8bmXggWc8HD8dehbua6_FPIB2FbRsvzT7HeMPc36hIL8ISuBPs2Y_-4mwiMapCAZJGQbYjArWQyZv4xm_5g23Xyuuwr8krrRuzHgLidbR8oQVjn1Etrob4bxTU4mfBxbwaLwmqSCx1UbWbQP-6KmKXN2n8321hSzM9_6upjHuUjanKIdXCYmqP9GpHihoraUrVDKlKbhUow9Lr4WbdU-pLIRzR8
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 7065 		0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAh9voZGo3J5IUtFncC6lWo&google_cver=1&google_push=AZmPxg-LFyS80GHJ81b9zxEq893mIqB9RgVoMS2EZFJOsbP8lbPM21uoFrKj83sI8enfcaRVo_Yw5ov78UN71Cm1M2Qntbs0MNU
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
via
1.1 varnish
server
Varnish
x-timer
S1664160296.322304,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-lcy19247-LCY
google
match.adsrvr.org/track/cmf/ Frame 7065 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEL9A4pdYP26STVxIfK2SRKo&google_cver=1&google_push=AZmPxg9JEv7FOP2w3lWoAP1JrjoIu0O26X7ZWX6-QwGGI6AHzQOcZbPlgUAeH4oQautMxffD1EXN2Pr7kZRth4VuRvg095wmGXw
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 7065
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEK-HBnDCeG539kGX81YIOPo&google_cver=1&google_push=AZmPxg_Surf1Xw3LJPGKXTl_l_J4COKWqaZweP3pdbd_VFPyntseN6n53YgfxRZcn3jV_1Dh6plkB-M-xogC7B...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0NzUxNDA0NjYyOTg2OTcyMA%3D%3D&google_push=AZmPxg_Surf1Xw3LJPGKXTl_l_J4COKWqaZweP3pdbd_VFPyntseN6n53YgfxRZcn3jV_1Dh6plkB-M-xogC7BwN2X...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0NzUxNDA0NjYyOTg2OTcyMA%3D%3D&google_push=AZmPxg_Surf1Xw3LJPGKXTl_l_J4COKWqaZweP3pdbd_VFPyntseN6n53YgfxRZcn3jV_1Dh6plkB-M-xogC7BwN2X0BfpDqztY
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0NzUxNDA0NjYyOTg2OTcyMA%3D%3D&google_push=AZmPxg_Surf1Xw3LJPGKXTl_l_J4COKWqaZweP3pdbd_VFPyntseN6n53YgfxRZcn3jV_1Dh6plkB-M-xogC7BwN2X0BfpDqztY
Date
Mon, 26 Sep 2022 02:44:56 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 7065
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEJWxYPRnTpK8j2DvXhemsXs&google_cver=1&google_push=AZmPxg8Hl_1oa3AjvX-vf0JV6_Sf8-V-ATnV5TZIgUf9CZcUip1CUaH1rFEzBnVgm1lYc9D7L0zKgyggkreprtYsDzavTbV...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJWxYPRnTpK8j2DvXhemsXs&google_cver=1&google_push=AZmPxg8Hl_1oa3AjvX-vf0JV6_Sf8-V-ATnV5TZIgUf9CZcUip1CUaH1rFEzBnVgm1lYc9D7L0zKgyggkreprtYsDzavT...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg8Hl_1oa3AjvX-vf0JV6_Sf8-V-ATnV5TZIgUf9CZcUip1CUaH1rFEzBnVgm1lYc9D7L0zKgyggkreprtYsDzavTbV3PJI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg8Hl_1oa3AjvX-vf0JV6_Sf8-V-ATnV5TZIgUf9CZcUip1CUaH1rFEzBnVgm1lYc9D7L0zKgyggkreprtYsDzavTbV3PJI
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg8Hl_1oa3AjvX-vf0JV6_Sf8-V-ATnV5TZIgUf9CZcUip1CUaH1rFEzBnVgm1lYc9D7L0zKgyggkreprtYsDzavTbV3PJI
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 7065
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg_zjbJZwaXWNW5fN1dMCnXMxogbPjLc-qluAlVBYJ3Da2XYiI9F7hbs2doxtdYJiTNPIeLzvXhCrnmoa_abhQgFXs7D_Oo&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-2a8c9f64-b67b-4eab-bb59-792ae37e9ec9-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg_zjbJZwaXWNW5fN1dMC...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_zjbJZwaXWNW5fN1dMCnXMxogbPjLc-qluAlVBYJ3Da2XYiI9F7hbs2doxtdYJiTNPIeLzvXhCrnmoa_abhQgFXs7D_Oo&google_hm=AyqMn2S2e06ru1l5KuN-nsk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_zjbJZwaXWNW5fN1dMCnXMxogbPjLc-qluAlVBYJ3Da2XYiI9F7hbs2doxtdYJiTNPIeLzvXhCrnmoa_abhQgFXs7D_Oo&google_hm=AyqMn2S2e06ru1l5KuN-nsk
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_zjbJZwaXWNW5fN1dMCnXMxogbPjLc-qluAlVBYJ3Da2XYiI9F7hbs2doxtdYJiTNPIeLzvXhCrnmoa_abhQgFXs7D_Oo&google_hm=AyqMn2S2e06ru1l5KuN-nsk
date
Mon, 26 Sep 2022 02:44:56 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX2a8c9f64b67b4eabbb59792ae37e9ec9003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 7065
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHOMzdFJEZetlxKtHeJaGdE&google_cver=1&google_push=AZmPxg8xpNUQWMJsSiCiFyW11NPVEbPe8Oj0tx7r8yCccvMXeUDsUFCSoWkfj2eEwuGOmmvMvu...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHOMzdFJEZetlxKtHeJaGdE&google_cver=1&google_push=AZmPxg8xpNUQWMJsSiCiFyW11NPVEbPe8Oj0tx7r8yCccvMXeUDsUFCSoWkfj2eEwuGOmmvMvu...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1MTlNzclQ5RTJ1RmR2MVNwQVR2SU5GVVBZenR4SFROZ35B&google_push=AZmPxg8xpNUQWMJsSiCiFyW11NPVEbPe8Oj0tx7r8yCccvMXeUDsUFCSo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1MTlNzclQ5RTJ1RmR2MVNwQVR2SU5GVVBZenR4SFROZ35B&google_push=AZmPxg8xpNUQWMJsSiCiFyW11NPVEbPe8Oj0tx7r8yCccvMXeUDsUFCSoWkfj2eEwuGOmmvMvuTawG1kEs2OJcVE9NkfcQc0UAzx
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1MTlNzclQ5RTJ1RmR2MVNwQVR2SU5GVVBZenR4SFROZ35B&google_push=AZmPxg8xpNUQWMJsSiCiFyW11NPVEbPe8Oj0tx7r8yCccvMXeUDsUFCSoWkfj2eEwuGOmmvMvuTawG1kEs2OJcVE9NkfcQc0UAzx
date
Mon, 26 Sep 2022 02:44:56 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
b1sync.zemanta.com/usersync/googleadx/ Frame 7065
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEbA530otz2HynX_DFIaUIE&google_cver=1&google_push=AZmPxg-MsYyq6UlcrQpGwFcdOvl9w51gvGxqFR087ZmHPtJEcT4TyyKvGdg9GNfsxrybDYiWJMtfQhl9rKbLJ...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEEbA530otz2HynX_DFIaUIE&google_push=AZmPxg-MsYyq6UlcrQpGwFcdOvl9w51gvGxqFR087ZmHPtJEcT4TyyKvGdg9GNfsxrybDYiWJMtfQhl9rKbLJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg-MsYyq6UlcrQpGwFcdOvl9w51gvGxqFR087ZmHPtJEcT4TyyKvGdg9GNfsxrybDYiWJMtfQhl9rKbLJbOeOD-2tknSIRE&google_hm=V1VRRlNuYk14ZGE0SUFId...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
HTTP/1.1
Server
50.31.142.31 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 02:44:57 GMT
Content-Length
26
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 7065 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K3YzCDg5ZZwVJysyTtwYjb5deRtp3ctyzAZGPTjBfgwlRnk7fwcwG5yRWj1PpgkXFtkkvaFSw
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6DDF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIaYXJxIxY6nxGI2C9u8P_eqCsAwAAAAAOAHgBAI&bg=!JySlJGDNAAYIxsuQKMY7ACkAdvg8Wjz_S9HIVMmi0w0-50657MT3au7oNZIjYduR5gPyypj_idD39AIAAADDUgAAAAFoAQeZAuTxKmeEoQTRu9lukTA6wNDvgQ4uiWyHZB4YXecGyXnCUPfCH5lHjnYNHH-dVGc0dG-jAyNvgdq3P67oOsflB2o3LPOON4xAJ0n38aoZaXpbb8XMm7_VVbf4w7xK_EseSv5Z_UV8kpAllmMHqpTgDvZo1NFTKA2Txpjs-Bnq55N19H1P1NWzzMQjFDkvAIugE5BDAUw6LxpX3lnpdYNmPSsfGGbSwobvbW6JTeyqmVvw4fJqH1QDh2ZO_waJcGkIq2pAKi82XA0epxdvXwlAFUpe6VtsH5l39YAisBtpBA1s5JteQtkPYC5fCCxd7NMMst0nlaMNdUXzmKN-SwJuVg08IwNWUQVjsvGr_aR0jIW_rBojkO7q1uEWwl4t0Ct_pov_9fLiwLmxIuMsClV2yWutD7sqQRia1929ncbASMG-8cK4USYK3DVQ081eq6ftdmVUC7lWkOlSmTSM3zu-nnHyPPoJ9tH22VPqGSxzOu4TikwgObOgGQwEnkQJTY5MZwOn1FgljE3MTbXbjUH96hIuPfVYMS6k2lC1T0Hqm3jSdC5hKBUsXcxbNvicIfevtyYM_45f3fJi_sa1mlOLFEAEKexz89eitZkfDoUxG576Oa7i72wrgteopzssAaM2-pnyaLsHlBY9yUTuKVIuRtqVyxd_FGCNrNb9qGYG57veDcxuSb23EqoGmXwe2rRLpfOrfFBt0jiOrQ14U8mRjHD86jejW6W1_HDZd_0MRBfcFPxA3sWqwnBZSwFbaVgtknzCfuQaeBM9B72HEihD7spla00hfLyKdOubmgmgcRzv20HVbk2_8yVudXgDYvMUO5pfJgeavq3NalFjQB9gt9CK9v3sp054aMfsL1gTu2VtuMRNkdzQTbouY9IDJmUDpRyaCAv_AjIGqUapbTm-UDwfFluqeF_yjA8SAsltKU4ELFlV1PR2TRXeH1LOulhzED37scqh_od46pLUiwNOB3n7_orX3w
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
pagead2.googlesyndication.com/bg/ Frame 18FB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
122285db9f84c3c42757d585b75701d549325f150e0d65701389a6a6bfa3a25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 23:29:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15943
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 25 Sep 2023 23:29:00 GMT
dt
dt.adsafeprotected.com/ Frame D929 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1042432&asId=1d95ce3a-456c-0ea4-a7cd-8397ee9c27f1&tv=%7Bc:phInLW,time:629,type:e,im:%7Bpci:%7Btdr:524%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:629,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B623~0%5D,as:%5B623~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:223,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b.1168448-65593785%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1c3%7C1d*.1042432-63102463%7C1d1%7C1e%7C1f,idMap:1d*,rmeas:1,rend:1,renddet:IMG.qs,siq:28,sis:168%7D&br=c
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.6.2.js
static.adsafeprotected.com/ Frame 353C 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
content-encoding
gzip
age
385720
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
v6LG4p56NVQ-zSsuPm6wBGJKMykpuJnT3zp9-TVTROvJ6p7jfuQTAA==
mon
pixel.adsafeprotected.com/ Frame D929 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10933&advId=28493320&campId=17567456057&pubId=1&chanId=42757578513&placementId=424335051&dealId=549644393847897261&adsafe_par&impId=ABAjH0gXVNnmPmMPjTIEjQygfNAO&bidurl=https://subject.com.ua/&adsafe_url=https%3A%2F%2Fsubject.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:9a71e037-7152-84de-7f76-e3969c7b3fc0,c:phInM4,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-b97f7975-cs62h,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:104,mot:0,app:0,maw:0,fm:tivl0wp+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1b6%7C1c1%7C1c2%7C1c3%7C1d*.10933%7C1d1%7C1d2%7C1d3%7C1d4%7C1d5%7C1e%7C1f,idMap:1d*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:111,oid:340e1832-3d45-11ed-a9c6-b6cc64918e12,v:19.8.352,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.71.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-71-221.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
x-server-name
app06.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D929 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1042432&asId=1d95ce3a-456c-0ea4-a7cd-8397ee9c27f1&tv=%7Bc:phInMd,pingTime:-2.1,time:646,type:a,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:27%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:646,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B640~0%5D,as:%5B640~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:223,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b.1168448-65593785%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1c3%7C1d*.1042432-63102463%7C1d1%7C1e%7C1f,idMap:1d.9a71e037-7152-84de-7f76-e3969c7b3fc0.12_10933%7C1d*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:28,sinceFw:101,readyFired:false,sis:168%7D&br=c
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D929 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=9a71e037-7152-84de-7f76-e3969c7b3fc0&tv=%7Bc:phInMe,pingTime:-3,time:121,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:111%7D,%7Bpiv:0,vs:o,r:l,t:121%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:121,n:121,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:111,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B17~1,0~0%5D,as:%5B17~300.250%5D%7D%7D,%7Bsl:o,t:121,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tivl0wp+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1b6%7C1c1%7C1c2%7C1c3%7C1d*.10933%7C1d1%7C1d2%7C1d3%7C1d4%7C1d5%7C1e%7C1f,idMap:1d*,rmeas:1,rend:1,renddet:IMG.qs,siq:111%7D&br=c
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D929 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=9a71e037-7152-84de-7f76-e3969c7b3fc0&tv=%7Bc:phInMf,pingTime:-6,time:122,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:122,n:121,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:111,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B17~1,0~0%5D,as:%5B17~300.250%5D%7D%7D,%7Bsl:o,t:121,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tivl0wp+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1b6%7C1c1%7C1c2%7C1c3%7C1d*.10933%7C1d1%7C1d2%7C1d3%7C1d4%7C1d5%7C1e%7C1f,idMap:1d*,rmeas:1,rend:1,renddet:IMG.qs,siq:111%7D&tpiLookup=ao:subject.com.ua*&br=c
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D929 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=9a71e037-7152-84de-7f76-e3969c7b3fc0&tv=%7Bc:phInMm,pingTime:-2,time:129,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:941,beZ:941,mfA:1045,cmA:1045,inA:1045,inZ:1046,prA:1046,prZ:1050,si:1052,poA:1052,poZ:1059,cmZ:1059,mfZ:1059,loA:1063,loZ:1064,ltA:1070,ltZ:1070,mdA:941,mdZ:991%7D%7D,sca:%7Bdfp:%7Bdf:2,sz:300.250,dom:img%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:111%7D,%7Bpiv:0,vs:o,r:l,t:121%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:129,n:121,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:111,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B17~1,0~0%5D,as:%5B17~300.250%5D%7D%7D,%7Bsl:o,t:121,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B8~0%5D,as:%5B8~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b.10933%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1b6%7C1c1%7C1c2%7C1c3%7C1d*.10933%7C1d1%7C1d2%7C1d3%7C1d4%7C1d5%7C1e%7C1f,idMap:1d.1d95ce3a-456c-0ea4-a7cd-8397ee9c27f1.7_1042432-63102463%7C1d*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:111,sinceFw:18,readyFired:true%7D&br=c
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsubject.com.ua%2F&domain=subject.com.ua&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 26 Sep 2022 02:44:56 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
441899
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsubject.com.ua%2F&domain=subject.com.ua&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=owS2-nx3OFZMckZvMm81RjRKeE8xWkVidmxSV3JUWFNleU5PUFhWRy9hSERja2JTNXBoUUxrYllJTmRzYVNPMFBTUThic0V1RVQ5MmpMTTB1NFpDOWlTdUt1cDRFSDlsNlVka2dYVm9CSHUwdkVjeFl2VERIM3JyUzMySn...
370 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=owS2-nx3OFZMckZvMm81RjRKeE8xWkVidmxSV3JUWFNleU5PUFhWRy9hSERja2JTNXBoUUxrYllJTmRzYVNPMFBTUThic0V1RVQ5MmpMTTB1NFpDOWlTdUt1cDRFSDlsNlVka2dYVm9CSHUwdkVjeFl2VERIM3JyUzMySnoyZ0x0aXZtK2QxWlo2RDhrNzVJYkxESFVuRk1OYStscE9uZE1KamhKdG1aT0RRR0hOd0hZVDByZy84NWI1ckpYaGFURk1nN0xEWXNUU2V2ekVBMk41YWpaSVFpRjlxeTgxQkVVTkJ2MGhMYmNSazdzM0EwPXw&cppv=2
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
238dcbdedf577a6239920ecb9196ccaec87a84eafb0ee35d25df3dec8e4676b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1237323
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=owS2-nx3OFZMckZvMm81RjRKeE8xWkVidmxSV3JUWFNleU5PUFhWRy9hSERja2JTNXBoUUxrYllJTmRzYVNPMFBTUThic0V1RVQ5MmpMTTB1NFpDOWlTdUt1cDRFSDlsNlVka2dYVm9CSHUwdkVjeFl2VERIM3JyUzMySnoyZ0x0aXZtK2QxWlo2RDhrNzVJYkxESFVuRk1OYStscE9uZE1KamhKdG1aT0RRR0hOd0hZVDByZy84NWI1ckpYaGFURk1nN0xEWXNUU2V2ekVBMk41YWpaSVFpRjlxeTgxQkVVTkJ2MGhMYmNSazdzM0EwPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
624298
content-length
0
expires
0
rid
match.adsrvr.org/track/ 		63 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
67312c1431dc71ba1260fe9898a0d86a2aef9f94333b9b0f81873827f0275865

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://subject.com.ua
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 26 Oct 2022 02:44:56 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 03FF 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 26 Sep 2022 02:44:56 GMT
ETag
"623de86a-cf34"
Expires
Tue, 27 Sep 2022 02:44:58 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DEDD 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48085
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 02:44:56 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 26 Sep 2022 16:06:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CA63 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48085
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 02:44:56 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 26 Sep 2022 16:06:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
pbjs
sync.quantumdex.io/usersync/ Frame C118 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac4a1ce1bed504c071e7b50b24afca3d47500b6e50dd6fbd05752efbe1ed94f6

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7508a91c8ce471e7-LHR
content-encoding
gzip
content-type
text/html
date
Mon, 26 Sep 2022 02:44:56 GMT
server
cloudflare
usersync
ssp.wp.pl/bidder/ Frame F2F4 		477 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=34956804800884790000&sn=mc_adapter
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Mon, 26 Sep 2022 02:44:56 GMT
last-modified
Wed, 21 Sep 2022 14:15:31 GMT
server
nginx
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3E91 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 26 Sep 2022 02:44:56 GMT
ETag
"623de86a-cf34"
Expires
Tue, 27 Sep 2022 02:44:58 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DB4D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48085
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 02:44:56 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 26 Sep 2022 16:06:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
usersync
ssp.wp.pl/bidder/ Frame 8070 		477 B
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=34956804800884790000&sn=mc_adapter
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Mon, 26 Sep 2022 02:44:56 GMT
last-modified
Wed, 21 Sep 2022 14:15:31 GMT
server
nginx
vary
Accept-Encoding
pbjs
sync.quantumdex.io/usersync/ Frame 2E57 		4 KB
1007 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c32191691395f4bb1b1df8a224102d6a19dca54fdd2ff37e5e98cfdfb80bf8f

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7508a91c8ce571e7-LHR
content-encoding
gzip
content-type
text/html
date
Mon, 26 Sep 2022 02:44:56 GMT
server
cloudflare
usersync
ssp.wp.pl/bidder/ Frame 6C65 		477 B
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=34956804800884790000&sn=mc_adapter
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Mon, 26 Sep 2022 02:44:56 GMT
last-modified
Wed, 21 Sep 2022 14:15:31 GMT
server
nginx
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6B6E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 26 Sep 2022 02:44:56 GMT
ETag
"623de86a-cf34"
Expires
Tue, 27 Sep 2022 02:44:58 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame BA9D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 26 Sep 2022 02:44:56 GMT
ETag
"623de86a-cf34"
Expires
Tue, 27 Sep 2022 02:44:58 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 30EC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 26 Sep 2022 02:44:56 GMT
ETag
"623de86a-cf34"
Expires
Tue, 27 Sep 2022 02:44:58 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
pbjs
sync.quantumdex.io/usersync/ Frame 2DD0 		4 KB
960 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeef14734efb5609ab53dd988677d89d0de083307c476bdfac2a229c67b539db

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7508a91c8ce871e7-LHR
content-encoding
gzip
content-type
text/html
date
Mon, 26 Sep 2022 02:44:56 GMT
server
cloudflare
pbjs
sync.quantumdex.io/usersync/ Frame AA6E 		4 KB
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6772abc624cceb3c61a499110ae4c2c8018b8dfa8a1aad2969fe7618065c75e4

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7508a91c8ce971e7-LHR
content-encoding
gzip
content-type
text/html
date
Mon, 26 Sep 2022 02:44:56 GMT
server
cloudflare
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3965 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48085
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 02:44:56 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 26 Sep 2022 16:06:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
usersync
ssp.wp.pl/bidder/ Frame 2EDE 		477 B
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=34956804800884790000&sn=mc_adapter
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Mon, 26 Sep 2022 02:44:56 GMT
last-modified
Wed, 21 Sep 2022 14:15:31 GMT
server
nginx
vary
Accept-Encoding
usersync
ssp.wp.pl/bidder/ Frame CDB6 		477 B
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=34956804800884790000&sn=mc_adapter
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Mon, 26 Sep 2022 02:44:56 GMT
last-modified
Wed, 21 Sep 2022 14:15:31 GMT
server
nginx
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame BBB6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1664160293259&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pbjs
sync.quantumdex.io/usersync/ Frame 0D9B 		4 KB
954 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2a20ed4d9974327730ff4f2aa828629f24db78316717973da79a23bfcf9a2c5

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7508a91c9cf771e7-LHR
content-encoding
gzip
content-type
text/html
date
Mon, 26 Sep 2022 02:44:56 GMT
server
cloudflare
/
onetag-sys.com/usync/ Frame 1211 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1664160293260&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8D97 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48085
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 02:44:56 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 26 Sep 2022 16:06:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 62D9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1664160293260&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.4.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pixelSync
pixel-sync.sitescout.com/dmp/ 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=undefined&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
cookie
cm.adform.net/ 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
server
nginx
content-length
43
content-type
image/gif
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID
  • https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=6917600745892463824
0
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=6917600745892463824
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Server
3.127.18.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-18-59.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:56 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
08065702-eb97-46c6-9362-bc2f274cf7cb
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=6917600745892463824
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie
cm.adform.net/ 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
server
nginx
content-length
43
content-type
image/gif
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=e06623de-0cc7-408b-9e24-f0ac6c78182c&google_hm=ZTA2NjIzZGUtMGNjNy00MDhiLTllMjQtZjBhYzZjNzgxODJj
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKm8w-TEMAq3T9qEs0esAEk&google_cver=1&ssp=vidoomy&bsw_param=e06623de-0cc7-408b-9e24-f0ac6c78182c
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=e06623de-0cc7-408b-9e24-f0ac6c78182c
43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=e06623de-0cc7-408b-9e24-f0ac6c78182c
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Server
3.127.18.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-18-59.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
content-encoding
none
server
fasthttp
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

Location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=e06623de-0cc7-408b-9e24-f0ac6c78182c
Date
Mon, 26 Sep 2022 02:44:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=undefined
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=undefined&verify=true
  • https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A&gdpr=0&gdpr_consent=
0
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A&gdpr=0&gdpr_consent=
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Server
3.127.18.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-18-59.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

location
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A&gdpr=0&gdpr_consent=
date
Mon, 26 Sep 2022 02:44:56 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync.php
pixel.rubiconproject.com/exchange/ 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame F2F4 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=34956804800884790000&sn=mc_adapter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
a2a573a14372930a6750ed2a0c5f2320360d5df80cf876f96c8cafa8fcc2398c

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 09:05:14 GMT
server
nginx
etag
W/"3f82d7b4f9dfcac7d67ff0c498eb9881"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame 8070 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=34956804800884790000&sn=mc_adapter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
a2a573a14372930a6750ed2a0c5f2320360d5df80cf876f96c8cafa8fcc2398c

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 09:05:14 GMT
server
nginx
etag
W/"3f82d7b4f9dfcac7d67ff0c498eb9881"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame 6C65 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=34956804800884790000&sn=mc_adapter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
a2a573a14372930a6750ed2a0c5f2320360d5df80cf876f96c8cafa8fcc2398c

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 09:05:14 GMT
server
nginx
etag
W/"3f82d7b4f9dfcac7d67ff0c498eb9881"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame 2EDE 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=34956804800884790000&sn=mc_adapter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
a2a573a14372930a6750ed2a0c5f2320360d5df80cf876f96c8cafa8fcc2398c

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 09:05:14 GMT
server
nginx
etag
W/"3f82d7b4f9dfcac7d67ff0c498eb9881"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame CDB6 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=34956804800884790000&sn=mc_adapter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
a2a573a14372930a6750ed2a0c5f2320360d5df80cf876f96c8cafa8fcc2398c

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 09:05:14 GMT
server
nginx
etag
W/"3f82d7b4f9dfcac7d67ff0c498eb9881"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
setuid
sync.quantumdex.io/ Frame C118
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91ede3471e7-LHR
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
server
Apache
date
Mon, 26 Sep 2022 02:44:56 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Mon, 26 Sep 2022 02:44:56 GMT
v1
match.sharethrough.com/FGMrCMMc/ Frame C118 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.159.6.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-159-6-67.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
setuid
sync.quantumdex.io/ Frame C118
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91e5de171e7-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A
date
Mon, 26 Sep 2022 02:44:56 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame C118
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6917600745892463824
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6917600745892463824
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91e4ddb71e7-LHR
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:56 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
ea0edb86-5167-47b5-98ef-67355a5a5719
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6917600745892463824
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame C118
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-10af90a8-69e3-3789-b600-089a26852cd1
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-10af90a8-69e3-3789-b600-089a26852cd1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a9217fae71e7-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-10af90a8-69e3-3789-b600-089a26852cd1
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
pixel
ap.lijit.com/ Frame C118 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 26 Sep 2022 02:44:56 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap4ams1
access-control-allow-methods
GET, POST, DELETE, PUT
setuid
sync.quantumdex.io/ Frame C118
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9d278200-bc40-520d-945b-be3af76aac12
43 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=9d278200-bc40-520d-945b-be3af76aac12
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91f5e8071e7-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=9d278200-bc40-520d-945b-be3af76aac12
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
0.gif
id5-sync.com/i/495/ Frame C118 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
/
s.ad.smaato.net/c/ Frame C118 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:c400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
via
1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
IN_vsRwCE_9k5ckFYQ2KmpA12-pDH3O_EpZ8renUdoZVylEymNbHnQ==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame 2E57
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91ede3571e7-LHR
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
server
Apache
date
Mon, 26 Sep 2022 02:44:56 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Mon, 26 Sep 2022 02:44:56 GMT
v1
match.sharethrough.com/FGMrCMMc/ Frame 2E57 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.159.6.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-159-6-67.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
setuid
sync.quantumdex.io/ Frame 2E57
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91e5de571e7-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A
date
Mon, 26 Sep 2022 02:44:56 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 2E57
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-10af90a8-69e3-3789-b600-089a26852cd1
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-10af90a8-69e3-3789-b600-089a26852cd1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a9217faa71e7-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-10af90a8-69e3-3789-b600-089a26852cd1
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame 2E57
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6917600745892463824
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6917600745892463824
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91e4ddd71e7-LHR
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:56 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
6fdabc54-460c-46a1-93fd-06a1957e842b
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6917600745892463824
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
ap.lijit.com/ Frame 2E57 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 26 Sep 2022 02:44:56 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap4ams1
access-control-allow-methods
GET, POST, DELETE, PUT
setuid
sync.quantumdex.io/ Frame 2E57
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9d278200-bc40-520d-945b-be3af76aac12
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=9d278200-bc40-520d-945b-be3af76aac12
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91f5e8471e7-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=9d278200-bc40-520d-945b-be3af76aac12
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
0.gif
id5-sync.com/i/495/ Frame 2E57 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
/
s.ad.smaato.net/c/ Frame 2E57 		0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:c400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
via
1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
vLPk07NWvbiB7QKpGmwNczBR5AL4X4O-9aohNiS3PjFFmt0zYwQHOw==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame AA6E
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91ede3171e7-LHR
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
server
Apache
date
Mon, 26 Sep 2022 02:44:56 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Mon, 26 Sep 2022 02:44:56 GMT
v1
match.sharethrough.com/FGMrCMMc/ Frame AA6E 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.159.6.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-159-6-67.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
setuid
sync.quantumdex.io/ Frame AA6E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91e9e0271e7-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A
date
Mon, 26 Sep 2022 02:44:56 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame AA6E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6917600745892463824
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6917600745892463824
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91e9e0071e7-LHR
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:56 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
fd25a8c4-8747-4a69-b6f6-01afa567027a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6917600745892463824
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame AA6E
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-10af90a8-69e3-3789-b600-089a26852cd1
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-10af90a8-69e3-3789-b600-089a26852cd1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a9217fac71e7-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-10af90a8-69e3-3789-b600-089a26852cd1
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
pixel
ap.lijit.com/ Frame AA6E 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 26 Sep 2022 02:44:56 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap4ams1
access-control-allow-methods
GET, POST, DELETE, PUT
setuid
sync.quantumdex.io/ Frame AA6E
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9d278200-bc40-520d-945b-be3af76aac12
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=9d278200-bc40-520d-945b-be3af76aac12
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91f5e8171e7-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=9d278200-bc40-520d-945b-be3af76aac12
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
0.gif
id5-sync.com/i/495/ Frame AA6E 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
/
s.ad.smaato.net/c/ Frame AA6E 		0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:c400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
via
1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
CDXUBeta6iqPHHMzISnh-ISbIQpI_l--yZRSOFO53_GdCNlKISGMnA==
x-cache
FunctionGeneratedResponse from cloudfront
pixel
ap.lijit.com/ Frame 2DD0 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 26 Sep 2022 02:44:56 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap4ams1
access-control-allow-methods
GET, POST, DELETE, PUT
0.gif
id5-sync.com/i/495/ Frame 2DD0 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 2DD0
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9d278200-bc40-520d-945b-be3af76aac12
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=9d278200-bc40-520d-945b-be3af76aac12
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91f5e8371e7-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=9d278200-bc40-520d-945b-be3af76aac12
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 2DD0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6917600745892463824
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6917600745892463824
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91e9e0171e7-LHR
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:56 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
1aa4ad24-0f6f-4053-ac26-1e8fd228b492
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6917600745892463824
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
s.ad.smaato.net/c/ Frame 2DD0 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:c400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
via
1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
mge7Xne37I4Ru-b0vviiDxCppnakgW2Jsz3zTNpnjXyEfLlnnowoyQ==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame 2DD0
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91eee3e71e7-LHR
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
server
Apache
date
Mon, 26 Sep 2022 02:44:56 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Mon, 26 Sep 2022 02:44:56 GMT
v1
match.sharethrough.com/FGMrCMMc/ Frame 2DD0 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.159.6.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-159-6-67.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
setuid
sync.quantumdex.io/ Frame 2DD0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91ebe1971e7-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A
date
Mon, 26 Sep 2022 02:44:56 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 2DD0
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-10af90a8-69e3-3789-b600-089a26852cd1
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-10af90a8-69e3-3789-b600-089a26852cd1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a9217fa871e7-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-10af90a8-69e3-3789-b600-089a26852cd1
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
usermatch
ssum-sec.casalemedia.com/ Frame 5777 		1 KB
875 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ba6561e43cb479400706ec60e661c136402898c38fe5513d7680e73a089f7d9

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7508a91e5930885f-LHR
content-encoding
br
content-type
text/html
date
Mon, 26 Sep 2022 02:44:56 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0cpw7ByxRWTmc0xJZM%2F0oQF1VKYFI2IlfJm7Ta2wPgWB0iQDHPImDKd6WLlG134XmopevZZeJo9SRe35zMvnCwxDC9qWEl9TCJIAc7HhGbpAx0npFyHr2PsFjo78SdDSJnrkH8HHiSK5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 417E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 26 Sep 2022 02:44:56 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 26 Sep 2022 02:44:56 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1A31 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48085
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 02:44:56 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 26 Sep 2022 16:06:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
pbsync
usermatch.targeting.unrulymedia.com/ Frame 294F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
/
onetag-sys.com/usync/ Frame 1FA7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usermatch
ssum-sec.casalemedia.com/ Frame F52C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11709f83e24dd40367518e0af07133fb6d4626f65b276ae95fb86a69b1e80010

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7508a91e5931885f-LHR
content-encoding
br
content-type
text/html
date
Mon, 26 Sep 2022 02:44:56 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRJdYlJD5%2F6BGubDWlVQzOIeVzc4vaQJ2kXffXQ4boeYo6OzZk09sBiNj9xwlYXkTfVcyByqmY0WmwrdxDYmkP8B80zzAg5bvhJ6iXQGiVTCKo0ts6gzDO7r7r8iQFp35aseQXFWv572rg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 64E8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 26 Sep 2022 02:44:56 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 26 Sep 2022 02:44:56 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8081 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48085
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 02:44:56 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 26 Sep 2022 16:06:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
pbsync
usermatch.targeting.unrulymedia.com/ Frame 5602 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
/
onetag-sys.com/usync/ Frame 61E7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame CB84
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 26 Sep 2022 02:44:56 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 26 Sep 2022 02:44:56 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 76E5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48085
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 02:44:56 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 26 Sep 2022 16:06:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 6786 		2 KB
963 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4c4defa85ba20a132836920823ff9d687913578abafecc8e13864061bb89582

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7508a91e5933885f-LHR
content-encoding
br
content-type
text/html
date
Mon, 26 Sep 2022 02:44:56 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BpL21vzruKF%2BP5b6j4NMXooE4zYggx0Tp0F0G9fG8P03tlPYsGhRdr7uHFnwZFbKoCTLFT%2Fb6k3BpIQ8Fzmtam6dxR%2B0%2FEnOh9Csrz%2FnXsJA7rWa%2BvnkCrm4ZBN3o9HXTuO572Z%2BiKyOw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
pbsync
usermatch.targeting.unrulymedia.com/ Frame 10AB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
/
onetag-sys.com/usync/ Frame 81AE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
dt
dt.adsafeprotected.com/ Frame 9814 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1168448&asId=2364d187-8cc3-fdb6-254f-f711c7ac0949&tv=%7Bc:phInR7,time:1607,type:e,im:%7BpLoad:1359%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1607,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1601~0%5D,as:%5B1601~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:231,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.1168448-65593785%7C1b1%7C1b2%7C1c%7C1d.1042432-63102463,idMap:1b.54a67bd6-fc36-6154-efea-9d5bd2e5101e.32_10933%7C1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:21,sis:154%7D&br=c
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
pbsync
usermatch.targeting.unrulymedia.com/ Frame 9C51 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 3C88 		1 KB
895 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31460492962748a29a7d57bd47f5087b328d5703516f68d8a02a43a988607e12

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7508a91e5934885f-LHR
content-encoding
br
content-type
text/html
date
Mon, 26 Sep 2022 02:44:56 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BiNGrq9YQpJmsFATH%2Bu7yTetQGWkcVfbbi84IHGVGDH90EdCGbe3FMv1SVNeX5jS8%2FgT5n9sbHyqZzgB%2FP%2BPC90y4lc9Y2T%2FvalmvNqsiVm%2F%2BIbQkO5tZthyhkbFu15QBFZYKHUpspfqg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 5A3E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame A7E9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 26 Sep 2022 02:44:56 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 26 Sep 2022 02:44:56 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1F44 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48085
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 02:44:56 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 26 Sep 2022 16:06:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame DEDD 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=19757649&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:55 GMT
content-length
0
dt
dt.adsafeprotected.com/ Frame D929 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1042432&asId=1d95ce3a-456c-0ea4-a7cd-8397ee9c27f1&tv=%7Bc:phInRt,pingTime:-10,time:972,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1664160295782%7C%7C1accf2e463b8ffb830a9dd4c14bf6556%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Ce23bb8522ee2902d1ad8f6cbaecd041e%7C%7C228a5d0fb9f8e22fcd113fba1f3d3f7f%7C%7C24f6d95f1a0451c6afd6d4caa086fed9%7C%7C6f433aac70258e5340231f8088ae7f21%7C%7Cc664c862cc0dd78321a7123b325974c7%7C%7C1663701684,sca:%7Bspg:2364d187-8cc3-fdb6-254f-f711c7ac0949%7D%7D
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
setuid
sync.quantumdex.io/ Frame 0D9B
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9d278200-bc40-520d-945b-be3af76aac12
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=9d278200-bc40-520d-945b-be3af76aac12
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91f5e8771e7-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=9d278200-bc40-520d-945b-be3af76aac12
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 0D9B
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-10af90a8-69e3-3789-b600-089a26852cd1
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-10af90a8-69e3-3789-b600-089a26852cd1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a9217fab71e7-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-10af90a8-69e3-3789-b600-089a26852cd1
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
v1
match.sharethrough.com/FGMrCMMc/ Frame 0D9B 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.159.6.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-159-6-67.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
pixel
ap.lijit.com/ Frame 0D9B 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 26 Sep 2022 02:44:56 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap4ams1
access-control-allow-methods
GET, POST, DELETE, PUT
setuid
sync.quantumdex.io/ Frame 0D9B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6917600745892463824
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6917600745892463824
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91f2e6a71e7-LHR
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:56 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
04f7a711-2ae1-496a-85e7-b884104277b5
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6917600745892463824
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
0.gif
id5-sync.com/i/495/ Frame 0D9B 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 0D9B
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91f5e7e71e7-LHR
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
server
Apache
date
Mon, 26 Sep 2022 02:44:56 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Mon, 26 Sep 2022 02:44:56 GMT
setuid
sync.quantumdex.io/ Frame 0D9B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91f2e6b71e7-LHR
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-gNBCp9ZE2uHyq3FV5LSXQ5_7m456PD2xGB5wDCE-~A
date
Mon, 26 Sep 2022 02:44:56 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
s.ad.smaato.net/c/ Frame 0D9B 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:c400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
via
1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
gM0jeKqW7VIIixLRndA0FxR1I1EY5fVQGo-7YbU41_eEmSROP9e9YA==
x-cache
FunctionGeneratedResponse from cloudfront
gen_204
pagead2.googlesyndication.com/pagead/ Frame 18FB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYHcPKBIxY8DkBbqN9u8PvuOyqAkAAAAAOAHgBAI&bg=!AAOlA0fNAAYIxsuQKMY7ACkAdvg8Wiv7AwhClIPkYM0vQ_3i58Qb-4vDlf3eojajq0b_TgRbz3p4PQIAAADbUgAAAAJoAQeZAvZmNJ1XIy_GrJK3ihT6YL80V2G8IYwWuu-aASN81h7IP1CyoSH9BOc0nt9dYFBqEgZ1aNOP_J48awJzoDhSMZKxWhUs2vm7RRO3aaejq2Vm6nTh2Ed3USjkKBCjsCJm9igl1KbqTYXZSUplQ5xGWRmlyzsWcPwLzsst_cQavyy5wWoyr6JkacvX8SY9Y4wX4IgMZuuOZDDcatpFptM2nySHNZiRGXIRxVo1_NtzOxjqL8F1tc3FSV64Ac8M-XLnK14xqnxvPrDAF-lgaGwxBGxJG0Qkgh7_ntul7k6vcenRP7tVRkrCrXgadrdKzLsl_QCtamicQHc_iipeZwFVhj9MggMSGqZuOUwfGQ2ts8IRDP22VjopQVZ8NIRSZfWs86xbcPOBYyoYZtoAjhM7fS-tkYZO64SQU_dLliBRSqWYfnvTPoe2bmdTde56jnKzOjp9b_iSYLiMS-OI4sfS9cuhJ1Y5Kch1FpePetaFtX430PAwiGSlUoo9OdhgLo5nIov_AabqqxWHvhJUCRHlHTIQW0MoOChqyp0ZRF2WJaA_jaaJZoyBDyMst6rgrXRezHPJAu0zNlvxzf-Pf22KiGMImA_cRGlkVttBush3t0FCSlSR3CAQOAmOlz4BHs6HOoppcfMTb-Fo3Ic5TQ9z89V7jptw4JXHbLWePU3OcAJinFMx1OkecwYBiIcTO6vFPgVVPscHIOUoqMv1budwGIo57SHnAGKk8wHeQ_hOXWIxjFnmOsd1Udbw8fMZk_h98WHjFMI_XM5eLzPa958u05bGMOXmoiFoSkcWP1Bkd0KKbbbglWtdrbPURRdwQ3GoQTmkrOYqwypu6V0AQou_OdvBNsy4T96DE19wZKN6aeUkRkUNMh4Je00ResIbcmaMyeIzaHv758S8nvD8I9b4SsJPcOV6Ss2fF12qerB1wEbf7njxH7wKHV7rXtZRA30JZTQcdc3j1YN2MoIfOkn3kPJkybuEoj98O3hrnF2USnwAUb-UlXtW3A
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 03FF 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:56 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
0daa05c7-12ab-4cdd-9cb1-6a8cda7a1ab4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6B6E 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:56 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
3c32bdfb-ccec-4837-9200-6823ec4a748a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame BA9D 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:56 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
98ab01b6-7c8b-4296-9056-5b677a955952
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 30EC 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:56 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
94429229-4934-4e51-b5fa-9a1f1c5fb5e8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3E91 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:56 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
2313bd8a-01eb-4d7a-a3f0-991910725001
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 098C 		1 KB
867 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a058dfa6c281417db79bd10544e3dc6a26c0736c875f74b76dbc1e9d96a86d40

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7508a91eb979885f-LHR
content-encoding
br
content-type
text/html
date
Mon, 26 Sep 2022 02:44:56 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BaPs2QBmaM%2BI057PHX%2FWnDpb68F8sO0yKpEkbpeeu8GzFQtfT3djdhlp6POPO%2BU6yByxNeVAIZNSKEGqDizKLn3HI6Ch9QjLeLRldx%2BWxQyOAi2MXjDyKJXyRBzyC0T48OMDB1ePysq%2FLA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 3AAC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pbsync
usermatch.targeting.unrulymedia.com/ Frame 54CD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6C40 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48085
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 26 Sep 2022 02:44:56 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 26 Sep 2022 16:06:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0E14
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 26 Sep 2022 02:44:56 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 26 Sep 2022 02:44:56 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=owS2-nx3OFZMckZvMm81RjRKeE8xWkVidmxSV3JUWFNleU5PUFhWRy9hSERja2JTNXBoUUxrYllJTmRzYVNPMFBTUThic0V1RVQ5MmpMTTB1NFpDOWlTdUt1cDRFSDlsNlVka2dYVm9CSHUwdkVjeFl2VERIM3JyUzMySnoyZ0x0aXZtK2QxWlo2RDhrNzVJYkxESFVuRk1OYStscE9uZE1KamhKdG1aT0RRR0hOd0hZVDByZy84NWI1ckpYaGFURk1nN0xEWXNUU2V2ekVBMk41YWpaSVFpRjlxeTgxQkVVTkJ2MGhMYmNSazdzM0EwPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 26 Sep 2022 02:44:56 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
484192
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usermatchredir
ssum-sec.casalemedia.com/ Frame F52C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECnK2sNr-7PYJupbGtquzD8&google_cver=1
43 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECnK2sNr-7PYJupbGtquzD8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a91fe9b776d7-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCFt8fkClL8pnF9uRVwqX0e2P4ZDa8nQbVw5nxoXUSdDKwaS9nhKnX5vMHAs0zlLsCB8yOBGTYFYMwGDcM0voECW5R5j8hBZgNPT%2BcdkFPueB0vLZm1Sr3sT9Hm1n3eRKkdTlgUBDkcx%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECnK2sNr-7PYJupbGtquzD8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame F52C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame F52C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:57 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
H2ECSFXXXGZA70HQZE6R
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:57 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
H5SN82R8TAFSRGDVFW2Q
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F52C 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:81f0:8432:14d1:181d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame F52C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=QArlPZha1OCE775
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=QArlPZha1OCE775
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a920ba074072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SrMgg16WEN1K458jQXpju3lnqEia3j0Qtz9SeCWgN12jTje8ZASYqs2XezVX9ROLJCWfjlREsrnFfp57PXBDszXyradgHnkIK8ZzgI1EQ69gpXT62KqMQJT%2FGOOgLQeWTaUq3BVqsXIVYw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:56 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0db4e5e2a65977bf5@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=QArlPZha1OCE775
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F52C
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a92039ca4072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0gh2lUeTLlyqPqPV1Ux4MeFLkqs%2Bd8kOJ%2FS6REc7rGq%2BIafvzOty7jmHPOC%2BxaHHqy2sN3jcAE37UPOjeO%2BBa7EBbWEohwPf%2F8TaCEc%2BSvd%2BOozDrRHVQefjEqA2tGNl09mzNh5V1e0NdA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
date
Mon, 26 Sep 2022 02:44:56 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
/
csync.loopme.me/ Frame F52C 		0
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ad6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91fcb1588a3-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
crum
dsum-sec.casalemedia.com/ Frame F52C
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a92079ec4072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=457d9BaTRuFcA%2Ff1kc%2BeyNtrXvDTxXgZX243YnbQ7QBLpYxbMmKtUOm2NRdE50c82U1noQiM0R6j33GCRhgO3oz4RFvoiRn9tZT7Juz3iiiEuQQCGm0AnlpLzgeC02FKs7Glqppb%2FYHAJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 26 Sep 2022 02:44:56 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
setuid
sync.quantumdex.io/ Frame F52C 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91f5e7f71e7-LHR
content-length
43
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 6786
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6917600745892463824
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6917600745892463824
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a91ff9a74072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b56dOM5DwGums8a%2BMjzL4LESxKhsyTLMurghu%2BNmo0zrCtjWITzQJ30ZtWPEl2TySoMeo36CuziR6XuFeoi9qcEtIdwuYmOtCI5olBeEFZG0FzILYdnGQZgAVCguq3chdf9a3mJz5ue7vg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:56 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
28e9c504-08b9-44ee-9c95-4d011b0cd834
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6917600745892463824
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 6786 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
via
1.1 varnish
server
Varnish
x-timer
S1664160297.819466,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-lcy19247-LCY
YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6786
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
2a05:d018:d29:3605:81f0:8432:14d1:181d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB
date
Mon, 26 Sep 2022 02:44:56 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 6786
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3713660117584974244
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3713660117584974244
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a92049d24072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8nDHzL4CNWweTpq4eMrfaYTGWWU2YH2433qrIHD8%2Fmk78EZ%2F%2FbUH7IwuNOu9cBbdhaP%2FFFCId7%2B9fB360xiyMT4ruMNE734n7BMtY8ZBBbibPCsXNYhtm0C15wIZEkfLeACLbNBi07yQw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3713660117584974244
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
/
csync.loopme.me/ Frame 6786 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ad6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91fcb1688a3-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
tp_out
d.adroll.com/cm/index/ Frame 6786 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.140.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-140-211.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.20.0
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum.casalemedia.com/ Frame 6786
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6917600745892463824
43 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6917600745892463824
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a9208d767705-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfB2C%2FS67x9k95h8AkWElLSLHY9PY2b1v8UG6mq15T9iXM02pgJJf2Jhr%2B%2FAstYqYlUQQTC%2FDJuFe6hKdN4O2mqJq%2FVE9sxB2J%2BYsySmCcSJZ1YxrRTw8vBg0VN3QbdeTpggwdXZ"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:56 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
465c9503-54c7-4cb2-83bc-005f72cf448b
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6917600745892463824
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6786
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a92079ef4072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHXrAnSP6GvgQejzJiVYtM1a6iGXCQC3CL1qbVgEuV7aXPblykpeJTc3WgYSPfvvZLO7FtLlkPUuIeF%2BZ%2FdbGTnciIeeHjRPzgMZVZopnLsN%2FJA%2BnU%2Bepvdl1koB%2BO91YZJkJu2%2BSLG%2F4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 26 Sep 2022 02:44:56 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
setuid
sync.quantumdex.io/ Frame 6786 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91f5e8271e7-LHR
content-length
43
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 3C88
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6917600745892463824
43 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6917600745892463824
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a91ff9a84072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hESIyhIJXjuABJy8f4LNB8yrWf%2BXvqsc%2Bm03L272sRrp9hT%2Fzg96diyJ%2BcjauG1UkSAPi1dPXWGNVmb9f2hO%2BC%2FRds7d0%2FB36MtL1u%2B37IJ1HwYYMTgxMxgf9GCZx5ZOj523KNGxcfjwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:56 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
de81f3d4-e6d1-4af8-8f8c-bd61c472a950
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6917600745892463824
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 3C88 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.103.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-103-234.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:56 GMT
Server
gunicorn
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3C88
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3641602523547046308
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3641602523547046308
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a92049d34072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hO1soBF8YiO%2FTkmgC4u2ffU4JRN5fiahwcenYVeuouyVzT3sY2LDaEE5u2PcVo7YrjkVds5BOdHvnKeZw7ZzMA1HbA4oPF7nKWM6cse01v8Y34HJK%2FsYJVcMIV4NGAuAFGEvIZDMZS0i%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3641602523547046308
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 3C88
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=affc6331-1228-4900-9a95-acf8014d3840
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=affc6331-1228-4900-9a95-acf8014d3840
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a92049cf4072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=py8F%2BSxC7WbRL1Uj0vna%2BgIqDzb4dbSHrMcLel0bNbJYDi2GdwkN4cOUUQr0u7Dkvh6q9743jth0y5Z4afX0RAn%2FAexX%2F0oolQj3WeVyvsuIHzUCNXblAPjqTU12I%2BwghvzqtP0AXVj7sg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Mon, 26 Sep 2022 02:44:56 GMT
Server
MT3 4505 5b23575 master zrh-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=affc6331-1228-4900-9a95-acf8014d3840
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 26 Sep 2022 02:44:55 GMT
casale
match.adsrvr.org/track/cmf/ Frame 3C88 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 3C88
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YzESJrEZEq9GDHQcFbh0DgAA%264457
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=e571765c-1bc4-46e1-b564-96826d2ccaaa-tucta2a97a8
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=e571765c-1bc4-46e1-b564-96826d2ccaaa-tucta2a97a8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a92029c84072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQ8A5aKnSETAds32egEbYvRNSc0kMdyozgiL1V%2Bg7rn4GYuaCFtGwnfGokk2L8E%2FGlny7KKVia%2B4wZ8VrO3rIJGNasGXG9txKBU25CIMRJoKCIBI7VQQRjdgrLC7emzEV6JM21%2FX8tJ5vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=e571765c-1bc4-46e1-b564-96826d2ccaaa-tucta2a97a8
date
Mon, 26 Sep 2022 02:44:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33704
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 3C88 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
demconf.jpg
dpm.demdex.net/ Frame 3C88
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YzESJrEZEq9GDHQcFbh0DgAA%264457?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YzESJrEZEq9GDHQcFbh0DgAA%264457
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YzESJrEZEq9GDHQcFbh0DgAA%264457
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
34.241.142.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-142-170.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v042-064073dc4.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
sppobCVETaY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v042-0b7823139.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
e0Qkzb2TRv8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YzESJrEZEq9GDHQcFbh0DgAA%264457
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
setuid
sync.quantumdex.io/ Frame 3C88 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91f5e8671e7-LHR
content-length
43
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 5777
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6917600745892463824
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6917600745892463824
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a91ff9a94072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7k61lvhSirAQfkfpeYC0DtQu27mBSRvSpicqm57kfEDcLnS5LM%2BymJq4PtnOznRP4beRTdJVdq3Ki%2B0eFkzlQI3ATFWH9f%2BfCE%2BgfQhU9TJ3KjHO31dr9S2B95MuMGE%2Fr9r%2FD0F3pDuCPw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:56 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
4be04740-20b9-4a7b-9492-e0a15b4b8a10
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6917600745892463824
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5777
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3785717711622902180
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3785717711622902180
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a92049d14072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04HzUPe%2BBeIvrFmKxLN5142OpQBYxZzJORvvnEy7xWzvNsV44MzVpQoYINQbv8%2BhzxINWWbJ1YyWJLLqB63lyBC9ZenSSzzMfOzhKZHtvuTs4MfgKK8UPfDkm%2FheajADmhsxddRqE5bjzA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3785717711622902180
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ie
match.prod.bidr.io/cookie-sync/ Frame 5777 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.103.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-103-234.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:56 GMT
Server
gunicorn
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5777
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=0a116331-1228-4d00-bbfb-d71d749eeb74
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=0a116331-1228-4d00-bbfb-d71d749eeb74
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a92049d04072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpc4nEb2Ijs2x4dcAtNhyAJDO46zV%2FM5gQujuSUauzsM%2BnesBpCcN%2FLZlrHRVoNy%2BH2KfFZf%2B%2BAcCdGhWe6ZOiqBbLiFfzETzFA9A1bj%2BHie8ESFWobTMntaBmjLj4tNeqd1xkJpoHYnGA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Mon, 26 Sep 2022 02:44:56 GMT
Server
MT3 4505 5b23575 master zrh-pixel-x8 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=0a116331-1228-4d00-bbfb-d71d749eeb74
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 26 Sep 2022 02:44:55 GMT
crum
dsum-sec.casalemedia.com/ Frame 5777
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=WUQFSnbMxda4IAHvW_rp
43 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=WUQFSnbMxda4IAHvW_rp
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a920ba054072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmAFX%2Fk%2BUjUKKjojMmdydlxD4rhCRoCBRnNyvFWbqoWNfvGLRY56XwT%2BxQyTZszsl0zHxNW979Yu6%2FxxyW21sCi8E1nVhtdACE5%2BjQP69yY7qlHDFdCOvls%2B7vaHnt%2F%2FI5j2baHgjrYJng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=WUQFSnbMxda4IAHvW_rp
Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
115
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 5777
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=efaa6146-b310-41c1-8920-71aa658bd3fb
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=efaa6146-b310-41c1-8920-71aa658bd3fb
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a92019c34072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sd3DJWRbREis%2FYfUm1dk%2B8QRkUgyTw5KC4ROYxuXwYFYiiD6yZcDRql5NEFt1bzqLJljqcRUUgISrQb4x7LblvmQxuf%2FtmWGx%2F%2BB7da65yk82qa5X0D756Pg%2F0NfALYgprgiSNg2XiJddA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=efaa6146-b310-41c1-8920-71aa658bd3fb
date
Mon, 26 Sep 2022 02:44:56 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 5777 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:55 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
dcm
s.amazon-adsystem.com/ Frame 5777
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:57 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
DFKDW7RD2GDHPG4337A4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:57 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
7TV1JQ6WDRQ0P9GYWGPE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame 5777 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91f6e8871e7-LHR
content-length
43
content-type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 9814 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsslbE9t_a2XxUoYcc89KMh_fWMSZ3yPHjvSLWZ7JfzCEV6fS7-A6Lg06uVmvIcfzN2aHq3pyYMA8OsHT0XWGPCxtbjJI32nUw&sig=Cg0ArKJSzCYSEtubjy6uEAE&id=lidar2&mcvt=1026&p=0,0,250,970&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=943508953&rs=6&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664160294706&rpt=1052&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9814 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3-ePTOISeKjyW-CQWuDj_E95Gj5nCzBGIjqB70GZSN2bnaAmgAJNRi1OcJwMoRIv0qNyJuRCc-jJFFHzfr3hyBE7yel5MRdzg4pA8IaoMVgIl9cpitgLkvrrEHSUw-mpgCIeX7g&sai=AMfl-YRFhylkQM4SlKOtvQNPzKJCXRyIXK9JsUeOHWp5d12yRSD1WQutoZGDTLJU-Usf81rRK20HL3d5iZvEdTZgisUb84RdlKSAFCAynr0A26UZePPm5f-LlTp9X4Q&sig=Cg0ArKJSzJn-f9JlK30gEAE&cid=CAASJORolrIQskAyjKHs4XCAVbXJwJBD00bknjxWjpuNmERWalCUCQ&id=lidar2&mcvt=1029&p=23,315,277,1285&mtos=0,1029,1029,1029,1029&tos=0,1029,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=3250874430&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664160294706&rpt=1048&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=251655650&t=event&_s=8&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_mcm&el=subject&_u=SACAAUABC~&jid=&gjid=&cid=2035559868.1664160293&tid=UA-113932176-40&_gid=2021730375.1664160293&gtm=2ou9l0&z=1020721095
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 05:04:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78023
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 02:44:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 02:44:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=251655650&t=timing&_s=9&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_h5.vdo.ai_ContentStart&utl=subject&utt=1318&_u=SACAAUABC~&jid=&gjid=&cid=2035559868.1664160293&tid=UA-113932176-40&_gid=2021730375.1664160293&gtm=2ou9l0&z=1749349412
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 05:04:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78023
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
logger
analytics.vdo.ai/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.0.108.65.clients.your-server.de
Software
openresty/1.19.9.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 26 Sep 2022 02:44:56 GMT
Server
openresty/1.19.9.1
Connection
keep-alive
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
rum
dsum.casalemedia.com/ Frame 098C
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1664246697
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1664246697
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a920bddc7705-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vz0avayZ1Iu8KJQVRAcZKWhdNq6tDDewU36EVdL44i0rfJKJagprvJf%2FfQb9rF6kZBoDbF9A0NBYeoG19H0tIK%2FJw5MVye37WK67CvKMWNCOq%2FBLR4mVf1G2Ue8FGutrubJ68aIz"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1664246697
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 098C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7066546449786629330&expiration=1665369897
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7066546449786629330&expiration=1665369897
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a9211a264072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kaZsZMk2RjbGYsAt4uhPPkn%2BB9uInyjoiF7CPd4F%2BCrGNdUTxDA4PvxkCX%2FU5T3TMl6b4cbTV2OmxXocrdny8rw26gvPPHaEZj6yKV45mxkmDc1QV5A8zEciqqO%2FxY95c6dY7acuixtM%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7066546449786629330&expiration=1665369897
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame 098C
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=ctnVLnXY1Clp3IB7d9LLfnLT0ipp0tZ5IIh7cNe2
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=ctnVLnXY1Clp3IB7d9LLfnLT0ipp0tZ5IIh7cNe2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a92039cc4072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txIgrlRuIcuCggDxh%2BjSKCIBIiKAsPlbSv975YhAW5F4D86TNae5e4CZUXMM9E8tlV9lUjDDjnbMn8AfyVAkisEr%2F0tPgWA2c%2BfkrxfBo7G74FlKk0XJNd1jWC3RpWhLmKz1j4X0sQbf7g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=ctnVLnXY1Clp3IB7d9LLfnLT0ipp0tZ5IIh7cNe2
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
bridge
cm.adgrx.com/ Frame 098C 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:57 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-9
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
dcm
s.amazon-adsystem.com/ Frame 098C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:57 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
Q9FDS7X08EVYF54T3VCW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:57 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
9FSFM1EB41CYKDHZDFYD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 098C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECnK2sNr-7PYJupbGtquzD8&google_cver=1
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECnK2sNr-7PYJupbGtquzD8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a92039ea76d7-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FUi4ip0OUdwk9LXtb9BiemlVPx4q2PNzYB4hPLbXKfQpYt2pxjL0riLpUehcFMgfyFuxkIpYruluogVIKMUhZ9csafaSa426j89IH3YuGKRBVDtaxmL8mGFs4e03cxFwkxafta%2BB99wZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECnK2sNr-7PYJupbGtquzD8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 098C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e06623de-0cc7-408b-9e24-f0ac6c78182c&ssp=index&gdpr=&gdpr_consent=
43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e06623de-0cc7-408b-9e24-f0ac6c78182c&ssp=index&gdpr=&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e06623de-0cc7-408b-9e24-f0ac6c78182c&ssp=index&gdpr=&gdpr_consent=
Date
Mon, 26 Sep 2022 02:44:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 098C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=WUQFSnbMxda4IAHvW_rp
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=WUQFSnbMxda4IAHvW_rp
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7508a9217a4d4072-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1FOGo3TpVDb3APHR8KqgU2ddkSu3Bx%2BXXNjgLZtzArMtMRS6tcFMhIGT1%2BIqavS%2FRKn4EMWAg4onXIxFeJDWLLJhWRsiaBW9iLMDxMZgbV6u9KhWaf2HK13ZPEDnvcTzpB0rtqQnp1cNg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=WUQFSnbMxda4IAHvW_rp
Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
115
Content-Type
text/html; charset=utf-8
setuid
sync.quantumdex.io/ Frame 098C 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YzESJrEZEq9GDHQcFbh0DgAAEWkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7508a91feec871e7-LHR
content-length
43
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 64E8 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 02:44:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57802
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Mon, 26 Sep 2022 18:48:18 GMT
usync.js
eus.rubiconproject.com/ Frame A7E9 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 02:44:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57802
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Mon, 26 Sep 2022 18:48:18 GMT
usync.js
eus.rubiconproject.com/ Frame CB84 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 02:44:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57802
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Mon, 26 Sep 2022 18:48:18 GMT
usync.js
eus.rubiconproject.com/ Frame 417E 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 02:44:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57802
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Mon, 26 Sep 2022 18:48:18 GMT
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ 		425 KB
426 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash
0c836b8d2d72a0e242dfb57e9f67303f8bab4807342eb3e8ad046d1c0315c45d

Request headers

Referer
https://subject.com.ua/
vdoai
true
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=453832-889239

Response headers

Date
Mon, 26 Sep 2022 02:44:57 GMT
Last-Modified
Sat, 30 Jul 2022 00:37:11 GMT
Server
nginx/1.16.1
Access-Control-Allow-Origin
*
ETag
"62e47d37-cce09a8"
Content-Type
video/mp2t
Content-Range
bytes 453832-889239/214829480
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
435408
Expires
Tue, 26 Sep 2023 02:44:57 GMT
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Mon, 26 Sep 2022 02:44:56 GMT
Expires
Tue, 26 Sep 2023 02:44:56 GMT
Server
nginx/1.16.1
ads
pubads.g.doubleclick.net/gampad/ Frame 6451 		156 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C22587791099%2Fvdoai-dfp-parent-adunit%2Fz1_dfp_subject_v_pre_1v&description_url=https%3A%2F%2Fsubject.com.ua%2F&tfcd=0&npa=0&correlator=2984497743952289&vpos=preroll&sz=288x162%7C300x250%7C400x300%7C419x236%7C640x360%7C640x480%7C1x1%7C800x450%7C444x250%7C635x357%7C640x360%7C400x300%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fsubject.com.ua%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26medianet_ebda%3Dtrue%26openx_ebda%3Dtrue%26rubicon_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.532.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=2401209937&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.532.0&media_url=blob%3Ahttps%253a%2F%2Fsubject.com.ua%2Fb2283a19-60a6-4311-902e-7eec0cd78924&sid=EA7065C2-787B-48F2-9CEC-B6926F01762F&nel=0&eid=44748969%2C44750822%2C44754420%2C44760950%2C44765701&dlt=1664160292506&idt=3468&dt=1664160296952&cookie=ID%3D25bba7b959468ccb%3AT%3D1664160293%3AS%3DALNI_MaheplET4PYONmwCPoMJcPPc6GEqA&cookie_enabled=1&scor=579821303207686&ged=ve4_td4_tt1_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 0E14 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 02:44:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57802
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Mon, 26 Sep 2022 18:48:18 GMT
khaos.jpg
token.rubiconproject.com/ Frame 64E8 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame A7E9 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame CB84 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame 417E 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/jpg
dt
dt.adsafeprotected.com/ Frame 9814 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=54a67bd6-fc36-6154-efea-9d5bd2e5101e&tv=%7Bc:phInWJ,pingTime:1,time:1359,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:261%7D,%7Bpiv:0,vs:o,r:l,t:289%7D,%7Bpiv:100,vs:i,r:,t:356%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1003,o:356,n:289,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:261,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B42~1,1~0%5D,as:%5B43~970.250%5D%7D%7D,%7Bsl:o,t:289,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B66~0%5D,as:%5B66~970.250%5D%7D%7D,%7Bsl:i,t:356,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:241,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.10933%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d.10933%7C1d1%7C1d2%7C1d3%7C1e%7C1f,idMap:1b.2364d187-8cc3-fdb6-254f-f711c7ac0949.54_1168448-65593785%7C1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:262,sis:394%7D&br=c
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 9814 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=54a67bd6-fc36-6154-efea-9d5bd2e5101e&tv=%7Bc:phInWJ,pingTime:1,time:1359,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:261%7D,%7Bpiv:0,vs:o,r:l,t:289%7D,%7Bpiv:100,vs:i,r:,t:356%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1003,o:356,n:289,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:261,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B42~1,1~0%5D,as:%5B43~970.250%5D%7D%7D,%7Bsl:o,t:289,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B66~0%5D,as:%5B66~970.250%5D%7D%7D,%7Bsl:i,t:356,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:241,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.10933%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d.10933%7C1d1%7C1d2%7C1d3%7C1e%7C1f,idMap:1b.2364d187-8cc3-fdb6-254f-f711c7ac0949.54_1168448-65593785%7C1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:262,sis:394,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 9814 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=54a67bd6-fc36-6154-efea-9d5bd2e5101e&tv=%7Bc:phInWK,pingTime:1,time:1360,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:261%7D,%7Bpiv:0,vs:o,r:l,t:289%7D,%7Bpiv:100,vs:i,r:,t:356%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1004,o:356,n:289,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:261,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B42~1,1~0%5D,as:%5B43~970.250%5D%7D%7D,%7Bsl:o,t:289,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B66~0%5D,as:%5B66~970.250%5D%7D%7D,%7Bsl:i,t:356,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1004~100%5D,as:%5B1004~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:241,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.10933%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d.10933%7C1d1%7C1d2%7C1d3%7C1e%7C1f,idMap:1b.2364d187-8cc3-fdb6-254f-f711c7ac0949.54_1168448-65593785%7C1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:262,sis:394,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
khaos.jpg
token.rubiconproject.com/ Frame 0E14 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 64E8 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=pbs-valueimpression
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
c57992b917a1c5de787b922c662fdf18
Content-Type
image/gif
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=251655650&t=event&_s=10&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_mcm_apac&el=subject&_u=SACAAUABC~&jid=&gjid=&cid=2035559868.1664160293&tid=UA-113932176-40&_gid=2021730375.1664160293&gtm=2ou9l0&z=1903380184
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 05:04:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78024
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 02:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 02:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame D929 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=9a71e037-7152-84de-7f76-e3969c7b3fc0&tv=%7Bc:phIo0h,pingTime:-10,time:992,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1664160295782%7C%7C1accf2e463b8ffb830a9dd4c14bf6556%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Ce23bb8522ee2902d1ad8f6cbaecd041e%7C%7C228a5d0fb9f8e22fcd113fba1f3d3f7f%7C%7C24f6d95f1a0451c6afd6d4caa086fed9%7C%7C6f433aac70258e5340231f8088ae7f21%7C%7Cc664c862cc0dd78321a7123b325974c7%7C%7C1663701684,sca:%7Bspg:2364d187-8cc3-fdb6-254f-f711c7ac0949%7D%7D
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ads
pubads.g.doubleclick.net/gampad/ Frame 6451 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F22100121508%2C22587791099%2FDFP_APAC_Parent_First_AdBreak%2Fellipsis_dfp_subject_v_pre_1&description_url=https%3A%2F%2Fsubject.com.ua%2F&tfcd=0&npa=0&correlator=1449409225908040&vpos=preroll&sz=288x162%7C300x250%7C400x300%7C419x236%7C640x360%7C640x480%7C1x1%7C800x450%7C444x250%7C635x357%7C640x360%7C400x300%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fsubject.com.ua%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26openx_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.532.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=2401209937&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.532.0&media_url=blob%3Ahttps%253a%2F%2Fsubject.com.ua%2Fb2283a19-60a6-4311-902e-7eec0cd78924&sid=EA7065C2-787B-48F2-9CEC-B6926F01762F&nel=0&eid=44748969%2C44750822%2C44754420%2C44760950%2C44765701&dlt=1664160292506&idt=3468&dt=1664160297220&cookie=ID%3D25bba7b959468ccb%3AT%3D1664160293%3AS%3DALNI_MaheplET4PYONmwCPoMJcPPc6GEqA&cookie_enabled=1&scor=1966064411022408&ged=ve4_td4_tt1_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 9814 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=54a67bd6-fc36-6154-efea-9d5bd2e5101e&tv=%7Bc:phIo0r,pingTime:-10,time:1589,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1664160295782%7C%7C1accf2e463b8ffb830a9dd4c14bf6556%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Ce23bb8522ee2902d1ad8f6cbaecd041e%7C%7C228a5d0fb9f8e22fcd113fba1f3d3f7f%7C%7C24f6d95f1a0451c6afd6d4caa086fed9%7C%7C6f433aac70258e5340231f8088ae7f21%7C%7Cc664c862cc0dd78321a7123b325974c7%7C%7C1663701684,sca:%7Bspg:2364d187-8cc3-fdb6-254f-f711c7ac0949%7D%7D
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ 		372 KB
372 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash
4b5bdc8b09debc3ea3e777a7ea40f27569cc293a737084a9633917a37b4f09f5

Request headers

Referer
https://subject.com.ua/
vdoai
true
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=889240-1269751

Response headers

Date
Mon, 26 Sep 2022 02:44:57 GMT
Last-Modified
Sat, 30 Jul 2022 00:37:11 GMT
Server
nginx/1.16.1
Access-Control-Allow-Origin
*
ETag
"62e47d37-cce09a8"
Content-Type
video/mp2t
Content-Range
bytes 889240-1269751/214829480
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
380512
Expires
Tue, 26 Sep 2023 02:44:57 GMT
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Mon, 26 Sep 2022 02:44:57 GMT
Expires
Tue, 26 Sep 2023 02:44:57 GMT
Server
nginx/1.16.1
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=251655650&t=event&_s=11&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_adipologreeter&el=subject&_u=SACAAUABC~&jid=&gjid=&cid=2035559868.1664160293&tid=UA-113932176-40&_gid=2021730375.1664160293&gtm=2ou9l0&z=1395676250
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 05:04:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78024
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 02:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=subject.com.ua
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 02:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 6451 		71 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C22691085319%2Fapl%2Fvdoapl%2FHardFloor_Z1_0.50_Tier1_Adipolo_8204&description_url=https%3A%2F%2Fsubject.com.ua%2F&tfcd=0&npa=0&sz=400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=524321357690905&vad_type=linear&ad_type=audio_video&vpa=click&vpmute=0&sdkv=h.3.532.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=3805818323&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.532.0&media_url=blob%3Ahttps%253a%2F%2Fsubject.com.ua%2Fb2283a19-60a6-4311-902e-7eec0cd78924&sid=EA7065C2-787B-48F2-9CEC-B6926F01762F&nel=0&eid=44748969%2C44750822%2C44754420%2C44760950%2C44765701&url=https%3A%2F%2Fsubject.com.ua%2F&dlt=1664160292506&idt=3468&dt=1664160297502&cookie=ID%3D25bba7b959468ccb%3AT%3D1664160293%3AS%3DALNI_MaheplET4PYONmwCPoMJcPPc6GEqA&cookie_enabled=1&scor=1926666862387246&ged=ve4_td5_tt2_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a3d13b6af1c3c54bca2886ab80d1b013465c1ad8742fba178580b87eb5f0c6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15939
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ 		427 KB
428 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash
284429ccdc89fd7a58c118e3a020b14fb1043aef938875036adf5026f5b406c9

Request headers

Referer
https://subject.com.ua/
vdoai
true
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=1269752-1707227

Response headers

Date
Mon, 26 Sep 2022 02:44:57 GMT
Last-Modified
Sat, 30 Jul 2022 00:37:11 GMT
Server
nginx/1.16.1
Access-Control-Allow-Origin
*
ETag
"62e47d37-cce09a8"
Content-Type
video/mp2t
Content-Range
bytes 1269752-1707227/214829480
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
437476
Expires
Tue, 26 Sep 2023 02:44:57 GMT
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Mon, 26 Sep 2022 02:44:57 GMT
Expires
Tue, 26 Sep 2023 02:44:57 GMT
Server
nginx/1.16.1
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220921&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua&bust=31069778
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
706e80e1827bcbca9cc47a9f35dc6a54025b35231e6042993d005af809d85443
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Sep 2022 02:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11173
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 6ED8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=subject.com.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 02:44:57 GMT
server
Kestrel
server-processing-duration-in-ticks
766027
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 03FF 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:57 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
3426953b-f948-4e62-b606-9abfd4ce29d9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6B6E 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:57 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
8967eba5-0b71-4132-a73e-575b42c2cc7b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame BA9D 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:57 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
537d47a7-8d40-4f2b-b0d0-a2790dc6bb14
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 30EC 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:57 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
2ac9bb0b-56bd-424d-8e0d-3162d16e627d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3E91 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:57 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
58571ac8-05e9-4e24-853d-0f18b8eab0f3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ 		348 KB
349 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash
773cc6770aff186c7b9f766d128a51a138acc3700723cc57779272fbceeba337

Request headers

Referer
https://subject.com.ua/
vdoai
true
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=1707228-2063863

Response headers

Date
Mon, 26 Sep 2022 02:44:57 GMT
Last-Modified
Sat, 30 Jul 2022 00:37:11 GMT
Server
nginx/1.16.1
Access-Control-Allow-Origin
*
ETag
"62e47d37-cce09a8"
Content-Type
video/mp2t
Content-Range
bytes 1707228-2063863/214829480
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
356636
Expires
Tue, 26 Sep 2023 02:44:57 GMT
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Mon, 26 Sep 2022 02:44:57 GMT
Expires
Tue, 26 Sep 2023 02:44:57 GMT
Server
nginx/1.16.1
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=subject.com.ua&bust=31069778
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 02:44:57 GMT
sid
mug.criteo.com/ Frame 6ED8
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=subject.com.ua&sn=ChromeSyncframe&so=3&topUrl=subject.com.ua&bundle=ePR3XF9TUHA5MWkxbHh3RlNjUEttZW91cWdQZWsxdG12cVY5R1JKZDAwSWRnJTJCRlYxJT...
  • https://mug.criteo.com/sid?cpp=G058LHxrcTNTRFhkMXZOUHBHTStrUktQODlOZmt1VWREWkNmOVJEYzgxaWFZdVMzcFFDRjlkRllVeitnK3IvckxqSWJySldTbGU0UlFZdXFFdzFYY2lMMU1WRUhmWXIwVHRLZVQ1OENTd3dicUR3aDAvQ09sTDJvRGdlZT...
422 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=G058LHxrcTNTRFhkMXZOUHBHTStrUktQODlOZmt1VWREWkNmOVJEYzgxaWFZdVMzcFFDRjlkRllVeitnK3IvckxqSWJySldTbGU0UlFZdXFFdzFYY2lMMU1WRUhmWXIwVHRLZVQ1OENTd3dicUR3aDAvQ09sTDJvRGdlZTJNWFVpNjY3NnRPTEhoQ21TbXVIMnFMcmJvL3hWMnlXYnpuQkRzbjF4RFlEYU01S09iaTkwNzJZWm5McjNZZnJUWC9DVHZCYVdsYndRc2FkSlRDWU56TWxyZzZ0VllvWVpYbjdyS1pEcmg1aUJOSVh6RGpzZDhLSkVlZmp4UFBZQVhsOEJWUXQ5eEVRak4vTlZINXVkSWNNOFJubG1SeUxiSTA5cUU1VXhKV3RFWWdMQ3hpRT18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
18f880197e07cd16241bd13226e79090022d0a4e8bd84298a840998b6095b09f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2384018
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=G058LHxrcTNTRFhkMXZOUHBHTStrUktQODlOZmt1VWREWkNmOVJEYzgxaWFZdVMzcFFDRjlkRllVeitnK3IvckxqSWJySldTbGU0UlFZdXFFdzFYY2lMMU1WRUhmWXIwVHRLZVQ1OENTd3dicUR3aDAvQ09sTDJvRGdlZTJNWFVpNjY3NnRPTEhoQ21TbXVIMnFMcmJvL3hWMnlXYnpuQkRzbjF4RFlEYU01S09iaTkwNzJZWm5McjNZZnJUWC9DVHZCYVdsYndRc2FkSlRDWU56TWxyZzZ0VllvWVpYbjdyS1pEcmg1aUJOSVh6RGpzZDhLSkVlZmp4UFBZQVhsOEJWUXQ5eEVRak4vTlZINXVkSWNNOFJubG1SeUxiSTA5cUU1VXhKV3RFWWdMQ3hpRT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
624754
content-length
0
expires
0
prebid.js
tag.eu.dev2pub.com/ 		479 KB
479 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.eu.dev2pub.com/prebid.js
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/dev2pub.js?id=%27d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.91.60.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
860a918cf8f248e936c6a50f30f8c7a58aa92393f054e00e35fb18e5cd5c43db

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 02:44:57 GMT
Last-Modified
Fri, 16 Sep 2022 15:29:58 GMT
Server
nginx
X-IPLB-Request-ID
D98AC469:A6CC_335B3C26:01BB_63311224_14A46594:10DBE
ETag
"63249676-77ae3"
X-IPLB-Instance
42215
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
490211
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 194E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
11194
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Sep 2022 23:38:23 GMT
expires
Mon, 25 Sep 2023 23:38:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E5D8 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ba687c6f17cc9bfadaf346de00ff1e997b366e2200c93bd4f12fd72a5c653b91
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZOARtfDV_MoWiUFq9efgCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-ZOARtfDV_MoWiUFq9efgCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 02:44:57 GMT
expires
Mon, 26 Sep 2022 02:44:57 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
csi
csi.gstatic.com/ Frame 6451 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l8i62mg0&c=6039425552057&slotId=3019712776028.5&qqid=CLH4ipu4sfoCFciQewod8JEHhg&gqid=KRIxY_2NIN23x_AP8KycmAQ&fb=ima_html5-lima&sdkv=h.3.532.0&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&ghmsh_eids=44748969%2C44750822%2C44754420%2C44760950%2C44765701&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&met.4=ghmsh_s.l8i62nw3~ghmsh_s.l8i62nw4&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=feC7PzdjIJ3360tg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400b:804::2003 Highland Park, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:58 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 6451 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-6869229806232676
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:36:19 GMT
x-content-type-options
nosniff
age
518
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Sep 2022 03:26:19 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 6451 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHUfSKRIxY_G_Isih7gPwo56wCND838Bs7p6urs8QsJAfEAEg3aCKfGC7hoCA0AqgAbaKrLwCyAEF4AIAqAMBmAQAqgT1AU_Q46mgwCpa3pb_wBlNG1gVh27KhSNmLW_8gvaik9Oqgh5sViC10LOOrbUonoofRVw4kkcREXCV41_Ex1hPYT83M6Iksaa2p_Yxk5A-yQBrFIIw1_FXLU_Rh8FerBppaMzMgkS_SzYQCIoBeR3zkTDJAnLwqnlPx8tXy-Ma-PHFJzNdggJsd7420s2d3eKG-Qc3aeuFYRsZ3tFi5tQ8DlrRA3RclEBJKTw9qxPII0nlbIgggDcQWsc33odZezXrCL2LDCNkrVStIlkgwxGkG-3PjGMk9yAtyD7qO91dFw0fVVh2B92AG8Qj9IjxO6UT7GS2zd9QwAT26JjHiQTgBAGgBlSAB7L108MBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgECxCeT0yeTpbK5vgAoDmAsByAsB0AsOuAwB2BMNiBQC0BUB4hYCCAH4FgGAFwE&sigh=aOqAPVFmwWI&label=show_ad&sdkv=h.3.532.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3MTA1OTQ0MTUxODIMNjIyMTU5NzE5MDc4QM0CUiMQDyUAAPBBKAE6C3BQZlhkaG9UbEZzQglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 6451 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=ChRQGKRIxY_G_Isih7gPwo56wCND838Bs7p6urs8QsJAfEAEg3aCKfGC7hoCA0AqgAbaKrLwCyAEF4AIAqAMBmAQAqgTyAU_Q46mgwCpa3pb_wBlNG1gVh27KhSNmLW_8gvaik9Oqgh5sViC10LOOrbUonoofRVw4kkcREXCV41_Ex1hPYT83M6Iksaa2p_Yxk5A-yQBrFIIw1_FXLU_Rh8FerBppaMzMgkS_SzYQCIoBeR3zkTDJAnLwqnlPx8tXy-Ma-PHFJzNdggJsd7420s2d3eKG-Qc3aeuFYRsZ3tFi5tQ8DlrRA3RclEBJKTw9qxPII0nlbIgggDcQWsc33odZezXrCL2LDCNkrVSteliSqRmO-85dJtO7pa2y3v8baiOEowc3XHZu6wdpSjrwSaDdIw2HazY7wAT26JjHiQTgBAGgBlSAB7L108MBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCewh2oCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAcITBhi2iqy8AtgTDYgUAtAVAeIWAggBgBcBshceChwIABIUcHViLTI5MzA4MDUxMDQ0MTgyMDQYppN2&sigh=7sBtwexYBR4&cmd=Ch1jYS12aWRlby1wdWItMjkzMDgwNTEwNDQxODIwNBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vt=10&sdkv=h.3.532.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3MTA1OTQ0MTUxODIMNjIyMTU5NzE5MDc4QM0CUiMQDyUAAPBBKAE6C3BQZlhkaG9UbEZzQglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
truncated
/ Frame 6451 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
csi
csi.gstatic.com/ 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~l8i62kmz&c=6039425552057&slotId=3019712776028.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400b:804::2003 Highland Park, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:58 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6451 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.532.0&e=44748969%2C44750822%2C44754420%2C44760950%2C44765701&id=ima_html5&c=2310079935024809&domain=subject.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 9814 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1168448&asId=2364d187-8cc3-fdb6-254f-f711c7ac0949&tv=%7Bc:phIobp,pingTime:1,time:2865,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:20%7D,%7Bpiv:100,vs:i,r:,t:1826%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1039,o:1826,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1821~0,0~100%5D,as:%5B1821~970.250%5D%7D%7D,%7Bsl:i,t:1826,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1038~100%5D,as:%5B1038~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:277,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.1168448-65593785%7C1b1%7C1b2%7C1c%7C1d.1042432-63102463,idMap:1b.54a67bd6-fc36-6154-efea-9d5bd2e5101e.32_10933%7C1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:21,sis:154%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:58 GMT
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 9814 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1168448&asId=2364d187-8cc3-fdb6-254f-f711c7ac0949&tv=%7Bc:phIobq,pingTime:1,time:2866,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:20%7D,%7Bpiv:100,vs:i,r:,t:1826%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1040,o:1826,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1821~0,0~100%5D,as:%5B1821~970.250%5D%7D%7D,%7Bsl:i,t:1826,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1039~100%5D,as:%5B1039~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:277,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.1168448-65593785%7C1b1%7C1b2%7C1c%7C1d.1042432-63102463,idMap:1b.54a67bd6-fc36-6154-efea-9d5bd2e5101e.32_10933%7C1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:21,sis:154%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:58 GMT
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
videoplayback
rr5---sn-aigzrnsr.googlevideo.com/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rr5---sn-aigzrnsr.googlevideo.com/videoplayback?expire=1664189097&ei=KRIxY_S0Ldimx_APkrSEyAM&ip=2001:ac8:21:e::10&id=a4f7d7761a13945b&itag=22&source=youtube&requiressl=yes&mh=uX&mm=31&mn=sn-aigzrnsr&ms=au&mv=m&mvi=5&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=30.162&lmt=1664110212672037&mt=1664159819&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgUDvlW051wJvCDEHbkH3axuCOmUmzFm-MxEHzqA9ackcCIQCEBW-XOteMmY1gcC2bD6rHi82saQzY7hXmkSv-CMIrUQ==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAITi5T_7ZnGquEvPLf6WxkgENV3ROzZ0ci6mZz8bsyHaAiEA-MdAobeJpSUme-_yogCdfIu0IyDl_L-SH7pSHy3gfs0=&cpn=feC7PzdjIJ3360tg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4009:17::a London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
0016f18dad646b284282b035a3d2c2ce3d5c0bb6cfa590ae7cecac160458a373
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://subject.com.ua/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 26 Sep 2022 02:44:58 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 25 Sep 2022 12:50:12 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-1936770/1936771
Cache-Control
private, max-age=28499
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1936771
Expires
Mon, 26 Sep 2022 02:44:58 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E5D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220921&jk=3670890927833525&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 194E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 21:45:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363591
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 21:45:06 GMT
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ 		446 KB
446 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash
1b3880b4d7a8f4a2bc3824f8eaa69c4a65ee91d9010e2a3f925f5f28fb76b0f6

Request headers

Referer
https://subject.com.ua/
vdoai
true
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=2063864-2520327

Response headers

Date
Mon, 26 Sep 2022 02:44:58 GMT
Last-Modified
Sat, 30 Jul 2022 00:37:11 GMT
Server
nginx/1.16.1
Access-Control-Allow-Origin
*
ETag
"62e47d37-cce09a8"
Content-Type
video/mp2t
Content-Range
bytes 2063864-2520327/214829480
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
456464
Expires
Tue, 26 Sep 2023 02:44:58 GMT
1648810245326246d905ebe51.ts
h5.vdo.ai/media_file/subject/source/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h5.vdo.ai/media_file/subject/source/uploads/videos/1648810245326246d905ebe51.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.79.20.94 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns566706.ip-51-79-20.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Mon, 26 Sep 2022 02:44:57 GMT
Expires
Tue, 26 Sep 2023 02:44:57 GMT
Server
nginx/1.16.1
d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f
api.eu.dev2pub.com/api/public/Dev2Pub/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.eu.dev2pub.com/api/public/Dev2Pub/d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/dev2pub.js?id=%27d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.91.60.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
0e5dc41f3d530c3677b9e0b9a413f7ea8535c2a2a282d267d2819c20553bdcd8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 26 Sep 2022 02:44:58 GMT
Server
nginx
X-IPLB-Request-ID
D98AC469:A6EE_335B3C26:01BB_63311225_14A5CC72:26F3B
Content-Length
2710
X-IPLB-Instance
42214
Content-Type
application/json; charset=utf-8
generate_204
tpc.googlesyndication.com/ Frame 194E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?OCCQGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:58 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 6451 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHUfSKRIxY_G_Isih7gPwo56wCND838Bs7p6urs8QsJAfEAEg3aCKfGC7hoCA0AqgAbaKrLwCyAEF4AIAqAMBmAQAqgT1AU_Q46mgwCpa3pb_wBlNG1gVh27KhSNmLW_8gvaik9Oqgh5sViC10LOOrbUonoofRVw4kkcREXCV41_Ex1hPYT83M6Iksaa2p_Yxk5A-yQBrFIIw1_FXLU_Rh8FerBppaMzMgkS_SzYQCIoBeR3zkTDJAnLwqnlPx8tXy-Ma-PHFJzNdggJsd7420s2d3eKG-Qc3aeuFYRsZ3tFi5tQ8DlrRA3RclEBJKTw9qxPII0nlbIgggDcQWsc33odZezXrCL2LDCNkrVStIlkgwxGkG-3PjGMk9yAtyD7qO91dFw0fVVh2B92AG8Qj9IjxO6UT7GS2zd9QwAT26JjHiQTgBAGgBlSAB7L108MBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgECxCeT0yeTpbK5vgAoDmAsByAsB0AsOuAwB2BMNiBQC0BUB4hYCCAH4FgGAFwE&sigh=aOqAPVFmwWI&label=video_ad_loaded&sdkv=h.3.532.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3MTA1OTQ0MTUxODIMNjIyMTU5NzE5MDc4QM0CUiMQDyUAAAxCKAE6C3BQZlhkaG9UbEZzQglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame 6451 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:58:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
488775
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 20 Sep 2023 10:58:43 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 6451 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=ChRQGKRIxY_G_Isih7gPwo56wCND838Bs7p6urs8QsJAfEAEg3aCKfGC7hoCA0AqgAbaKrLwCyAEF4AIAqAMBmAQAqgTyAU_Q46mgwCpa3pb_wBlNG1gVh27KhSNmLW_8gvaik9Oqgh5sViC10LOOrbUonoofRVw4kkcREXCV41_Ex1hPYT83M6Iksaa2p_Yxk5A-yQBrFIIw1_FXLU_Rh8FerBppaMzMgkS_SzYQCIoBeR3zkTDJAnLwqnlPx8tXy-Ma-PHFJzNdggJsd7420s2d3eKG-Qc3aeuFYRsZ3tFi5tQ8DlrRA3RclEBJKTw9qxPII0nlbIgggDcQWsc33odZezXrCL2LDCNkrVSteliSqRmO-85dJtO7pa2y3v8baiOEowc3XHZu6wdpSjrwSaDdIw2HazY7wAT26JjHiQTgBAGgBlSAB7L108MBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCewh2oCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAcITBhi2iqy8AtgTDYgUAtAVAeIWAggBgBcBshceChwIABIUcHViLTI5MzA4MDUxMDQ0MTgyMDQYppN2&sigh=7sBtwexYBR4&cmd=Ch1jYS12aWRlby1wdWItMjkzMDgwNTEwNDQxODIwNBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&sdkv=h.3.532.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 6451 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CiRhqKRIxY_G_Isih7gPwo56wCND838Bs7p6urs8QsJAfEAEg3aCKfGC7hoCA0AqgAbaKrLwCyAEF4AIAqAMBmAQAqgTyAU_Q46mgwCpa3pb_wBlNG1gVh27KhSNmLW_8gvaik9Oqgh5sViC10LOOrbUonoofRVw4kkcREXCV41_Ex1hPYT83M6Iksaa2p_Yxk5A-yQBrFIIw1_FXLU_Rh8FerBppaMzMgkS_SzYQCIoBeR3zkTDJAnLwqnlPx8tXy-Ma-PHFJzNdggJsd7420s2d3eKG-Qc3aeuFYRsZ3tFi5tQ8DlrRA3RclEBJKTw9qxPII0nlbIgggDcQWsc33odZezXrCL2LDCNkrVSteliSqRmO-85dJtO7pa2y3v8baiOEowc3XHZu6wdpSjrwSaDdIw2HazY7wAT26JjHiQTgBAGgBlSAB7L108MBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw2IFALQFQHiFgIIAfgWAYAXAQ&sigh=GPpjouj0XK0&cmd=Ch1jYS12aWRlby1wdWItMjkzMDgwNTEwNDQxODIwNBAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D935%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D329,404,779,1204%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30116%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1946%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D597606668%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1664160293629%26ptlt%3D1664160298118%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.18%26t%3D1664160297866&sdkv=h.3.532.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3MTA1OTQ0MTUxODIMNjIyMTU5NzE5MDc4QM0CUiYQDyUAAAxCKAE6C3BQZlhkaG9UbEZzQglnb29nbGVhZHNI-gFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6451 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-Oz7ZkttvXTy9hGoUDGsCAYc7kah_VXNH-qB4jXYmJ69rgZmyHlq2wOfOVPU6d6_UB0n1gm4AwM7UIvZiOvY_0SCDrcAkpG_U2A_bNhKsrNtPbQKm2DEQn35KPuQEO1XwQ7jC0g&sai=AMfl-YQuY3hHFe9pV2bQuiBQpo_-XPIILMxQh53lU_WuGq_yuW3OLcZmHfqILJbgcyEhqY5qnadJCfyZGo0S85bEIfmInebz8m6Fm250XSHfQIbOWcIdBkmJscRPl7c&sig=Cg0ArKJSzGFvi2vumL6NEAE&cid=CAASF-RoVT6LIToOTOAcE4m9sMQGLrEpQtrr&id=lidarv&acvw=sv%3D935%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D329,404,779,1204%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30116%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1946%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D597606668%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1664160293629%26ptlt%3D1664160298119%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1664160297866&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 6451 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CiRhqKRIxY_G_Isih7gPwo56wCND838Bs7p6urs8QsJAfEAEg3aCKfGC7hoCA0AqgAbaKrLwCyAEF4AIAqAMBmAQAqgTyAU_Q46mgwCpa3pb_wBlNG1gVh27KhSNmLW_8gvaik9Oqgh5sViC10LOOrbUonoofRVw4kkcREXCV41_Ex1hPYT83M6Iksaa2p_Yxk5A-yQBrFIIw1_FXLU_Rh8FerBppaMzMgkS_SzYQCIoBeR3zkTDJAnLwqnlPx8tXy-Ma-PHFJzNdggJsd7420s2d3eKG-Qc3aeuFYRsZ3tFi5tQ8DlrRA3RclEBJKTw9qxPII0nlbIgggDcQWsc33odZezXrCL2LDCNkrVSteliSqRmO-85dJtO7pa2y3v8baiOEowc3XHZu6wdpSjrwSaDdIw2HazY7wAT26JjHiQTgBAGgBlSAB7L108MBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw2IFALQFQHiFgIIAfgWAYAXAQ&sigh=GPpjouj0XK0&cmd=Ch1jYS12aWRlby1wdWItMjkzMDgwNTEwNDQxODIwNBAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D935%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D329,404,779,1204%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30116%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1946%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D597606668%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1664160293629%26ptlt%3D1664160298120%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1664160297866&sdkv=h.3.532.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3MTA1OTQ0MTUxODIMNjIyMTU5NzE5MDc4QM0CUiYQDyUAAAxCKAE6C3BQZlhkaG9UbEZzQglnb29nbGVhZHNI-gFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6451 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.532.0&e=44748969%2C44750822%2C44754420%2C44760950%2C44765701&id=ima_html5&c=2310079935024809&domain=subject.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 6451 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CiRhqKRIxY_G_Isih7gPwo56wCND838Bs7p6urs8QsJAfEAEg3aCKfGC7hoCA0AqgAbaKrLwCyAEF4AIAqAMBmAQAqgTyAU_Q46mgwCpa3pb_wBlNG1gVh27KhSNmLW_8gvaik9Oqgh5sViC10LOOrbUonoofRVw4kkcREXCV41_Ex1hPYT83M6Iksaa2p_Yxk5A-yQBrFIIw1_FXLU_Rh8FerBppaMzMgkS_SzYQCIoBeR3zkTDJAnLwqnlPx8tXy-Ma-PHFJzNdggJsd7420s2d3eKG-Qc3aeuFYRsZ3tFi5tQ8DlrRA3RclEBJKTw9qxPII0nlbIgggDcQWsc33odZezXrCL2LDCNkrVSteliSqRmO-85dJtO7pa2y3v8baiOEowc3XHZu6wdpSjrwSaDdIw2HazY7wAT26JjHiQTgBAGgBlSAB7L108MBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw2IFALQFQHiFgIIAfgWAYAXAQ&sigh=GPpjouj0XK0&cmd=Ch1jYS12aWRlby1wdWItMjkzMDgwNTEwNDQxODIwNBAAGAI&label=admute&ad_mt=0&acvw=sv%3D935%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D329,404,779,1204%26tos%3D9,0,0,0,0%26mtos%3D9,9,9,9,9%26amtos%3D0,0,0,0,0%26mcvt%3D9%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D9%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D9%26pst%3D-1%26dur%3D30116%26vmtime%3D-1%26dvs%3D9%26dfvs%3D9%26dvpt%3D9%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1946%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D597606668%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1664160293629%26ptlt%3D1664160298124%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,9,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1664160297866&sdkv=h.3.532.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3MTA1OTQ0MTUxODIMNjIyMTU5NzE5MDc4QM0CUiYQDyUAAAxCKAE6C3BQZlhkaG9UbEZzQglnb29nbGVhZHNI-gFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logger
analytics.vdo.ai/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.0.108.65.clients.your-server.de
Software
openresty/1.19.9.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 26 Sep 2022 02:44:58 GMT
Server
openresty/1.19.9.1
Connection
keep-alive
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
logger
analytics.vdo.ai/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.0.108.65.clients.your-server.de
Software
openresty/1.19.9.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 26 Sep 2022 02:44:58 GMT
Server
openresty/1.19.9.1
Connection
keep-alive
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
logger
analytics.vdo.ai/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.0.108.65.clients.your-server.de
Software
openresty/1.19.9.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 26 Sep 2022 02:44:58 GMT
Server
openresty/1.19.9.1
Connection
keep-alive
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
logger
analytics.vdo.ai/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.0.108.65.clients.your-server.de
Software
openresty/1.19.9.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 26 Sep 2022 02:44:58 GMT
Server
openresty/1.19.9.1
Connection
keep-alive
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
logger
analytics.vdo.ai/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.108.0.253 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.0.108.65.clients.your-server.de
Software
openresty/1.19.9.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 26 Sep 2022 02:44:58 GMT
Server
openresty/1.19.9.1
Connection
keep-alive
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=251655650&t=event&_s=12&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=video_loaded&el=subject&_u=SACAAUABC~&jid=&gjid=&cid=2035559868.1664160293&tid=UA-113932176-40&_gid=2021730375.1664160293&gtm=2ou9l0&z=455717327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 05:04:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78025
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=251655650&t=event&_s=13&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=website_pageview_match&el=subject&_u=SACAAUABC~&jid=&gjid=&cid=2035559868.1664160293&tid=UA-113932176-40&_gid=2021730375.1664160293&gtm=2ou9l0&z=1920187697
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 05:04:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78025
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=251655650&t=event&_s=14&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=pageview_match&el=subject&_u=SACAAUABC~&jid=&gjid=&cid=2035559868.1664160293&tid=UA-113932176-40&_gid=2021730375.1664160293&gtm=2ou9l0&z=106145460
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 05:04:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78025
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 6B37 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
212604
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 15:41:34 GMT
expires
Sat, 23 Sep 2023 15:41:34 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 6B37 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 21:45:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363592
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 21:45:06 GMT
playback
s.youtube.com/api/stats/ Frame 6451 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/playback?ns=yt&fexp=44748969%2C44750822%2C44754420%2C44760950%2C44765701&el=adunit&cpn=feC7PzdjIJ3360tg&docid=pPfXdhoTlFs&visitordata=CgtySjE0Z2J3NzZadw%253D%253D&ver=2&cmt=0.199&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fsubject.com.ua%2F&len=30.116&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=99.0.4844.51&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=28&rtn=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::65 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B37 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.532.0&bgai=BTpoxKRIxY_G_Isih7gPwo56wCAAAAAA4AboFEwi9xoibuLH6AhXd2xEIHXAWB0M&bg=!3d6l3prNAAYIxsuQKMY7ACkAdvg8Whi8q9aOEASI2SHDiAK-b5NLSjHfhiqZJ8YdwHvHfh9JcplvhgIAAABXUgAAAAJoAQeZAkx3FRooIMJu3wz6Yk3ZhPHixHmJIthhRd_qZyUdgRAcnh71GJ-ZFdNpUzdgN9PNOqIcWyGcZVL_UPfcQaV8uQ238JUdIEppC-Z2mHYR1b1ABcKSrbDMi_5a8JyIB2qonFlB_6I_ZAfRsKV7kl_-y1PHVnjJnlmkmflo7j0N2OWxciWr2DtvI8L16INmhiPX1kGby9eVCcxqtt4ctlf9VxJ9ixDkQfspoL5SdFZ-rDXtNkTkpKUqO7jF57zwV52Lzfx4p6PAQZBA5tI5BFbZPJ1gfTvlCH5P1bP75bHPmgVcxczX1TLUGGcsEbCmH_0uc5QOiiTFLIoaiNR98YCYRpo44GZA4438Aj9QeKBvUzONbQejpfzTWTL2aHN4r76fDMC-E83TyheFp2Tf8M7dexlKhZQ6RjXAJRez5FkO8iIXwxtMDUSQcGfddlz-PaVsJMxsGuBoPjtBz29a4aWy2ub71B5n3g-KyOM9xsVHdcGMnQZwV3Afgidode5L4qrUSSt5sia7bfjTo00Pw534-FWMKYgPWVCshj-Ci9QnYyu1gx0A93sPWchwkBpCf31bTvRwrZSpYaD5TE5jd9ScYGjtKkRUptrjna7por-fuumBf8UTVuj-GRzZnsnAbzl0j-zLT9d1geE7gBBRF_J1AOTmswh0br_pSnH8OxfAcLlsLogCLKSoG1jI6QzZ9IigYIzvY71LyIG2c6WFbJ27cLe5j8e7fVF3mZkImp_srnPlyGUNuSX4bRLvo5qGQmQ5T_kIrt-0rvgyIn4NagU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220921&jk=3670890927833525&bg=!MzClMHTNAAYIxsuQKMY7ACkAdvg8WuzijABkGZkJLmsjzobXS3OwjMpaUvb-kEwWuucqt75Aqx-oNQIAAABbUgAAAAloAQeZApr-FOqWzZYsXiBQkjsTo8XDCZAv1LHT0jNEPyjDQJu-I3BPeu1mUkbEzg2fxkclspX4Yn0VZK2-x1kO3Y_87zGB3WIPsia9ptE7Pzq9OB55UL2h08EWPyUBKdhwxwSlWgmin-IHUBbBuVRVcs90LA_dxaSlW18WS4-Hzv0LjVtdUpmqaZonDQnljW59VP04qEj7Oalqq_P3UnYEsKDZ9L6RPNIBW2lVRi-v0k2kRPLNoMfZvcGg27WLBR1ZTFq9Cveqx6hI6Ve1t4U1Xti37vGh3SQSo96GYGLlbZ5SkvY_tgr7Bwm5XzNzj6XIRYsKVoi3bFmLDlZMM0T4dNqYszfYL_Hjd9bqy1YbL9fHJycHxDJRJkGzZ-3HlFIahxbaB5G4iirEhNjlon7cjz_SNnoNLpiJFE8r701-o9032YM6jLisfH98NyqROw0KUxjUYSWBwfAEWTbMNwT3xbbnzC-NOiPM1xfVSDQkOz0tR-ALrIf6HAgtWfSNBWRlexPeGWWAWGo-4-bMNVwWEykGun_zdkha2NMZUX1Iao3Qh69tFT9oZ18VcXrrJub8f-8PceHMGFPkFK0y6vXd3aTUgJViLUleoR74_AXY8cdddpq6X_sRu5l93Eq0MFcZ1UG0lajpQLaEcRs4a74onYeYHU62s7O2MZRJBOH3vVF-trMeM-AjOWOwkIGoXrnsUuzepEYIXx9CYJGPDXFf3Q0TPi5TaAQbXGOiQYaNzQ4fum4EEvPmXEbX4xc-obFkjlVLKlYk5DNHMNiuEl2YihGCyhakRzbtDJhdyvjoW03W9xAgSLPHmjfL4NBWKiU9Sh8xBxlu4xLjDeCOeNWxGl0JwPMxX0-FUixY2EpX1lsiEA_rmnOvT378Dy_C09c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~l8i62nxl&c=6039425552057&slotId=3019712776028.5&met.4=hvd_lc.l8i62nxl~hvd_ad.l8i62nxl~hvd_mad.l8i62nxl~hvd_admu.l8i62nxl~hvd_src.l8i62nxl&ps=800x450
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400b:804::2003 Highland Park, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:59 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
localstore.js
script.4dex.io/ 		483 B
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1421012
x-amz-request-id
txcc7faac0727e4d07a2318-00631b6357
x-amz-id-2
txcc7faac0727e4d07a2318-00631b6357
last-modified
Fri, 09 Sep 2022 16:00:45 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7exg3KB%2F%2FTgnT8nwMKDgmhmtm2Kbd4VdHBSFSfAhYmoYhgUAnalgVBCKASCDmjlEGl2vfvxHrwojqB7XWTrg1Liq9Cw4cZQIn2A0H%2FheTMeo6fwjI%2FJ8jQr0WirpCYILOPdX5W1Dw%2BC%2B8dp5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1662739245697142
cf-ray
7508a92dadb7755e-LHR
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://subject.com.ua
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Mon, 26 Sep 2022 02:44:59 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
fastlane.json
fastlane.rubiconproject.com/a/api/ 		373 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39536&zone_id=1078218&size_id=10&alt_size_ids=17%2C32%2C54%2C67&p_pos=atf&rp_schain=1.0,1!themoneytizer.com,74458,1,,,&eid_criteo.com=HPnI9182dFdDUHoyczY1dnI2UCUyQnRZcEUlMkZBSndISFYlMkZOc1hzc3RwaUhEbUR3NXF6MFhaYVM3aTU4V29ia2NqSDZSWiUyRlEzMzNDMFBURHJ1czV2NW9Ka0tJQ1ZnJTNEJTNE%5E1&rf=https%3A%2F%2Fsubject.com.ua&kw=Education&tg_i.ref=https%3A%2F%2Fsubject.com.ua%2F&tg_i.page=https%3A%2F%2Fsubject.com.ua%2F&tg_i.domain=subject.com.ua&tg_i.siteid=94876&tk_flint=pbjs_lite_v6.24.0-pre&x_source.tid=ad5881ff-22d0-4262-9d8b-e682b086d53d&l_pb_bid_id=2b1df2326b043e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6926213694417271
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c2734446c735a16bceeffa8fa0a9473247bbcfe8ac1b4d7ad7c7e8259c97a5cf

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:59 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
373
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:59 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b2da165ea72b5cd8aef4ad146754e385427b0121055ee9a8d36c59c9e85056e4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 02:44:59 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
d7b27f8e-4fb9-4c57-be70-9da69c7b1d4d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://subject.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
b1h.zemanta.com/api/bidder/prebid/bid/ 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://subject.com.ua
Access-Control-Allow-Credentials
true
ROS
pbjs.e-planning.net/hb/1/2a156/1/subject.com.ua/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2a156/1/subject.com.ua/ROS?rnd=0.7768029918170243&e=26323%3A300x600%2C240x400%2C250x360%2C300x1050%2C320x480&ur=https%3A%2F%2Fsubject.com.ua%2F&pbv=6.24.0-pre&ncb...
  • https://pbjs.e-planning.net/hb/1/2a156/1/subject.com.ua/ROS?ct=1&r=pbjs&rnd=0.7768029918170243&e=26323%3A300x600%2C240x400%2C250x360%2C300x1050%2C320x480&ur=https%3A%2F%2Fsubject.com.ua%2F&pbv=6.24...
508 B
923 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2a156/1/subject.com.ua/ROS?ct=1&r=pbjs&rnd=0.7768029918170243&e=26323%3A300x600%2C240x400%2C250x360%2C300x1050%2C320x480&ur=https%3A%2F%2Fsubject.com.ua%2F&pbv=6.24.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fsubject.com.ua%2F&e_criteoId=HPnI9182dFdDUHoyczY1dnI2UCUyQnRZcEUlMkZBSndISFYlMkZOc1hzc3RwaUhEbUR3NXF6MFhaYVM3aTU4V29ia2NqSDZSWiUyRlEzMzNDMFBURHJ1czV2NW9Ka0tJQ1ZnJTNEJTNE&e_pubProvidedId=%255B%255D&e_pubcid=bf4fc228-2d77-45c2-aebd-998e30fd76fb&e_uid2=%257B%2522id%2522%253A%257B%2522criteoId%2522%253A%2522HPnI9182dFdDUHoyczY1dnI2UCUyQnRZcEUlMkZBSndISFYlMkZOc1hzc3RwaUhEbUR3NXF6MFhaYVM3aTU4V29ia2NqSDZSWiUyRlEzMzNDMFBURHJ1czV2NW9Ka0tJQ1ZnJTNEJTNE%2522%257D%257D
Protocol
H2
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
c3d86860afcaaebe347cbeb1257e2c2e4816c939f5d66e81e892e9d770a6d54f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:59 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://subject.com.ua
expires
Mon, 26 Sep 2022 02:44:59 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
508
x-sid
AMS-929

Redirect headers

date
Mon, 26 Sep 2022 02:44:59 GMT
server
openresty
access-control-allow-origin
https://subject.com.ua
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2a156/1/subject.com.ua/ROS?ct=1&r=pbjs&rnd=0.7768029918170243&e=26323%3A300x600%2C240x400%2C250x360%2C300x1050%2C320x480&ur=https%3A%2F%2Fsubject.com.ua%2F&pbv=6.24.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fsubject.com.ua%2F&e_criteoId=HPnI9182dFdDUHoyczY1dnI2UCUyQnRZcEUlMkZBSndISFYlMkZOc1hzc3RwaUhEbUR3NXF6MFhaYVM3aTU4V29ia2NqSDZSWiUyRlEzMzNDMFBURHJ1czV2NW9Ka0tJQ1ZnJTNEJTNE&e_pubProvidedId=%255B%255D&e_pubcid=bf4fc228-2d77-45c2-aebd-998e30fd76fb&e_uid2=%257B%2522id%2522%253A%257B%2522criteoId%2522%253A%2522HPnI9182dFdDUHoyczY1dnI2UCUyQnRZcEUlMkZBSndISFYlMkZOc1hzc3RwaUhEbUR3NXF6MFhaYVM3aTU4V29ia2NqSDZSWiUyRlEzMzNDMFBURHJ1czV2NW9Ka0tJQ1ZnJTNEJTNE%2522%257D%257D
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-929
adjson
ads.betweendigital.com/ 		2 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
v1
ww1097.smartadserver.com//prebid/ 		171 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com//prebid/v1
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:58 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
prebid-request
onetag-sys.com/ 		15 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://subject.com.ua
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
openrtb
adx.adform.net/adx/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:59 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
prebid.smilewanted.com/ 		0
0
adjson
ssp.otm-r.com/ 		2 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=240&h=400&domain=subject.com.ua&l=https%3A%2F%2Fsubject.com.ua%2F&s=32339&cur=RUB&bidid=221500d2fcdca4b&transactionid=ad5881ff-22d0-4262-9d8b-e682b086d53d&auctionid=b4700986-8ea3-4780-a859-d3972375a7dd&bidfloor=0
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.106.117 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.106.201.195.clients.your-server.de
Software
nginx/1.15.9 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:59 GMT
server
nginx/1.15.9
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
adjson
ssp.otm-r.com/ 		2 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=250&h=360&domain=subject.com.ua&l=https%3A%2F%2Fsubject.com.ua%2F&s=32339&cur=RUB&bidid=221500d2fcdca4b&transactionid=ad5881ff-22d0-4262-9d8b-e682b086d53d&auctionid=b4700986-8ea3-4780-a859-d3972375a7dd&bidfloor=0
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.106.117 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.106.201.195.clients.your-server.de
Software
nginx/1.15.9 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:59 GMT
server
nginx/1.15.9
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
adjson
ssp.otm-r.com/ 		2 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=300&h=600&domain=subject.com.ua&l=https%3A%2F%2Fsubject.com.ua%2F&s=32339&cur=RUB&bidid=221500d2fcdca4b&transactionid=ad5881ff-22d0-4262-9d8b-e682b086d53d&auctionid=b4700986-8ea3-4780-a859-d3972375a7dd&bidfloor=0
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.106.117 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.106.201.195.clients.your-server.de
Software
nginx/1.15.9 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:59 GMT
server
nginx/1.15.9
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
adjson
ssp.otm-r.com/ 		2 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=300&h=1050&domain=subject.com.ua&l=https%3A%2F%2Fsubject.com.ua%2F&s=32339&cur=RUB&bidid=221500d2fcdca4b&transactionid=ad5881ff-22d0-4262-9d8b-e682b086d53d&auctionid=b4700986-8ea3-4780-a859-d3972375a7dd&bidfloor=0
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.106.117 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.106.201.195.clients.your-server.de
Software
nginx/1.15.9 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:59 GMT
server
nginx/1.15.9
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
adjson
ssp.otm-r.com/ 		2 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.otm-r.com/adjson?tz=0&w=320&h=480&domain=subject.com.ua&l=https%3A%2F%2Fsubject.com.ua%2F&s=32339&cur=RUB&bidid=221500d2fcdca4b&transactionid=ad5881ff-22d0-4262-9d8b-e682b086d53d&auctionid=b4700986-8ea3-4780-a859-d3972375a7dd&bidfloor=0
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.106.117 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.106.201.195.clients.your-server.de
Software
nginx/1.15.9 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:44:59 GMT
server
nginx/1.15.9
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
prebid
mp.4dex.io/ 		114 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
601370f41005a0546982a2b98ed4227c239c8cc7d30815486ac5842d19db42e7

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
7508a92dd8e0dd27-LHR
pragma
no-cache
date
Mon, 26 Sep 2022 02:44:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
x-warn
Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: 26323
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://subject.com.ua
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
server
cloudflare
x-err
Shapings: no adunits with size and seat and mapping
pb
ad.360yield.com/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.171.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-171-50.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:59 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
c
prebid.a-mo.net/a/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subject.com.ua
date
Mon, 26 Sep 2022 02:44:59 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
3
vary
origin, Accept-Encoding
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65910d9ad85211ab3195d9d6947901ca337e779f404344bc7209b5809d70e18c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 02:44:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
554730
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx2474e230b96f450b81d26-00631b6374
x-amz-id-2
tx2474e230b96f450b81d26-00631b6374
last-modified
Fri, 09 Sep 2022 16:00:45 GMT
server
cloudflare
etag
W/"831813ee9b2fc0d248741417a0e3b488"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AkNqppBKfESJusWYPbz2A2mUL5DK%2FqhgS8b64datWOQ%2FmRkoIQHFB1RTNhlm02eW8TUiAPHub%2F%2B020Y1W5FWASVVWdRAydItfx1n1OJ5jylQ0Z89p6MI2WxUC9gkKXTjVYccB6%2BIAjd8cmP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1662739245061580
cf-ray
7508a92e5808dd76-LHR
access-control-allow-headers
Authorization
/
api.eu.dev2pub.com/api/public/Dev2Pub/SendAdDisplay/ 		0
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.eu.dev2pub.com/api/public/Dev2Pub/SendAdDisplay/
Requested by
Host: tag.eu.dev2pub.com
URL: https://tag.eu.dev2pub.com/dev2pub.js?id=%27d7ea7cd7-47fc-4e51-b21e-8bb9117d9e5f%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.91.60.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/json

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 26 Sep 2022 02:44:59 GMT
Server
nginx
X-IPLB-Request-ID
D98AC469:A6EE_335B3C26:01BB_6331122B_14A5D1DA:26F3B
Content-Length
0
X-IPLB-Instance
42214
/
api.eu.dev2pub.com/api/public/Dev2Pub/SendAdDisplay/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.eu.dev2pub.com/api/public/Dev2Pub/SendAdDisplay/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.91.60.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://subject.com.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Date
Mon, 26 Sep 2022 02:44:59 GMT
Server
nginx
X-IPLB-Instance
42214
X-IPLB-Request-ID
D98AC469:A6EE_335B3C26:01BB_6331122A_14A5D088:26F3B
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=251655650&t=event&_s=15&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=impression_video&el=subject&_u=SACAAUABC~&jid=&gjid=&cid=2035559868.1664160293&tid=UA-113932176-40&_gid=2021730375.1664160293&gtm=2ou9l0&z=1675000538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Sep 2022 05:04:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78027
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6451 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-Oz7ZkttvXTy9hGoUDGsCAYc7kah_VXNH-qB4jXYmJ69rgZmyHlq2wOfOVPU6d6_UB0n1gm4AwM7UIvZiOvY_0SCDrcAkpG_U2A_bNhKsrNtPbQKm2DEQn35KPuQEO1XwQ7jC0g&sai=AMfl-YQuY3hHFe9pV2bQuiBQpo_-XPIILMxQh53lU_WuGq_yuW3OLcZmHfqILJbgcyEhqY5qnadJCfyZGo0S85bEIfmInebz8m6Fm250XSHfQIbOWcIdBkmJscRPl7c&sig=Cg0ArKJSzGFvi2vumL6NEAE&cid=CAASF-RoVT6LIToOTOAcE4m9sMQGLrEpQtrr&id=lidarv&acvw=sv%3D935%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D329,404,779,1204%26tos%3D2050,0,0,0,0%26mtos%3D2050,2050,2050,2050,2050%26amtos%3D0,0,0,0,0%26mcvt%3D2050%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2050%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D624%26pst%3D418%26dur%3D30116%26vmtime%3D1797%26dtos%3D2050%26dtoss%3D1%26dvs%3D2041%26dfvs%3D2041%26dvpt%3D2041%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1946%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D597606668%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1664160293629%26ptlt%3D1664160300166%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2050,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.18%26t%3D1664160297866
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:45:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 9814 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=54a67bd6-fc36-6154-efea-9d5bd2e5101e&tv=%7Bc:phIoZf,pingTime:5,time:5359,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:261%7D,%7Bpiv:0,vs:o,r:l,t:289%7D,%7Bpiv:100,vs:i,r:,t:356%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5003,o:356,n:289,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:261,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B42~1,1~0%5D,as:%5B43~970.250%5D%7D%7D,%7Bsl:o,t:289,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B66~0%5D,as:%5B66~970.250%5D%7D%7D,%7Bsl:i,t:356,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5004~100%5D,as:%5B5004~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:191,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.10933%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d.10933%7C1d1%7C1d2%7C1d3%7C1e%7C1f,idMap:1b.2364d187-8cc3-fdb6-254f-f711c7ac0949.54_1168448-65593785%7C1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:262,sis:394%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:45:01 GMT
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 9814 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1168448&asId=2364d187-8cc3-fdb6-254f-f711c7ac0949&tv=%7Bc:phIpdk,pingTime:5,time:6828,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:20%7D,%7Bpiv:100,vs:i,r:,t:1826%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5002,o:1826,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1821~0,0~100%5D,as:%5B1821~970.250%5D%7D%7D,%7Bsl:i,t:1826,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:188,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.1168448-65593785%7C1b1%7C1b2%7C1c%7C1d.1042432-63102463,idMap:1b.54a67bd6-fc36-6154-efea-9d5bd2e5101e.32_10933%7C1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:21,sis:154%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:45:01 GMT
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 9814 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1168448&asId=2364d187-8cc3-fdb6-254f-f711c7ac0949&tv=%7Bc:phIpdm,pingTime:5,time:6830,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:20%7D,%7Bpiv:100,vs:i,r:,t:1826%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5004,o:1826,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1821~0,0~100%5D,as:%5B1821~970.250%5D%7D%7D,%7Bsl:i,t:1826,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5003~100%5D,as:%5B5003~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:188,fm:tivl0dk+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.1168448-65593785%7C1b1%7C1b2%7C1c%7C1d.1042432-63102463,idMap:1b.54a67bd6-fc36-6154-efea-9d5bd2e5101e.32_10933%7C1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:21,sis:154%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d3d:c825:22bf:b320 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 02:45:01 GMT
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/

Verdicts & Comments Add Verdict or Comment

193 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| admixerML object| adsbygoogle function| gtag object| dataLayer number| 2f1acc6c3a606b082e5eef5e54414ffb object| __gcse object| AdSlotCollection object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga boolean| __isGoogleAllowed object| googletag object| pbjs325474 function| _ object| animationLoad boolean| d2pLoaded function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| Criteo object| admixerJSONP function| HELPER object| core object| globalAml object| admixerAds object| globalAmlAds object| admixerLoad object| globalAmlLoad object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| _googCsa number| nextSearchboxId object| gaplugins object| gaData object| hb_dmx_res undefined| debugScript string| vdo_analyticsID function| vdo_analytics function| logPixel object| requestObject function| logError object| w_vdo object| d_vdo object| vdo_ai_ number| googleNDT_ number| googleAltLoader object| google_image_requests object| google_llp object| _google_rum_ns_ function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent boolean| vdoHlsUrl function| vdo_ga function| initVdo object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 object| vttjs function| WebVTT function| vdo_videojs object| pbjs_vdoChunk object| pbjs_vdo object| mnet string| nobidVersion object| nobid string| vdo_lastLocation object| closure_lm_183325 object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| closure_lm_38010 object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| GoogleGcLKhOms object| d2ppbjsChunk object| d2ppbjs object| sas object| apntag object| _ADAGIO

87 Cookies

Domain/Path Name / Value
.subject.com.ua/ Name: _sharedID
Value: c134d26a-f037-49c3-bcce-c4e33cbfb930
subject.com.ua/ Name:
Value: store.test
.subject.com.ua/ Name: _ga
Value: GA1.3.2035559868.1664160293
.subject.com.ua/ Name: _gid
Value: GA1.3.2021730375.1664160293
.subject.com.ua/ Name: _gat_gtag_UA_1099121_7
Value: 1
.adnxs.com/ Name: uuid2
Value: 6917600745892463824
.quantumdex.io/ Name: uid
Value: 979c802c-7b01-4a44-91b2-8c01f9dba850
.subject.com.ua/ Name: _gat_gtag_UA_113932176_40
Value: 1
.subject.com.ua/ Name: __gads
Value: ID=25bba7b959468ccb:T=1664160293:S=ALNI_MaheplET4PYONmwCPoMJcPPc6GEqA
.doubleclick.net/ Name: DSID
Value: NO_DATA
.casalemedia.com/ Name: CMPS
Value: 4457
.ctnsnet.com/ Name: cid_79b6c58ffb554960a5a3d2ceb7ce6f0a
Value: 1
.ctnsnet.com/ Name: gid_CAESENmR2cAqhv31p7g9KVeNz8k
Value: 1
.quantserve.com/ Name: mc
Value: 63311226-6fd38-a6945-80fdb
.casalemedia.com/ Name: CMID
Value: YzESJrEZEq9GDHQcFbh0DgAA
.casalemedia.com/ Name: CMPRO
Value: 4457
.yieldmo.com/ Name: yieldmo_id
Value: g3c4b5afe42845700fb7%7C1664160294487%7C0%7C
.bidswitch.net/ Name: tuuid
Value: e06623de-0cc7-408b-9e24-f0ac6c78182c
.bidswitch.net/ Name: c
Value: 1664160294
.bidswitch.net/ Name: tuuid_lu
Value: 1664160294
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&f5eeebfa-a351-415e-8d8f-4475d2aa5137"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjQxNjAyOTQ7MjswMjEm0aavu7s+GRIcHaQHz6s0EEeRVclyIXBtYeJysNQXJQ==
.linkedin.com/ Name: lidc
Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2517:u=1:x=1:i=1664160294:t=1664246694:v=2:sig=AQH3waTRz2EKU4CtBKHb4Z_ZQdJRdOr4"
.bidswitch.net/ Name: google_push
Value: AZmPxg-3_n2RnDb5n1PxiVbtTBdZt2GyieZ2dqR0McIdmJ60b4Hfl5MoLUxJDXDa01TGcOZbPK6xv4WBqPFKGzED34EaG9i8NHmS0Q
fksnk.com/ Name: AWSALBCORS
Value: tIqULvEtpL55/QkQAI6i3QZqV+4Y1E7UrTQrbSLsvUkqd18qAM6lrUz2jPs1fRkEA9dJ4CdaG9oOWL0GQOiWAZH8kEzVGaab7Le6od5C7DxI/HJQQH/p5hVdIE6g
.fksnk.com/ Name: f_001
Value: B792D330CF3E1AE8
.fksnk.com/ Name: g_001
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUl7G5pWsnMvzKFgT80yHdbsrhz3cKRQu67RPinrLZ15MylAat_-9nn7sx3hS3g
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?c:+wra!A#G'.TOKKnyW<U1`VROYQM-:U[ue/a]CF0@1NB2^zxs$ZQliRHV1*O/yHVU<QG=%9sk@3@'s>T.H+Ct
.youtube.com/ Name: YSC
Value: lzhKkkb0Bhc
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: nU4ykCD2LkI
.agkn.com/ Name: ab
Value: 0001%3ARkmTQLU5iYRfR4rqiVdlk%2FFR0DlWMS3U
.3lift.com/ Name: tluid
Value: 2102401811545635876051
.360yield.com/ Name: tuuid
Value: 11336d94-1ebf-482b-8917-eba294f2c4e2
.360yield.com/ Name: tuuid_lu
Value: 1664160295
.yandex.ru/ Name: yuidss
Value: 7167978151664160296
.yandex.ru/ Name: yandexuid
Value: 7167978151664160296
.agkn.com/ Name: u
Value: C|0EAAqw86nKsPOqAAAAAABAgAHAAAAAAGja7D__x4AAAAAABDqNAAAAAAUZPezAAAAAAp34EcAAAAAH98pawAABwAAAAABqBXE__8eAAAAAAAQ6jQAAAAAFAbadQAAAAAKVd6DAAAAAB-wBxgA
.adfarm1.adition.com/ Name: UserID1
Value: 7147514046629869720
subject.com.ua/ Name: unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-26T02%3A44%3A56%22%7D
.yahoo.com/ Name: A3
Value: d=AQABBCgSMWMCECqeSCZ-aZEh1-uKvxoUiqYFEgEBAQFjMmM6YwAAAAAA_eMAAA&S=AQAAAktHMgOdovNfl5ZR4Ef9L7o
.de17a.com/ Name: guid
Value: 1.3959854044544725580
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2a8c9f64-b67b-4eab-bb59-792ae37e9ec9-003%22%7D
a-prebid.vidoomy.com/ Name: SSCookie
Value: 1
.vidoomy.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI2OTE3NjAwNzQ1ODkyNDYzODI0IiwiZXhwaXJlcyI6IjIwMjItMTAtMTBUMDI6NDQ6NTYuNDgzMzI0NjQyWiJ9LCJ2ZXJpem9ubWVkaWEiOnsidWlkIjoieS1nTkJDcDlaRTJ1SHlxM0ZWNUxTWFE1XzdtNDU2UEQyeEdCNXdEQ0UtfkEiLCJleHBpcmVzIjoiMjAyMi0xMC0xMFQwMjo0NDo1Ni41OTUzMDczMjVaIn19LCJiZGF5IjoiMjAyMi0wOS0yNlQwMjo0NDo1Ni40ODMzMTc4MTNaIn0=
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2a8c9f64-b67b-4eab-bb59-792ae37e9ec9-003%22%7D
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6ImUwNjYyM2RlLTBjYzctNDA4Yi05ZTI0LWYwYWM2Yzc4MTgyYyIsImV4cGlyZXMiOjE2NjY3NTIyOTZ9fX0=
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: ss
Value: 1
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.betweendigital.com/ Name: tuuid
Value: 9d278200-bc40-520d-945b-be3af76aac12
.zemanta.com/ Name: zuid
Value: WUQFSnbMxda4IAHvW_rp
.betweendigital.com/ Name: ut
Value: YzESKAAL8piifcJc5CAohP5qCxbaRD4EcFY79Q==
.analytics.yahoo.com/ Name: IDSYNC
Value: "195v~27de:192w~27de:175w~27de"
.quantserve.com/ Name: d
Value: ECIBEAGYJ4EK_fsQ
.mathtag.com/ Name: uuid
Value: 0a116331-1228-4d00-bbfb-d71d749eeb74
.turn.com/ Name: uid
Value: 3641602523547046308
.subject.com.ua/ Name: cto_bidid
Value: HPnI9182dFdDUHoyczY1dnI2UCUyQnRZcEUlMkZBSndISFYlMkZOc1hzc3RwaUhEbUR3NXF6MFhaYVM3aTU4V29ia2NqSDZSWiUyRlEzMzNDMFBURHJ1czV2NW9Ka0tJQ1ZnJTNEJTNE
.demdex.net/ Name: demdex
Value: 11143476596981284092234136358086800755
.w55c.net/ Name: wfivefivec
Value: QArlPZha1OCE775
.dpm.demdex.net/ Name: dpm
Value: 11143476596981284092234136358086800755
.w55c.net/ Name: matchcasale
Value: 5
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 7066546449786629330
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-10af90a8-69e3-3789-b600-089a26852cd1
.casalemedia.com/ Name: CMTS
Value: 4364
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A2vEp5R3qkKwrlU8B3wY4cY
.criteo.com/ Name: uid
Value: 9f726c9b-faf7-4aa6-8212-ff6de6aba790
.subject.com.ua/ Name: cto_bundle
Value: frXZvV9TUHA5MWkxbHh3RlNjUEttZW91cWdHYjU0OXRkMWRmdmJJMHRlVXI0c1NlcFVtV0RqNDZkakRBcXNOQU94UVQwWkhQVlByc0hXVjdvYmxxZ0dZQ3R6UDlHRXpCNjBJcGxzeSUyQndzdW5mbkR2JTJGdUpTRnh6YTNGWnFGZjNVUVNKWk9Od2FhSG54QzN0ZmwzS2dTYmolMkI5OHclM0QlM0Q
subject.com.ua/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
subject.com.ua/ Name: undefined
Value: %7B%22criteoId%22%3A%22HPnI9182dFdDUHoyczY1dnI2UCUyQnRZcEUlMkZBSndISFYlMkZOc1hzc3RwaUhEbUR3NXF6MFhaYVM3aTU4V29ia2NqSDZSWiUyRlEzMzNDMFBURHJ1czV2NW9Ka0tJQ1ZnJTNEJTNE%22%7D
.subject.com.ua/ Name: pubCommonId
Value: bf4fc228-2d77-45c2-aebd-998e30fd76fb
.adnxs.com/ Name: icu
Value: ChgIjfJbEAoYAiACKAIwpaTEmQY4AkACSAIKGQjx04ABEAoYASABKAEwq6TEmQY4AUABSAEQq6TEmQYYAg..
.prebid.a-mo.net/ Name: __amc
Value: 3_1664160293_1664160299
pbjs.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: AM7S5mvCqAx6dKNU
.otm-r.com/ Name: mpid
Value: NjMzMTEyMmIwYTNmNmZhYw==
.rubiconproject.com/ Name: khaos
Value: L8I62OZ9-21-I4YJ
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/Eh4VjpNsa5ncVqbBgMWySGKoH1GQZR6kujBA4jZAWRur57iENsHCEGic8eaUYYwigWHxUFRJZfD4YAXuoDlYL8AqYG1CpndbK8=

11 Console Messages

Source Level URL
Text
security error URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15123317543869618983/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15123317543869618983/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
security error URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 12)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/5605097281663783594/index.html".
network error URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMmRCQLsoNUk5vg3BZLI9xo&google_cver=1&google_push=AZmPxg9I8fqqOMVCVm8Vdwn2APDV1LI4jcTfeMtT_yyBXPbGd_V3FUYYvZKa4UkeM_ij6U29Z7CSUT_FZl9c0oq1aaAeIbhFEJi_Bg
Message:
Failed to load resource: the server responded with a status of 503 ()
security error URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 12)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/7190496471749427572/index.html".
security error URL: https://3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 12)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/18249157524192948938/index.html".
other warning URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAh9voZGo3J5IUtFncC6lWo&google_cver=1&google_push=AZmPxg-LFyS80GHJ81b9zxEq893mIqB9RgVoMS2EZFJOsbP8lbPM21uoFrKj83sI8enfcaRVo_Yw5ov78UN71Cm1M2Qntbs0MNU
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()
javascript error URL: https://subject.com.ua/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://subject.com.ua' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3e9a5eca38fdecb31d74d8d8d2f36244.safeframe.googlesyndication.com
a-prebid.vidoomy.com
a.vdo.ai
a.vidoomy.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
ads.yieldmo.com
adservice.google.co.uk
adservice.google.com
adx.adform.net
an.yandex.ru
analytics.vdo.ai
ap.lijit.com
api.eu.dev2pub.com
b1h.zemanta.com
b1sync.zemanta.com
bidder.criteo.com
c1.adform.net
casale-match.dotomi.com
cdn.admixer.net
cdn.jsdelivr.net
clients1.google.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cmp.optad360.io
cms.quantserve.com
cse.google.com
csi.gstatic.com
csync.loopme.me
d.adroll.com
d.agkn.com
d.vidoomy.com
d5p.de17a.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
get.optad360.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
h5.vdo.ai
hbopenbid.pubmatic.com
hbx.media.net
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
match.360yield.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
mug.criteo.com
odr.mookie1.com
onetag-sys.com
optad360.mgr.consensu.org
pagead2.googlesyndication.com
partner.googleadservices.com
pbjs.e-planning.net
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-us.creativecdn.com
prebid.a-mo.net
prebid.smilewanted.com
pubads.g.doubleclick.net
px.ads.linkedin.com
rr5---sn-aigzrnsr.googlevideo.com
rtb.adxpremium.services
s.ad.smaato.net
s.amazon-adsystem.com
s.youtube.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssp.disqus.com
ssp.otm-r.com
ssp.wp.pl
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
std.wpcdn.pl
subject.com.ua
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.mathtag.com
sync.quantumdex.io
sync.taboola.com
sync.targeting.unrulymedia.com
tag.eu.dev2pub.com
targeting.vdo.ai
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
useast.quantumdex.io
usermatch.targeting.unrulymedia.com
ww1097.smartadserver.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleapis.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
prebid.smilewanted.com
104.18.18.126
124.146.215.48
13.248.245.213
135.125.160.77
141.226.228.48
142.250.185.162
142.250.186.130
147.75.85.234
148.251.44.111
151.101.130.49
162.19.138.116
172.217.16.198
172.64.105.3
178.250.2.131
178.250.2.146
18.156.0.31
18.157.92.103
18.209.184.69
185.172.90.252
185.183.112.148
185.184.10.30
185.184.8.90
185.29.132.241
185.64.189.112
185.86.137.17
185.89.210.20
185.89.210.82
188.42.196.115
195.201.106.117
198.47.127.19
2001:678:cb4:bbbb::11
212.77.98.32
212.77.99.29
213.155.156.167
213.19.147.45
216.52.2.19
23.205.235.133
23.35.228.23
23.35.236.188
23.35.236.201
23.75.240.210
2600:1f13:800:7780:d3d:c825:22bf:b320
2600:9000:223c:b600:6:b871:4f00:93a1
2600:9000:223f:c400:1b:5138:8a40:93a1
2600:9000:223f:e200:8:48e:53c0:93a1
2600:9000:225e:2600:11:a4de:2580:93a1
2602:803:c003:200::21
2606:4700:10::ac43:2ac9
2606:4700:20::681a:9a9
2606:4700::6810:5714
2606:4700::6812:272
2606:4700::6813:ad6c
2607:f8b0:400b:804::2003
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2a00:1450:4001:802::2001
2a00:1450:4001:803::2002
2a00:1450:4001:806::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2003
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4009:17::a
2a00:1450:400c:c00::9b
2a00:1450:400c:c0c::65
2a00:1450:400d:80a::2008
2a02:2638:1::13
2a02:2638:1::3
2a02:6b8::90
2a02:fa8:8806:20::2010
2a03:90c0:41:2801::254
2a05:d018:d29:3605:81f0:8432:14d1:181d
3.126.157.114
3.127.18.59
3.33.220.150
31.131.26.2
34.241.142.170
34.243.140.211
34.95.81.168
34.98.67.61
35.157.16.92
35.159.6.67
35.186.193.173
37.157.4.24
37.157.4.29
37.157.6.247
50.16.244.213
50.31.142.31
51.79.20.94
51.89.9.254
51.91.60.38
52.208.171.50
52.210.103.234
52.213.71.221
52.214.209.49
52.222.214.2
52.46.130.91
63.251.232.165
64.74.236.63
65.108.0.253
66.155.71.149
69.173.144.139
69.173.144.165
8.43.72.97
85.114.159.118
99.81.148.45
0016f18dad646b284282b035a3d2c2ce3d5c0bb6cfa590ae7cecac160458a373
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0a2b9f6ab766b454c356c10dd2c1f324db0c451345cd3f3c4f89a5a31dd96b20
0b19e3558f61d77fefde0bdf7f62db03dc3ccd78fceea8e1bf89762d1c81127c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c836b8d2d72a0e242dfb57e9f67303f8bab4807342eb3e8ad046d1c0315c45d
0d5fad4eaf43197bd1a013863815cb39fc56a3ce2332a93f518e7bd77154c3a3
0e5dc41f3d530c3677b9e0b9a413f7ea8535c2a2a282d267d2819c20553bdcd8
0f74c6caba42a81bdad72569c74774db1d2151c53f9accd5eb6a9fb96169588a
11709f83e24dd40367518e0af07133fb6d4626f65b276ae95fb86a69b1e80010
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
122285db9f84c3c42757d585b75701d549325f150e0d65701389a6a6bfa3a25a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13578d1af4231b0fe1dce97d8c588932ffd2f70cd593575640a8315463bd2c37
17dfed468736a55371fbebb6e1927ee32d3e9051bdebdf8dd81c7deb8afa4233
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18f880197e07cd16241bd13226e79090022d0a4e8bd84298a840998b6095b09f
197f78b3a280ec5bc36af9031a7008bee1982b9d7bfbbb71ad40e0cec3979ccc
1b3880b4d7a8f4a2bc3824f8eaa69c4a65ee91d9010e2a3f925f5f28fb76b0f6
1b6b404a6284e3994181e1b900ca645fd580ff3e780f8d96f536703b6c4c74d2
1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a
1cf9c179d74910b3a4c14d4d05b1d05d0b95a79e7cd35e4c402a871d96daa148
22b6842aa09453819e001f6e728ab1903111e0d51dfec2cfad3cf37b83934f8f
23091133c2c9c43412cf7ee8e2471a7cba775e981334be7d13b0d78d9babc5a9
238dcbdedf577a6239920ecb9196ccaec87a84eafb0ee35d25df3dec8e4676b7
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
254363665b84635f4cf8821036845b542e865e0c6bc9d49148d4af5ba293bd43
26257f526f756a7a174e3594f12fbfaaa9433dad761332a05f24e61af3e86269
284429ccdc89fd7a58c118e3a020b14fb1043aef938875036adf5026f5b406c9
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2b14b918bb31b4672d92b0287ed00c91c74e5d315759da2deb6028b0b4e9f909
2d1d87d753ca524b55037193fc2f4380a8df5eed992342ee3ce4c4cdf799d466
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31460492962748a29a7d57bd47f5087b328d5703516f68d8a02a43a988607e12
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
33797c8ad76837a6437df8b58d028881706fe1d5a851880c24dca125a35ccd04
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
344f5f4920b083cf07c3fd52478dc7d768c15bf776251d31b0e4bd26da0f3091
35059cdc43401fbcf730189eb26b53bbda8e45d58f16b89c2d236b6bbe6d839b
35e4f11d5b6195be51a9c7bce166a21287bf6820f3a6e65516f6d3d4217fcf13
381a124d638ab510f71d09722a1023400d0dce2be6cf0212f29c17eb4dd2255e
39004ca64603aa9cb9cf7ecfa6e098bae5d1bddaa548d4084a1dd13041c30287
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3c31d2aec8f4dcf2725f8c7f4a89cf07e1e76322f2d4f89fb4fd23383b8f829f
3c7264c063544a2c256c35cad9666dd5779b00c60fc88f6e34d39f4226fc30fc
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb65a9f3878a4e59ff64a9884b6ba68eac5ac115f219a0244605636f735cc1f
3f82e361d5c2f3b8fed3e54d1aebd1669c6d311356164679e3d6966dc552e6e4
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
401aeeebb9ab58cc24707d8a03534d967605fe913d578a740adcfff2ba9c7d28
42035a062ae9274a8a44fc01be50f62e5ac5fc596570baa5404e312d4ba7c62a
437b62002b3aa74ee137d19b391dca8654b56dae86142648176149bc0d7b823c
46b759ba547d4f5f9b135f5f1e004b31472f962d3cc3293641e00a7e06c61dcc
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
492decf58dbf468199bd31b293adcc16168db5ae8eaa410069af768cafde1900
4a2e7adb8dda36879e256616f55d90f5336e92a9c90c41b1dddadc2700c7b895
4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5bdc8b09debc3ea3e777a7ea40f27569cc293a737084a9633917a37b4f09f5
4ba6561e43cb479400706ec60e661c136402898c38fe5513d7680e73a089f7d9
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4ff72baa14c598eead50162d03549c3987c4d370d16e3714e0ad78bad3368b63
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5119cd6572709b118ba42b8a63800d762d60f9a0beb50c0583dbaf4815c4784f
5348eae4e481d978edd98af71ea349806beaa0776feed08ab16da89c1c0a4e66
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f0e16f632b630cb414c87263c96a28dff9fbcfecf5132d1b90bfb5b029fa72
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56ea42e9abee0dee184e17c10be89ce3c54b1c59e5f643a36c76b0bea344deef
571faa925d7717aa16d0e8fcf8bbebdc71a822771feb80ff88940e8e47ff6039
578e441011943c0eaeb8d74f0b6e0c374e0974368786658e62c617db38fa6320
57d4944ce0cbe8e3daba4cb5fcd014b2bf5d4e1d06a2bc6c24bab30eabf3109e
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
601370f41005a0546982a2b98ed4227c239c8cc7d30815486ac5842d19db42e7
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
62b9d138531024f707498168fe4f1cdaada235d29450f73b35beaff46fc24785
63024f4a557c487a3bb914ff2bdeda17dac0d3e0903b979530ace833a1900633
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
63c2f299c614b413590ac50678d5d757d40a37def81f91449af6868af85f569e
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e
6530d068bdececb91f453d3db60077ece7babf74be302b37a129de7f6389bc3b
65910d9ad85211ab3195d9d6947901ca337e779f404344bc7209b5809d70e18c
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67312c1431dc71ba1260fe9898a0d86a2aef9f94333b9b0f81873827f0275865
6772abc624cceb3c61a499110ae4c2c8018b8dfa8a1aad2969fe7618065c75e4
67aabe986491a87b3c73d96b8546ebc1992ce2da06d7582c69166d409cbd3bc4
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c32191691395f4bb1b1df8a224102d6a19dca54fdd2ff37e5e98cfdfb80bf8f
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
706e80e1827bcbca9cc47a9f35dc6a54025b35231e6042993d005af809d85443
707c74e779762b2e450b6959ae22c2c6b0b26079fffe308b6427dcf8347506f2
7320df01c7939579b15e4ae5fb81df348ce2af48255ebfbbb40204d97ce3fc8a
743a2dfd05453eaf71abf122ce433061f98dcb32a09526676d0a0c808160e3cb
773cc6770aff186c7b9f766d128a51a138acc3700723cc57779272fbceeba337
77ae105b6d44f31d97fc180c0c827901d4fc211427015b663b6b93edcdb6e47f
79079035ef85018e365005353caff57c4797c437cb07f6460e77bf6477cd3805
7ee52169ce707e5ee18d4c08c711438c3f2af99539684fddd10988c91de48adf
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
7f90f6220d05433b54f896f59a8a96090d81e322094630619951b2b4c5859cf2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8396af7f48aa3f379c0cc8a8d4be7d51b241ce8da95f4ac206a2d9352cfee2a0
84eda06fb0e7a97ac73a8b9cd81f25a754a534bb46a38a2e6591cceaae931ef6
860a918cf8f248e936c6a50f30f8c7a58aa92393f054e00e35fb18e5cd5c43db
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
8a18efe833c7307d4ce95bced1c543804647c6da9e256aa5a701d23ab55219d8
8a3d13b6af1c3c54bca2886ab80d1b013465c1ad8742fba178580b87eb5f0c6d
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b26d2199f9280f668d56bcdac4ab6d2e514f799066062cd46fd77ad8ed7c430
8c1923c63e2f4e4b406f308d646d2d8cab65b9ba45f5e50e2b37b4c008efbde3
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e32695eb554644820130b6b6c39187282bfaef34cf5b88b9a8c9b10d2da1e03
8f60710f6e068b35323439bfa0c7db81caf2796d43b9edc5d5cffadfcc7b80dc
913c23970520582ffcd03c13e3ec65a8630a4465578623a9839a1eec59c6cf4d
9378552ed88555f9834b2511b350b7d144e1c09a76e4a37048caf89b1d582c2c
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
974e273832eda34a4be17276099fc4b24df1c01ce07fcd52e89d8a023dd1c4f0
9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a14b003ffe0e950c19ee590ea71d46f6ba7faa8412ac5442f95ec9df010751d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a058dfa6c281417db79bd10544e3dc6a26c0736c875f74b76dbc1e9d96a86d40
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a2a573a14372930a6750ed2a0c5f2320360d5df80cf876f96c8cafa8fcc2398c
a4419aae3c6d7ac5591ca891844b14a4443107883cb4c30b1563c83abcf3fc02
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a571850722f024f59c757b7070ebfe50f1fb99118a7aa36c4bf8221d28ba7dd2
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a76bbdf551f86768c8e902c1379e1c9bcf389824b77b9e148d5fc81190936ffa
a87695c44f101f0ca8d5eb45ed5a670d36f6ae31b81df1b97ab0850b6ae53ff3
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aafb3ee79dc18d6ddc6b5c5503dc051c6e89d25a801b243cd4310ce7e0eac5ba
ab77f5ce1a91a962330ef7acfbe2ef27e0c8ef292ced6d8cac24cc90723ee92e
ab98662410a6a4b8c7ea68edc9b6b195a8c9c6de779f06889c20959c646c5007
ac4a1ce1bed504c071e7b50b24afca3d47500b6e50dd6fbd05752efbe1ed94f6
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aeef14734efb5609ab53dd988677d89d0de083307c476bdfac2a229c67b539db
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2da165ea72b5cd8aef4ad146754e385427b0121055ee9a8d36c59c9e85056e4
b4c4defa85ba20a132836920823ff9d687913578abafecc8e13864061bb89582
b4f8aa73b2b0dfd39325e5e98bf17051f920d6a088e53c11792de093f3bf92b6
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
b9d099071a1b30f035d938d45118b8ad84c2a031a17adce8f0a3c5e66d01d4bf
ba687c6f17cc9bfadaf346de00ff1e997b366e2200c93bd4f12fd72a5c653b91
bc69152cba66affa5143a503a688298672179fe645c91e0e81762452400c0bed
be0d1a719a7aa3b6b2c30488567862bda53b0732ceefcbb4aa5dd7c724f3005f
bed4a74b7635879aa6e90938d83ac7aabb21ebbd258a62c9edbb2661d4c25918
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
c015e85cfaf9d0c119dd2db63cccde6b5d90a512e8b346e35b688ef06ba99138
c072267249edc4bf604fbfd5d25ebdc7ee6fd5197ae71ba6a0dab9a68dbda7f1
c138289957b80cb663a620eff0a1604be0142d84f1598f28f81a23b8af28b8c5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2734446c735a16bceeffa8fa0a9473247bbcfe8ac1b4d7ad7c7e8259c97a5cf
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c3d86860afcaaebe347cbeb1257e2c2e4816c939f5d66e81e892e9d770a6d54f
c416915427342ac1a251c425798317daa8a6a33445fa0b46588b4292f6d8df19
c499f5081ece3f1e8387cbc52a49d16ce5678a4ef7e572ba8ad30911d2b9d5a8
c77d76b79ca5c885e274de881b3e76eaafe89137c60a80e65039e0662481b223
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf937f22bb4c5f8e827a344e6726fa957c379738a0e9f4d5d35406ebb35d0143
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d05979472753e915330fa42f7553f32639dd6eaad4b9e8ac4ae8d158340161cd
d09acff1aebb2843b5141bec320d21bc6ab46c42cd59f3ed36aba7622e28449c
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d191188a675a25eac4fb99febdbdaa6d5ac9a0910a55aaa06e9534299e1c0048
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
d4d290251f31c48cab112d3f3301aa2c9aba66a3d79172f3905ae59be9f781a0
d716f37b664afe964ed94764c22d8dc938c382b425627731ccb48f3c60b5d5d3
d79c41895cddfe42989650e3c50cd639773d6c39d3a78e492cd3a17d782a5041
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
d8ae2456d454bfef06d18262ce0a208af8484bd148ae9d716d2ae91ef806bdfe
d92425ed44d47cde4f2bcc71fb47333058cd0bfad42dc92724b93dd08291f6ab
da80d5d67e564e0aae877774fdfc2f5c921f2f1704be1267513ca165728130aa
da9da6cc08f4fae96cb11b10e093fc4d19f871c3d4b46a2a48ee7f26637b92e5
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e2a20ed4d9974327730ff4f2aa828629f24db78316717973da79a23bfcf9a2c5
e2d5e937f6c5374bb949676c2b77cbfe4c263bbbc16fef2f58f6b0d3fe314dd6
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e5803f6fc5b116f01905cf0f565285a7f44a6c03a84cc624091d3e279a125e93
e632540fde4d5e1a88a0d6466dc76f211b2f2424ef4ae1815a6283986aa12809
e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d73b245960d6e7ae79aec14d64b70dd05c6b9489e4172725d62c27312dc4ae
f2985ff1aa24da33cb50632ba0daed5632c90cd761f6a53c56084988c4ae4cc2
f48cb3b87eb20bd424c98e36cf7b228f52239e5b9265ecf20b4f8598407af88d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5b318376c54a718bcb2422a99b9a38435b3021e0871d7a0c1c4ad6a9f017b3d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68dd1ca6db74cf62629f34befff8a40bc9b3e6230af4788b4dd579a762291cf
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
ff687584d02225c12e6eeba4f8c41be712ae6d50e5050475ba90512ee4691d9b