urlscan.io logo urlscan.io
SecurityTrails logo

friends.in.ua Open in urlscan Pro
91.240.20.7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://friends.in.ua/
Effective URL: https://friends.in.ua/
Submission: On October 05 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 54 IPs in 7 countries across 46 domains to perform 724 HTTP transactions. The main IP is 91.240.20.7, located in Lithuania and belongs to WIBO-AS, LT. The main domain is friends.in.ua.
TLS certificate: Issued by R3 on August 10th 2022. Valid for: 3 months.
This is the only time friends.in.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 56 91.240.20.7 59939 (WIBO-AS)
1 2606:50c0:800... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 89.149.200.234 60781 (LEASEWEB-...)
40 2a00:1450:400... 15169 (GOOGLE)
1 141.95.45.78 16276 (OVH)
1 148.251.247.92 24940 (HETZNER-AS)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
17 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 176.9.86.122 24940 (HETZNER-AS)
14 178.162.159.92 60781 (LEASEWEB-...)
3 212.224.112.249 44066 (DE-FIRSTC...)
1 212.118.48.164 25308 (CITYLAN-AS)
1 142.250.186.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
16 65.9.66.87 16509 (AMAZON-02)
1 4 2a02:6b8::1:119 13238 (YANDEX)
1 7 89.108.120.68 197695 (AS-REG)
4 2a00:1450:400... 15169 (GOOGLE)
15 2606:4700:20:... 13335 (CLOUDFLAR...)
1 213.196.39.165 7979 (SERVERS-COM)
15 178.250.2.131 44788 (ASN-CRITE...)
47 185.89.210.141 29990 (ASN-APPNEX)
15 81.17.55.98 60781 (LEASEWEB-...)
1 1 88.212.201.198 39134 (UNITEDNET)
1 2a00:1450:400... 15169 (GOOGLE)
17 151.101.65.108 54113 (FASTLY)
56 23.205.241.144 16625 (AKAMAI-AS)
8 37.187.24.88 16276 (OVH)
8 16 63.32.155.38 16509 (AMAZON-02)
16 16 54.72.111.18 16509 (AMAZON-02)
8 8 185.89.210.212 29990 (ASN-APPNEX)
8 151.101.1.108 54113 (FASTLY)
30 185.89.211.132 29990 (ASN-APPNEX)
8 52.210.76.91 16509 (AMAZON-02)
32 2a02:26f0:350... 20940 (AKAMAI-ASN1)
22 2a00:1450:400... 15169 (GOOGLE)
2 34.95.69.49 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
24 34.149.12.213 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
8 142.250.180.198 15169 (GOOGLE)
131 2a00:1450:400... 15169 (GOOGLE)
8 35.241.31.249 ()
16 142.250.180.194 15169 (GOOGLE)
2 10 3.122.138.253 ()
8 18.203.64.12 16509 (AMAZON-02)
2 2a02:2638::3 ()
1 2 2a02:2638::1c ()
1 178.250.0.157 ()
8 52.23.139.110 ()
724 54
56    91.240.20.7 (Lithuania)

ASN59939 (WIBO-AS, LT)
friends.in.ua
1    2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)
kodir2.github.io
2    2a00:1450:400d:807::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
9    89.149.200.234 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
franecki.net
40    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    141.95.45.78 (France)

ASN16276 (OVH, FR)
PTR: ns3204216.ip-141-95-45.eu
test.takedwn.ws
1    148.251.247.92 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.92.247.251.148.clients.your-server.de
stats.myangular.life
5    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
17    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
1    176.9.86.122 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.122.86.9.176.clients.your-server.de
s.sarafan.fun
14    178.162.159.92 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
reichelcormier.bid
godsave.lgbt
quitzon.net
bashirian.biz
buckridge.link
0qq20ey4fo5veh0t.wisokykulas.bid
3    212.224.112.249 (Frankfurt am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde377-2.fornex.org
aurabom.ru
1    212.118.48.164 (Russian Federation)

ASN25308 (CITYLAN-AS, RU)
www.megastock.ru
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
2    2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
16    65.9.66.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-87.fra56.r.cloudfront.net
sholke.com
4    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
7    89.108.120.68 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru
x01.aidata.io
4    2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
15    2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.adpone.com
1    213.196.39.165 (Netherlands)

ASN7979 (SERVERS-COM, US)
mxtads.com
15    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
47    185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
15    81.17.55.98 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
1    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
1    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
9a542a62a474b891d7e38d3a57fb71a5.safeframe.googlesyndication.com
17    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs-simple.com
acdn.adnxs.com
56    23.205.241.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-241-144.deploy.static.akamaitechnologies.com
c.evidon.com
8    37.187.24.88 (France)

ASN16276 (OVH, FR)
PTR: js14.adlooxtracking.com
j.adlooxtracking.com
16    63.32.155.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-155-38.eu-west-1.compute.amazonaws.com
go.affec.tv
16    54.72.111.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-111-18.eu-west-1.compute.amazonaws.com
map.go.affec.tv
8    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
8    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
30    185.89.211.132 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ams3-ib.adnxs.com
8    52.210.76.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-76-91.eu-west-1.compute.amazonaws.com
t.illuma-tech.com
32    2a02:26f0:3500:585::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
rtbcdn.doubleverify.com
cdn.doubleverify.com
22    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
2    2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
24    34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
tps.doubleverify.com
24    2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
8    142.250.180.198 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f6.1e100.net
ad.doubleclick.net
131    2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
8    35.241.31.249 (None, )

ASN- ()
data00.adlooxtracking.com
16    142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net
googleads4.g.doubleclick.net
10    3.122.138.253 (None, )

ASN- ()
t.myvisualiq.net
8    18.203.64.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-64-12.eu-west-1.compute.amazonaws.com
beacon.krxd.net
2    2a02:2638::3 (None, )

ASN- ()
static.criteo.net
2    2a02:2638::1c (None, )

ASN- ()
gum.criteo.com
1    178.250.0.157 (None, )

ASN- ()
mug.criteo.com
8    52.23.139.110 (None, )

ASN- ()
l.betrad.com
Apex Domain
Subdomains		 Transfer
131 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 364
2 MB
109 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 334
secure.adnxs.com — Cisco Umbrella Rank: 707
cdn.adnxs.com — Cisco Umbrella Rank: 2086
ams3-ib.adnxs.com — Cisco Umbrella Rank: 5507
acdn.adnxs.com — Cisco Umbrella Rank: 885
640 KB
63 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
9a542a62a474b891d7e38d3a57fb71a5.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 170
584 KB
56 doubleverify.com
rtbcdn.doubleverify.com — Cisco Umbrella Rank: 4759
rtb0.doubleverify.com — Cisco Umbrella Rank: 1048
rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 18827
cdn.doubleverify.com — Cisco Umbrella Rank: 704
tps.doubleverify.com
995 KB
56 evidon.com
c.evidon.com — Cisco Umbrella Rank: 1876
144 KB
56 friends.in.ua
friends.in.ua
2 MB
32 affec.tv
go.affec.tv — Cisco Umbrella Rank: 9233
map.go.affec.tv — Cisco Umbrella Rank: 9650
12 KB
30 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
ad.doubleclick.net — Cisco Umbrella Rank: 219
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 390
384 KB
24 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 228
621 KB
18 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 844
gum.criteo.com
mug.criteo.com
10 KB
17 gstatic.com
fonts.gstatic.com
248 KB
16 adlooxtracking.com
j.adlooxtracking.com — Cisco Umbrella Rank: 11009
data00.adlooxtracking.com
184 KB
16 sholke.com
sholke.com — Cisco Umbrella Rank: 152091
49 KB
15 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1776
8 KB
15 adpone.com
hb.adpone.com — Cisco Umbrella Rank: 22250
2 MB
10 myvisualiq.net
t.myvisualiq.net
4 KB
10 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
ajax.googleapis.com — Cisco Umbrella Rank: 485
41 KB
9 franecki.net
franecki.net — Cisco Umbrella Rank: 60549
43 KB
8 betrad.com
l.betrad.com
961 B
8 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 757
3 KB
8 illuma-tech.com
t.illuma-tech.com — Cisco Umbrella Rank: 18825
1009 B
7 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 11119
49 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
40 KB
4 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2147
58 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 136
www.google.com — Cisco Umbrella Rank: 19
3 KB
3 wisokykulas.bid
0qq20ey4fo5veh0t.wisokykulas.bid — Cisco Umbrella Rank: 151934
1 KB
3 buckridge.link
buckridge.link — Cisco Umbrella Rank: 181370
1 KB
3 bashirian.biz
bashirian.biz — Cisco Umbrella Rank: 183907
1 KB
3 quitzon.net
quitzon.net — Cisco Umbrella Rank: 182501
1 KB
3 aurabom.ru
aurabom.ru
45 KB
2 criteo.net
static.criteo.net
57 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 2180
15 B
2 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 3758
914 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 203
87 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
83 KB
1 adnxs-simple.com
acdn.adnxs-simple.com — Cisco Umbrella Rank: 3725
42 KB
1 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 5532
287 B
1 mxtads.com
mxtads.com
6 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1003
645 B
1 godsave.lgbt
godsave.lgbt — Cisco Umbrella Rank: 86624
413 B
1 megastock.ru
www.megastock.ru
2 KB
1 reichelcormier.bid
reichelcormier.bid — Cisco Umbrella Rank: 69217
672 B
1 sarafan.fun
s.sarafan.fun — Cisco Umbrella Rank: 78485
201 B
1 myangular.life
stats.myangular.life — Cisco Umbrella Rank: 37548
187 B
1 takedwn.ws
test.takedwn.ws — Cisco Umbrella Rank: 67389
1 github.io
kodir2.github.io — Cisco Umbrella Rank: 80022
2 KB
724 46
Domain Requested by
131 s0.2mdn.net friends.in.ua
acdn.adnxs-simple.com
s0.2mdn.net
56 c.evidon.com hb.adpone.com
c.evidon.com
sholke.com
acdn.adnxs-simple.com
56 friends.in.ua 1 redirects friends.in.ua
ajax.googleapis.com
47 ib.adnxs.com hb.adpone.com
acdn.adnxs.com
40 pagead2.googlesyndication.com friends.in.ua
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
ad.doubleclick.net
acdn.adnxs-simple.com
www.googletagservices.com
30 ams3-ib.adnxs.com hb.adpone.com
sholke.com
cdn.adnxs.com
acdn.adnxs-simple.com
24 www.googletagservices.com rtbcdn.doubleverify.com
acdn.adnxs-simple.com
www.googletagservices.com
s0.2mdn.net
22 tpc.googlesyndication.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
friends.in.ua
acdn.adnxs-simple.com
17 fonts.gstatic.com fonts.googleapis.com
16 googleads4.g.doubleclick.net friends.in.ua
16 cdn.doubleverify.com s0.2mdn.net
acdn.adnxs-simple.com
friends.in.ua
16 acdn.adnxs.com sholke.com
hb.adpone.com
16 rtbcdn.doubleverify.com friends.in.ua
acdn.adnxs-simple.com
rtbcdn.doubleverify.com
16 map.go.affec.tv 16 redirects
16 go.affec.tv 8 redirects sholke.com
16 sholke.com friends.in.ua
sholke.com
15 prg.smartadserver.com hb.adpone.com
15 bidder.criteo.com hb.adpone.com
15 hb.adpone.com sholke.com
10 t.myvisualiq.net 2 redirects sholke.com
9 franecki.net friends.in.ua
franecki.net
9 fonts.googleapis.com friends.in.ua
s0.2mdn.net
8 l.betrad.com
8 tps.doubleverify.com cdn.doubleverify.com
friends.in.ua
8 beacon.krxd.net sholke.com
friends.in.ua
8 data00.adlooxtracking.com j.adlooxtracking.com
8 ad.doubleclick.net www.googletagservices.com
acdn.adnxs-simple.com
8 rtbc-eu3.doubleverify.com rtbcdn.doubleverify.com
8 rtb0.doubleverify.com rtbcdn.doubleverify.com
acdn.adnxs-simple.com
8 t.illuma-tech.com hb.adpone.com
8 cdn.adnxs.com hb.adpone.com
8 secure.adnxs.com 8 redirects
8 j.adlooxtracking.com hb.adpone.com
7 x01.aidata.io 1 redirects friends.in.ua
x01.aidata.io
5 www.google-analytics.com friends.in.ua
www.google-analytics.com
www.googletagmanager.com
4 securepubads.g.doubleclick.net sholke.com
securepubads.g.doubleclick.net
4 mc.yandex.ru 1 redirects aurabom.ru
friends.in.ua
3 0qq20ey4fo5veh0t.wisokykulas.bid franecki.net
3 buckridge.link franecki.net
3 bashirian.biz franecki.net
3 quitzon.net franecki.net
3 aurabom.ru friends.in.ua
aurabom.ru
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net hb.adpone.com
static.criteo.net
2 www.google.com tpc.googlesyndication.com
2 i.clean.gg acdn.adnxs-simple.com
2 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 adservice.google.co.uk pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 connect.facebook.net friends.in.ua
connect.facebook.net
2 www.googletagmanager.com friends.in.ua
aurabom.ru
1 mug.criteo.com
1 acdn.adnxs-simple.com hb.adpone.com
1 9a542a62a474b891d7e38d3a57fb71a5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 counter.yadro.ru 1 redirects
1 mxtads.com aurabom.ru
1 partner.googleadservices.com pagead2.googlesyndication.com
1 godsave.lgbt franecki.net
1 www.megastock.ru friends.in.ua
1 reichelcormier.bid franecki.net
1 s.sarafan.fun franecki.net
1 stats.myangular.life friends.in.ua
1 test.takedwn.ws kodir2.github.io
1 ajax.googleapis.com friends.in.ua
1 kodir2.github.io friends.in.ua
724 65

This site contains no links.

Subject Issuer Validity Valid
friends.in.ua
R3		 2022-08-10 -
2022-11-08		 3 months crt.sh
*.github.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-04-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
franecki.net
R3		 2022-07-28 -
2022-10-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.takedwn.ws
Sectigo RSA Domain Validation Secure Server CA		 2022-09-12 -
2023-10-11		 a year crt.sh
stats.myangular.life
Sectigo RSA Domain Validation Secure Server CA		 2022-09-04 -
2023-10-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-14 -
2022-10-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
s.sarafan.fun
R3		 2022-08-23 -
2022-11-21		 3 months crt.sh
reichelcormier.bid
R3		 2022-08-25 -
2022-11-23		 3 months crt.sh
aurabom.ru
R3		 2022-09-11 -
2022-12-10		 3 months crt.sh
megastock.ru
Sectigo RSA Domain Validation Secure Server CA		 2021-10-14 -
2022-11-11		 a year crt.sh
godsave.lgbt
R3		 2022-07-28 -
2022-10-26		 3 months crt.sh
quitzon.net
R3		 2022-07-28 -
2022-10-26		 3 months crt.sh
bashirian.biz
R3		 2022-07-28 -
2022-10-26		 3 months crt.sh
buckridge.link
R3		 2022-07-29 -
2022-10-27		 3 months crt.sh
0qq20ey4fo5veh0t.wisokykulas.bid
R3		 2022-07-28 -
2022-10-26		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
sholke.com
Amazon		 2021-12-28 -
2023-01-26		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-05-21 -
2022-10-31		 5 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-11		 a year crt.sh
mxtads.com
R3		 2022-08-22 -
2022-11-20		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
my.aidata.me
Sectigo RSA Domain Validation Secure Server CA		 2022-02-15 -
2023-02-15		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.evidon.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-12 -
2023-04-12		 a year crt.sh
*.adlooxtracking.com
R3		 2022-09-20 -
2022-12-19		 3 months crt.sh
illuma-tech.com
Amazon		 2022-08-01 -
2023-08-30		 a year crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-12-23 -
2022-12-23		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2022-10-04 -
2023-01-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.myvisualiq.net
Go Daddy Secure Certificate Authority - G2		 2021-12-12 -
2023-01-13		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh
*.betrad.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh

This page contains 74 frames:

Primary Page: https://friends.in.ua/
Frame ID: 23A2A986B19CAE47B108A3192918FE41
Requests: 114 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
Frame ID: 5763F8D4F172DD505E31081CE0311A6E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1034840951493578&output=html&adk=1812271804&adf=3025194257&lmt=1664946246&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffriends.in.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664946246374&bpp=3&bdt=772&idt=338&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6510274249015&frm=20&pv=2&ga_vid=280957019.1664946246&ga_sid=1664946247&ga_hid=996524046&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44767667%2C42531705%2C44774605%2C44773747%2C31068921&oid=2&pvsid=1761487809210438&tmod=1979612422&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=418
Frame ID: 1D48EB2D4C3D0DFCC691A564151DB126
Requests: 1 HTTP requests in this frame

Frame: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3932261664946246815
Frame ID: 35F7B449D0264E40685E59C7C6FAB63F
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 01E730BD649718D08C60C5F2060AB3AA
Requests: 15 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=shkmyqoh&e=1786821995930
Frame ID: D4F0983DF85F26DB0B316D741B363166
Requests: 5 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=geafdakmvm&e=1786821995930
Frame ID: 082A68B2A67CD66DC27FD7E6F934F515
Requests: 5 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=jbsaxzrm&e=1786821995930
Frame ID: 6B068D1FA1556A1A6E59B43BF3189ED2
Requests: 5 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=ktlghlouxp&e=1786821995930
Frame ID: 36196ED39C87D79EAE9B997FFF9FB247
Requests: 5 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=cbafbqyzha&e=1786821995930
Frame ID: 15CB3AE41669F4D380541527CB4DA7E3
Requests: 5 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=nemtdqdon&e=1786821995930
Frame ID: FF4F1668494477F810D7609D98230886
Requests: 5 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=fklemz&e=1786821995930
Frame ID: A55DC69B39F654A7533EE03E3B9545F8
Requests: 5 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=gymqprfj&e=1786821995930
Frame ID: BC3048C9CCD7137308A25F165ADE7AA9
Requests: 5 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=cgjxxle&e=1786821995930
Frame ID: FCBF5F264F2389499A2EE16A7D71A63C
Requests: 5 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=tlmpocx&e=1786821995930
Frame ID: 4106FA5DED2AB86634AA87C5329B6220
Requests: 5 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=oyfdjywa&e=1786821995930
Frame ID: C7D2EB76D318E8F37AB509FCE492A449
Requests: 5 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=ihgvalvhu&e=1786821995930
Frame ID: C9A9566C02C7E8636A7698CD4D939673
Requests: 5 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=snhgrrt&e=1786821995930
Frame ID: 10691DC187CA63373A3A0844836FC8FF
Requests: 5 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=deriin&e=1786821995930
Frame ID: 923153764BDF5823C1E7554B79FEE527
Requests: 5 HTTP requests in this frame

Frame: https://x01.aidata.io/stats?pixel=VIBOOM&v=1664946247655&url=https%3A%2F%2Ffriends.in.ua%2F&is_js_referrer=1&origin_referrer=&pid=VIBOOM&js=1&sid=760581a50189438f87e4cc5160cb15cd&__upin=GUhsHCRIUb7W4q27fB+pkQ&id=f066c4adb2048ac01caf6e9cf8fac0bb&url=https%3A%2F%2Ffriends.in.ua%2F&payload=%7B%22event%22%3A%22referrer%22%2C%22type%22%3A%22referrer%22%2C%22data%22%3A%7B%22value%22%3A%22%22%7D%7D
Frame ID: 79F6FF2130E6097961AFE54C868E08D8
Requests: 4 HTTP requests in this frame

Frame: https://9a542a62a474b891d7e38d3a57fb71a5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: A24DC070EC2498B177D283B05EB9B204
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: 40AED2F731B53B352B4C528E9DFB7FCD
Requests: 36 HTTP requests in this frame

Frame: https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_500470871311
Frame ID: B951C5AEDC34F9B2DD8370C1BD137D49
Requests: 34 HTTP requests in this frame

Frame: https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_102797483882
Frame ID: 38309A34BBC39981137EB75714E9C074
Requests: 34 HTTP requests in this frame

Frame: https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_684878505973
Frame ID: F1F16B6F237A4566C0946B624A9B2F18
Requests: 34 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 567F2E3C2FF4191BC8888CA2D35B5BEF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EED95CAF2BCEBC67CF36110EB3CF5514
Requests: 2 HTTP requests in this frame

Frame: https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_444826284428
Frame ID: F0622C329616D2144178A80DD15C5A08
Requests: 34 HTTP requests in this frame

Frame: https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_716163031507
Frame ID: 7395A453178056F488ED6FD678855405
Requests: 32 HTTP requests in this frame

Frame: https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_434043063280
Frame ID: 0776D800EF4F78BE7ADF80D23E0BAAF1
Requests: 34 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6248FBA5A6412340071F4032CFA46FE2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E7D648A7AE901E59C595480538DA4FC4
Requests: 2 HTTP requests in this frame

Frame: https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_301443612361
Frame ID: 85FA55D7A851DF6A3157010088374852
Requests: 32 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: 4C9328B2BE02621257C22DE567E32484
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: 26A7D903C7ABE3981682A5D4E5E7DCAF
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: 486F047FCAEA3279B504A0692383DA14
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: 63A3A0AA28D7DA3E456FA157B3D0682A
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: 8467E715B48A093C7003DA5092F69248
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: 7CF1F091470C45D3266CE35F7625403D
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: 446DFE0D13397FA23F2691DF76F28F0F
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: 840AFEE19ED1A15819212DEBE08790AE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 010533CAB1B5A4BFA31579586911C9C2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8CB81667505A5BA48F7D45F3955E9657
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
Frame ID: 58113E0C076D774BFCF801EF2503323A
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BACBCDD714C16D6071B9026EB3A6B16C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Frame ID: 2F6B1AF6E1D52AE1953ED44715F37EA1
Requests: 21 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
Frame ID: 3A7473F2997531FC94BD31EE75003D50
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A7AEA6755493473C6B56F8B004FDAB02
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
Frame ID: BACBF09C764CB2503EDDEDE311E39B08
Requests: 21 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
Frame ID: 7030AD93ADFBB052C216E68E16CB1E6F
Requests: 18 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.html
Frame ID: B0D02860084E6F20ED6132AED9257DA8
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
Frame ID: 3B19D8B821BA7AFFD1DE018E38C6C1F3
Requests: 18 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Frame ID: 04E9280F03504722F1C6EC2C3D9C233B
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C0BABAAB6385D9468781E4A338D26F7B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AB3C7FB721EB7A8E6927396ECCCD6651
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 72E61F569EBA5C23F5C3C171E45892D8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 58D630098EE8BF6DB4280D1B67CE8722
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3094.js
Frame ID: 0662D2A09AB3BF37E39967579030AB2D
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3094.js
Frame ID: A95FD97E74FF9F5D15019859238DEC0C
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3094.js
Frame ID: 3488E49AFB06A4FC02F926AA70F849C0
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3094.js
Frame ID: D082CFCEC70901AC942F2C45B1BCFD73
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3094.js
Frame ID: AF6C48380BBBD9BF575A24B4165ED5FF
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3094.js
Frame ID: F6F2EF7B4BEA67A0AE19EED858CDDCF9
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3094.js
Frame ID: 247221F0B321CD4BD82A561B48F353B3
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3094.js
Frame ID: 20D964F324FFF168B611BC5C49ABA12C
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5816F01C9A262442E40F7F4935576D83
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9DAC03464ABF9E1F3BE33FF411E07BBE
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 67E1B2A1DE9B5A15EC5CA7AE5811640E
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EA346577801A6B93B3D8FB07ECE5716A
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0C0F8BF41CA8669ED0006CACBF9F765A
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 108D9F8560D19B7F0F0B8EA7593DDE81
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 570F080AF45CECF5DB68783D112ED6B8
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4401528D746B58FD8E8F39624E064930
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua
Frame ID: E6DA77C784672D679001E4D7AEF49A7A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Дивитися культові Серіали та Мультсеріали українською мовою онлайн на сайті FRIENDS

Page URL History Show full URLs

  1. http://friends.in.ua/ HTTP 301
    https://friends.in.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • c\.evidon\.com
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

724
Requests

98 %
HTTPS

39 %
IPv6

46
Domains

65
Subdomains

54
IPs

7
Countries

9622 kB
Transfer

24342 kB
Size

52
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://friends.in.ua/ HTTP 301
    https://friends.in.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 106
  • https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=f066c4adb2048ac01caf6e9cf8fac0bb&v=1664946246998 HTTP 302
  • https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=f066c4adb2048ac01caf6e9cf8fac0bb&v=1664946246998&pid=VIBOOM&js=1&show_js_referer=1&bounce=1
Request Chain 136
  • https://mc.yandex.ru/watch/36124145?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A1080%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1002476763303%3Ahid%3A19899889%3Az%3A0%3Ai%3A20221005050407%3Aet%3A1664946248%3Ac%3A1%3Arn%3A258156370%3Arqn%3A1%3Au%3A166494624878543126%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C88%2C607%2C42%2C110%2C0%2C%2C753%2C19%2C%2C%2C%2C1601%3Acpf%3A1%3Ans%3A1664946244793%3Arqnl%3A1%3Ast%3A1664946248%3At%3A%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/36124145/1?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A1080%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1002476763303%3Ahid%3A19899889%3Az%3A0%3Ai%3A20221005050407%3Aet%3A1664946248%3Ac%3A1%3Arn%3A258156370%3Arqn%3A1%3Au%3A166494624878543126%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C88%2C607%2C42%2C110%2C0%2C%2C753%2C19%2C%2C%2C%2C1601%3Acpf%3A1%3Ans%3A1664946244793%3Arqnl%3A1%3Ast%3A1664946248%3At%3A%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Request Chain 193
  • https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
  • https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Request Chain 204
  • https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=7333661205868930011&tag_id=21752842&creative_id=337423894&creative_size=300x600&reserve_price=0&price_paid=0.04438&bid_price=0.07973&ecp=0.09&referer_url_enc=https%3A%2F%2Ffriends.in.ua%2F&user_id=7069281149188091664&user_ip=217.138.196.106&age=0&gender=u&session_freq=-1&adv_id=3671963&cpg_id=15507930&cp_id=0&seg_ids=&adv_freq=0&site_id=5626891&publisher_id=1986887&inv_class=&inv_source_id=&geo_lat=&geo_lon=&ext_app_id=&msft_app_id=${MSFT_APP_ID}&device_md5=&device_sha1=&device_openudid=&device_odin=&device_apple_ida=&device_make_id=0&device_model_id=0&carrier_id=1 HTTP 302
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D633d10483eb8100001fef25f%26chc%3Daf%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx HTTP 302
  • https://map.go.affec.tv/map/an/7069281149188091664?ch=633d10483eb8100001fef25f&chc=af&gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
  • https://go.affec.tv/px
Request Chain 211
  • https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=1020635960482417400&tag_id=21752842&creative_id=337423897&creative_size=300x600&reserve_price=0&price_paid=0.050271&bid_price=0.07973&ecp=0.09&referer_url_enc=https%3A%2F%2Ffriends.in.ua%2F&user_id=7069281149188091664&user_ip=217.138.196.106&age=0&gender=u&session_freq=-1&adv_id=3671963&cpg_id=15507930&cp_id=0&seg_ids=&adv_freq=0&site_id=5626891&publisher_id=1986887&inv_class=&inv_source_id=&geo_lat=&geo_lon=&ext_app_id=&msft_app_id=${MSFT_APP_ID}&device_md5=&device_sha1=&device_openudid=&device_odin=&device_apple_ida=&device_make_id=0&device_model_id=0&carrier_id=1 HTTP 302
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D633d104895adfc000177fe39%26chc%3Daf%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx HTTP 302
  • https://map.go.affec.tv/map/an/7069281149188091664?ch=633d104895adfc000177fe39&chc=af&gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
  • https://go.affec.tv/px
Request Chain 218
  • https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=2202376199574566737&tag_id=21752842&creative_id=337423894&creative_size=300x600&reserve_price=0&price_paid=0.041434&bid_price=0.07973&ecp=0.09&referer_url_enc=https%3A%2F%2Ffriends.in.ua%2F&user_id=7069281149188091664&user_ip=217.138.196.106&age=0&gender=u&session_freq=-1&adv_id=3671963&cpg_id=15507930&cp_id=0&seg_ids=&adv_freq=0&site_id=5626891&publisher_id=1986887&inv_class=&inv_source_id=&geo_lat=&geo_lon=&ext_app_id=&msft_app_id=${MSFT_APP_ID}&device_md5=&device_sha1=&device_openudid=&device_odin=&device_apple_ida=&device_make_id=0&device_model_id=0&carrier_id=1 HTTP 302
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D633d104895adfc000177fe38%26chc%3Daf%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx HTTP 302
  • https://map.go.affec.tv/map/an/7069281149188091664?ch=633d104895adfc000177fe38&chc=af&gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
  • https://go.affec.tv/px
Request Chain 227
  • https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=361279077131230550&tag_id=21752842&creative_id=337423894&creative_size=300x600&reserve_price=0&price_paid=0.056163&bid_price=0.07973&ecp=0.09&referer_url_enc=https%3A%2F%2Ffriends.in.ua%2F&user_id=7069281149188091664&user_ip=217.138.196.106&age=0&gender=u&session_freq=-1&adv_id=3671963&cpg_id=15507930&cp_id=0&seg_ids=&adv_freq=0&site_id=5626891&publisher_id=1986887&inv_class=&inv_source_id=&geo_lat=&geo_lon=&ext_app_id=&msft_app_id=${MSFT_APP_ID}&device_md5=&device_sha1=&device_openudid=&device_odin=&device_apple_ida=&device_make_id=0&device_model_id=0&carrier_id=1 HTTP 302
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D633d10488f60350001844ee5%26chc%3Daf%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx HTTP 302
  • https://map.go.affec.tv/map/an/7069281149188091664?ch=633d10488f60350001844ee5&chc=af&gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
  • https://go.affec.tv/px
Request Chain 242
  • https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=4060561551230475910&tag_id=21752842&creative_id=337423894&creative_size=300x600&reserve_price=0&price_paid=0.056163&bid_price=0.07973&ecp=0.09&referer_url_enc=https%3A%2F%2Ffriends.in.ua%2F&user_id=7069281149188091664&user_ip=217.138.196.106&age=0&gender=u&session_freq=-1&adv_id=3671963&cpg_id=15507930&cp_id=0&seg_ids=&adv_freq=0&site_id=5626891&publisher_id=1986887&inv_class=&inv_source_id=&geo_lat=&geo_lon=&ext_app_id=&msft_app_id=${MSFT_APP_ID}&device_md5=&device_sha1=&device_openudid=&device_odin=&device_apple_ida=&device_make_id=0&device_model_id=0&carrier_id=1 HTTP 302
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D633d10488f60350001844ee9%26chc%3Daf%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx HTTP 302
  • https://map.go.affec.tv/map/an/7069281149188091664?ch=633d10488f60350001844ee9&chc=af&gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
  • https://go.affec.tv/px
Request Chain 249
  • https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=6206491701015862126&tag_id=21752842&creative_id=337423894&creative_size=300x600&reserve_price=0&price_paid=0.041434&bid_price=0.07973&ecp=0.09&referer_url_enc=https%3A%2F%2Ffriends.in.ua%2F&user_id=7069281149188091664&user_ip=217.138.196.106&age=0&gender=u&session_freq=-1&adv_id=3671963&cpg_id=15507930&cp_id=0&seg_ids=&adv_freq=0&site_id=5626891&publisher_id=1986887&inv_class=&inv_source_id=&geo_lat=&geo_lon=&ext_app_id=&msft_app_id=${MSFT_APP_ID}&device_md5=&device_sha1=&device_openudid=&device_odin=&device_apple_ida=&device_make_id=0&device_model_id=0&carrier_id=1 HTTP 302
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D633d104895adfc000177fe40%26chc%3Daf%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx HTTP 302
  • https://map.go.affec.tv/map/an/7069281149188091664?ch=633d104895adfc000177fe40&chc=af&gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
  • https://go.affec.tv/px
Request Chain 256
  • https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=5019200188778785509&tag_id=21752842&creative_id=337423894&creative_size=300x600&reserve_price=0&price_paid=0.041434&bid_price=0.07973&ecp=0.09&referer_url_enc=https%3A%2F%2Ffriends.in.ua%2F&user_id=7069281149188091664&user_ip=217.138.196.106&age=0&gender=u&session_freq=-1&adv_id=3671963&cpg_id=15507930&cp_id=0&seg_ids=&adv_freq=0&site_id=5626891&publisher_id=1986887&inv_class=&inv_source_id=&geo_lat=&geo_lon=&ext_app_id=&msft_app_id=${MSFT_APP_ID}&device_md5=&device_sha1=&device_openudid=&device_odin=&device_apple_ida=&device_make_id=0&device_model_id=0&carrier_id=1 HTTP 302
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D633d10483eb8100001fef267%26chc%3Daf%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx HTTP 302
  • https://map.go.affec.tv/map/an/7069281149188091664?ch=633d10483eb8100001fef267&chc=af&gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
  • https://go.affec.tv/px
Request Chain 270
  • https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=7807471130944395031&tag_id=21752842&creative_id=337423894&creative_size=300x600&reserve_price=0&price_paid=0.04438&bid_price=0.07973&ecp=0.09&referer_url_enc=https%3A%2F%2Ffriends.in.ua%2F&user_id=7069281149188091664&user_ip=217.138.196.106&age=0&gender=u&session_freq=-1&adv_id=3671963&cpg_id=15507930&cp_id=0&seg_ids=&adv_freq=0&site_id=5626891&publisher_id=1986887&inv_class=&inv_source_id=&geo_lat=&geo_lon=&ext_app_id=&msft_app_id=${MSFT_APP_ID}&device_md5=&device_sha1=&device_openudid=&device_odin=&device_apple_ida=&device_make_id=0&device_model_id=0&carrier_id=1 HTTP 302
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D633d10488f60350001844ef1%26chc%3Daf%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx HTTP 302
  • https://map.go.affec.tv/map/an/7069281149188091664?ch=633d10488f60350001844ef1&chc=af&gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx HTTP 303
  • https://go.affec.tv/px
Request Chain 399
  • https://t.myvisualiq.net/impression_pixel?r=1505927299&et=i&ago=212&ao=842&aca=27157518&si=6603073&ci=170131831&pi=326462199&ad=518452037&advt=9684977&chnl=-7&vndr=115&sz=9598&u=&viq_did=&pt=i HTTP 302
  • https://t.myvisualiq.net/ul_cb/impression_pixel?r=1505927299&et=i&ago=212&ao=842&aca=27157518&si=6603073&ci=170131831&pi=326462199&ad=518452037&advt=9684977&chnl=-7&vndr=115&sz=9598&u=&viq_did=&pt=i
Request Chain 415
  • https://t.myvisualiq.net/impression_pixel?r=3712068745&et=i&ago=212&ao=842&aca=27157518&si=6603073&ci=171146382&pi=326462199&ad=518452037&advt=9684977&chnl=-7&vndr=115&sz=9598&u=&viq_did=&pt=i HTTP 302
  • https://t.myvisualiq.net/ul_cb/impression_pixel?r=3712068745&et=i&ago=212&ao=842&aca=27157518&si=6603073&ci=171146382&pi=326462199&ad=518452037&advt=9684977&chnl=-7&vndr=115&sz=9598&u=&viq_did=&pt=i
Request Chain 661
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=friends.in.ua&sn=ChromeSyncframe&so=0&topUrl=friends.in.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=iFNzRnwvb0FyMXhmVnNGeVZZcDR2dlRRZmJZV1dwa1p0QnpweXgzMEdHRldLRGpQeVBSNEFNbWVOTVpFKzNTcmZTMGF0STVuak8wTTRmcDhxaldpbWV2ejhFcTFHcG9yOTBDaXRyTzFBbVJ4UUxpSVBYTEZObjZVcG9HTHY3UEZkek05eGtwcGc2UnhCbVZoVmNyRUFuNUdzbDhVUTlVYVlpZ2VtK0ZjdUJBbzlUOVJPME5LMzZmTFVMeFVuUjM0b21XTmlRTVRKOW9nS1JVOXg4MkQwd09qT29EUkxOd3B3V29XWGEzbkFpeFpKSldOdjhQaTZUNUVMT1YrendkK0lLTzl5Z01qRTltTXg5NGwxaDFiWGZOeHFZZz09fA&cppv=2

724 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
friends.in.ua/
Redirect Chain
  • http://friends.in.ua/
  • https://friends.in.ua/
35 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 / PHP/5.6.40
Resource Hash
c823c44a9ffcfe4d471985234785be3600248e87f8de025bfd2023a9fa48c638
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 05 Oct 2022 05:04:05 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx/1.16.1
strict-transport-security
max-age=31536000;
x-powered-by
PHP/5.6.40

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Wed, 05 Oct 2022 05:04:04 GMT
Location
https://friends.in.ua:443/
Server
nginx/1.16.1
Transfer-Encoding
chunked
actualize.js
kodir2.github.io/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kodir2.github.io/actualize.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
91f52d775b50f8cfc52cc4c51adc1179a9a4ee65e3c9274edf55a642409ed8fc
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-fastly-request-id
746550ddc8baa87ad63dcb1a10e01c4a01448bb4
strict-transport-security
max-age=31556952
content-encoding
gzip
via
1.1 varnish
date
Wed, 05 Oct 2022 05:04:05 GMT
age
412
x-cache
HIT
x-cache-hits
2
x-proxy-cache
HIT
content-length
1525
x-served-by
cache-lcy19222-LCY
last-modified
Tue, 09 Aug 2022 11:36:32 GMT
server
GitHub.com
x-github-request-id
0801:12A47:64C143:67C93E:633B9D98
x-timer
S1664946246.717429,VS0,VE1
etag
W/"62f246c0-c2e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
expires
Tue, 04 Oct 2022 02:50:58 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-60815340-5
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2912715da3714b88f4aca308e1fcf382b195729f8dfe3a2cc3146cec8c43c1de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42382
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Oct 2022 05:04:05 GMT
index.php
friends.in.ua/engine/classes/min/ 		205 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/engine/classes/min/index.php?charset=utf-8&g=general&21
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 / PHP/5.6.40
Resource Hash
4f8c566f2cc5e60ddec29774fddf017646b0d814eb25c6132d89c5c7cebd4cc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
last-modified
Sun, 18 Jun 2017 13:31:36 GMT
server
nginx/1.16.1
x-powered-by
PHP/5.6.40
etag
"pub1497792696;gz"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=31536000
content-length
62137
expires
Thu, 05 Oct 2023 05:04:05 GMT
grid.css
friends.in.ua/templates/StopFilm/css/ 		17 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/css/grid.css
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
a472ce20c2c4ab1907fedde9d44b4f0d09e295d22603d26bc392233ba4a4448a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Mon, 11 Mar 2019 19:53:00 GMT
server
nginx/1.16.1
etag
"5c86bc9c-4559"
content-type
text/css
cache-control
max-age=864000
accept-ranges
bytes
content-length
17753
expires
Sat, 15 Oct 2022 05:04:05 GMT
style.css
friends.in.ua/templates/StopFilm/css/ 		11 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/css/style.css?v=1.1.3
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
19a504af35c5c86859ecc31d7c9851dfc96dfe7828484998fdfd544d45fe6add
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Mon, 08 Jul 2019 13:20:42 GMT
server
nginx/1.16.1
etag
"5d23432a-2a87"
content-type
text/css
cache-control
max-age=864000
accept-ranges
bytes
content-length
10887
expires
Sat, 15 Oct 2022 05:04:05 GMT
engine.css
friends.in.ua/templates/StopFilm/css/ 		59 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/css/engine.css
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
46967c5357950663d5b99cea4a1646982f8cc90467f8d2fcd5d7c5e38d0f96dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Sun, 18 Jun 2017 13:36:12 GMT
server
nginx/1.16.1
etag
"594681cc-eab1"
content-type
text/css
cache-control
max-age=864000
accept-ranges
bytes
content-length
60081
expires
Sat, 15 Oct 2022 05:04:05 GMT
style.css
friends.in.ua/templates/StopFilm/stylesheets/ 		31 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/stylesheets/style.css?v=1.0.5
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
02a58acbc441082afffc279ae739aa8359c1e3b39ec18621647611b1e93809a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Wed, 20 Nov 2019 22:48:43 GMT
server
nginx/1.16.1
etag
"5dd5c2cb-7af4"
content-type
text/css
cache-control
max-age=864000
accept-ranges
bytes
content-length
31476
expires
Sat, 15 Oct 2022 05:04:05 GMT
font-awesome.css
friends.in.ua/templates/StopFilm/css/ 		27 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/css/font-awesome.css
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
b27dac1362a907e10e84987c6e2ba5f5fbb716f095bd646f85de1d1927750b3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Sun, 02 Jun 2019 00:17:35 GMT
server
nginx/1.16.1
etag
"5cf3159f-6cff"
content-type
text/css
cache-control
max-age=864000
accept-ranges
bytes
content-length
27903
expires
Sat, 15 Oct 2022 05:04:05 GMT
responsive.css
friends.in.ua/templates/StopFilm/css/ 		7 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/css/responsive.css
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f0890052c64e6ebeb30ce1522f4b4255ec1e28acd020f57ed371134d4cf06801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Thu, 16 May 2019 20:34:47 GMT
server
nginx/1.16.1
etag
"5cddc967-1d2d"
content-type
text/css
cache-control
max-age=864000
accept-ranges
bytes
content-length
7469
expires
Sat, 15 Oct 2022 05:04:05 GMT
pushy.css
friends.in.ua/templates/StopFilm/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/css/pushy.css
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
ec7c7704dff96cefde09d463320858879f5d02567828c3e3c1480527cd23f012
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Sun, 18 Jun 2017 13:36:12 GMT
server
nginx/1.16.1
etag
"594681cc-f08"
content-type
text/css
cache-control
max-age=864000
accept-ranges
bytes
content-length
3848
expires
Sat, 15 Oct 2022 05:04:05 GMT
buttons.css
friends.in.ua/templates/StopFilm/css/ 		18 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/css/buttons.css?v=1.0.2
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
486cf8923081a57175e52763b3ecaf24fa6c3c2338770f3ae07064e5161865d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Sat, 21 Apr 2018 21:44:52 GMT
server
nginx/1.16.1
etag
"5adbb0d4-4994"
content-type
text/css
cache-control
max-age=864000
accept-ranges
bytes
content-length
18836
expires
Sat, 15 Oct 2022 05:04:05 GMT
slick.css
friends.in.ua/templates/StopFilm/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/css/slick.css
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Fri, 08 Mar 2019 22:46:03 GMT
server
nginx/1.16.1
etag
"5c82f0ab-6f0"
content-type
text/css
cache-control
max-age=864000
accept-ranges
bytes
content-length
1776
expires
Sat, 15 Oct 2022 05:04:05 GMT
slick-theme.css
friends.in.ua/templates/StopFilm/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/css/slick-theme.css?v=1.0.7
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
833bf0ec37d8a8c48ee876d0eb3d4c140fa7436d272d693097f005606f288e66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Fri, 08 Mar 2019 22:46:03 GMT
server
nginx/1.16.1
etag
"5c82f0ab-617"
content-type
text/css
cache-control
max-age=864000
accept-ranges
bytes
content-length
1559
expires
Sat, 15 Oct 2022 05:04:05 GMT
new_header.css
friends.in.ua/templates/StopFilm/css/ 		9 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/css/new_header.css?v=1.0.1
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
9a210f208afe7d94673898071f42e05c6040ae0d98aff80c0dd2770a18da62d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 03 Nov 2020 15:31:45 GMT
server
nginx/1.16.1
etag
"5fa177e1-23c1"
content-type
text/css
cache-control
max-age=864000
accept-ranges
bytes
content-length
9153
expires
Sat, 15 Oct 2022 05:04:05 GMT
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600|Oswald:700&subset=cyrillic
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a49365a0972e0978e6bb697a7f2f6916fcc47c6482b994b69e16122589964f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Oct 2022 05:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 05:04:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Oct 2022 05:04:05 GMT
scripts.js
friends.in.ua/templates/StopFilm/js/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/js/scripts.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
ca706f7070b55f04ad7e61bcd28ddf780ca341464cd42a329400101f0b01e423
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Sun, 18 Jun 2017 13:36:13 GMT
server
nginx/1.16.1
etag
"594681cd-8e69"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
36457
expires
Sat, 15 Oct 2022 05:04:05 GMT
modernizr.js
friends.in.ua/templates/StopFilm/js/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/js/modernizr.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
d83c8c684c71b22436e90b2de30f4346a6691d1a40e93a19285864ee5725108a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Sun, 18 Jun 2017 13:36:13 GMT
server
nginx/1.16.1
etag
"594681cd-2663"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
9827
expires
Sat, 15 Oct 2022 05:04:05 GMT
ads.js
friends.in.ua/templates/StopFilm/js/ 		17 B
235 B 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/js/ads.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
ab8b6924619317a40378b8e6300d982eed7212151048bc43bd2f3706ca428621
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 10 Apr 2018 22:38:13 GMT
server
nginx/1.16.1
etag
"5acd3cd5-11"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
17
expires
Sat, 15 Oct 2022 05:04:05 GMT
libs.js
friends.in.ua/templates/StopFilm/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/js/libs.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
371bd1007ecc50fdb3474537fd2a65516483e547bd0a552e0c51770c5c4e5952
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Thu, 16 May 2019 18:04:24 GMT
server
nginx/1.16.1
etag
"5cdda628-b99"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
2969
expires
Sat, 15 Oct 2022 05:04:05 GMT
share42.js
friends.in.ua/photos/share/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/photos/share/share42.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
e25b1807f6285a992305a2a993e7894c56c8864b20d7627f8956c454a8a84824
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Sat, 28 Jul 2018 11:46:07 GMT
server
nginx/1.16.1
etag
"5b5c577f-b4c"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
2892
expires
Sat, 15 Oct 2022 05:04:05 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 21:41:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
199369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33576
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Oct 2023 21:41:16 GMT
slick.min.js
friends.in.ua/templates/StopFilm/js/ 		42 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/js/slick.min.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Sat, 22 Dec 2018 17:00:11 GMT
server
nginx/1.16.1
etag
"5c1e6d9b-a76f"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
42863
expires
Sat, 15 Oct 2022 05:04:05 GMT
header.js
friends.in.ua/templates/StopFilm/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/js/header.js?v=1.0.2
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f800e06dd0a06d26695ce311bdd13904916ae3e280481842cb5ffec4ddccc9a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Fri, 09 Aug 2019 17:29:30 GMT
server
nginx/1.16.1
etag
"5d4dad7a-7f5"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
2037
expires
Sat, 15 Oct 2022 05:04:05 GMT
video_switches.js
friends.in.ua/templates/StopFilm/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/js/video_switches.js?v=1.0.6
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f4d6fa15792bf2316634e30547b58982f70779af811f4f4612d78d4af4525a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Thu, 18 Apr 2019 23:47:53 GMT
server
nginx/1.16.1
etag
"5cb90ca9-4b3"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
1203
expires
Sat, 15 Oct 2022 05:04:05 GMT
jquery.video.js
friends.in.ua/js/ 		925 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/js/jquery.video.js?v=2.0.7
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
39980b315eb62a1631c5f4016ab4b3e6cf632996def0434b91cec6077ec9bb64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 10 Apr 2018 22:42:44 GMT
server
nginx/1.16.1
etag
"5acd3de4-39d"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
925
expires
Sat, 15 Oct 2022 05:04:05 GMT
logo1.png
friends.in.ua/templates/StopFilm/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/templates/StopFilm/images/logo1.png
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
c24bbcb3112da75415103f764163f3d510440abe4f3916e601ae6c1fa894eb4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Sun, 07 Jul 2019 14:02:55 GMT
server
nginx/1.16.1
etag
"5d21fb8f-299c"
content-type
image/png
cache-control
max-age=864000
accept-ranges
bytes
content-length
10652
expires
Sat, 15 Oct 2022 05:04:05 GMT
lib.js
franecki.net/js/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://franecki.net/js/lib.js?no_dmp=1
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
ed4a6bfc2ee3e531be78b7330cbdbf23b564fa5144975bca472d60c3b03212b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/javascript
Connection
close
Expires
0
lib.js
franecki.net/js/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://franecki.net/js/lib.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
6d5466f76fd227a2029054e09c132479983ab4697f45efb622f8294ca44f0423
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/javascript
Connection
close
Expires
0
serial-druzi.jpg
friends.in.ua/photos/films/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/photos/films/serial-druzi.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
1e7e6b59a5b05255178c9b9acfc303fe2c35a16534e61076c8bfe37a16ec8e51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Mon, 15 Apr 2019 22:33:58 GMT
server
nginx/1.16.1
etag
"5cb506d6-13533"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
79155
expires
Sat, 15 Oct 2022 05:04:05 GMT
charmed.jpg
friends.in.ua/posters/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/charmed.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
8fbef915c39b670da441a27a7ac28cfbd480a921ee6ec1ec0d325aec3d074914
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Sat, 18 May 2019 16:00:51 GMT
server
nginx/1.16.1
etag
"5ce02c33-69d1"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
27089
expires
Sat, 15 Oct 2022 05:04:05 GMT
domogospodarky.jpg
friends.in.ua/posters/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/domogospodarky.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
c2899b0932bdf27ca8d24ffefabe2892045f7dd8bcb3d45ba2c81f683578f308
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Thu, 16 May 2019 21:40:32 GMT
server
nginx/1.16.1
etag
"5cddd8d0-70da"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
28890
expires
Sat, 15 Oct 2022 05:04:05 GMT
pokoyivky.jpg
friends.in.ua/photos/pokoyivky/ 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/photos/pokoyivky/pokoyivky.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
b9132ab54c6e1bc9d6c1fd6b66b93c77894cda13b87cc8fdb3fabb1d4222ee0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Wed, 09 Feb 2022 09:50:32 GMT
server
nginx/1.16.1
etag
"62038e68-23273"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
143987
expires
Sat, 15 Oct 2022 05:04:05 GMT
seks-i-misto.jpg
friends.in.ua/posters/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/seks-i-misto.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
57747d0c58d8a960164c63f821b3132b813318f97d34fe74ed61ff679158ede4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Thu, 13 Jun 2019 20:59:48 GMT
server
nginx/1.16.1
etag
"5d02b944-c438"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
50232
expires
Sat, 15 Oct 2022 05:04:05 GMT
roksolana.jpg
friends.in.ua/posters/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/roksolana.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f83aba329a813f09369e5835393cf80f17235983b5933dcd51b8a8f3d95aac73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Wed, 07 Aug 2019 11:23:02 GMT
server
nginx/1.16.1
etag
"5d4ab496-1019b"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
65947
expires
Sat, 15 Oct 2022 05:04:05 GMT
ErkenciKus.jpg
friends.in.ua/photos/ErkenciKus/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/photos/ErkenciKus/ErkenciKus.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
8078f97416dbfbb2b24d6a2ae82d6130ace453db0199a80746dfac32ac1040b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Sat, 29 Jan 2022 20:59:25 GMT
server
nginx/1.16.1
etag
"61f5aaad-e276"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
57974
expires
Sat, 15 Oct 2022 05:04:05 GMT
IstanbulluGelin.jpg
friends.in.ua/photos/IstanbulluGelin/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/photos/IstanbulluGelin/IstanbulluGelin.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
825190bc39f5380a2a05980aa17f0503dceaa0704081a20b97f43afb180ca5ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Fri, 26 Nov 2021 09:34:08 GMT
server
nginx/1.16.1
etag
"61a0aa10-dd71"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
56689
expires
Sat, 15 Oct 2022 05:04:05 GMT
vandavizhen.jpg
friends.in.ua/posters/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/vandavizhen.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
ae667f9c3a748739ea15139d817849bca484b29d00bdbdb3c5c6c318a87951b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Sat, 27 Feb 2021 13:15:04 GMT
server
nginx/1.16.1
etag
"603a45d8-149c4"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
84420
expires
Sat, 15 Oct 2022 05:04:05 GMT
mandalorec.jpg
friends.in.ua/posters/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/mandalorec.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0c24d5868a3003ccf924ab3d528967219e03d6c93d46da648dc7e15b7d0b005d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Fri, 06 Nov 2020 19:17:18 GMT
server
nginx/1.16.1
etag
"5fa5a13e-11ca9"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
72873
expires
Sat, 15 Oct 2022 05:04:05 GMT
office.jpg
friends.in.ua/posters/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/office.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
01f460e02afed4fa122618a31212b246ecb7004961851dce17a42500dc4e0442
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Mon, 22 Jun 2020 13:53:11 GMT
server
nginx/1.16.1
etag
"5ef0b7c7-fe2a"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
65066
expires
Sat, 15 Oct 2022 05:04:05 GMT
la-casa-de-papel.jpg
friends.in.ua/posters/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/la-casa-de-papel.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
855cf138941573cf3dd1daf6ea12a15122e115c9145d809c8e3556f73668e254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Mon, 06 Sep 2021 19:29:55 GMT
server
nginx/1.16.1
etag
"61366c33-14e6a"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
85610
expires
Sat, 15 Oct 2022 05:04:05 GMT
vidmak.jpg
friends.in.ua/posters/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/vidmak.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
164331299d8714c825f8579119570c0281762fd67567e32cfa7e95cfa0516a22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Fri, 27 Dec 2019 02:18:08 GMT
server
nginx/1.16.1
etag
"5e0569e0-10e4a"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
69194
expires
Sat, 15 Oct 2022 05:04:05 GMT
baffi.jpg
friends.in.ua/posters/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/baffi.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
ba6ad3d5f2e4f812f189159634422ef4595e1efecc67ac79f5bd484fba3e3a46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Mon, 09 Mar 2020 14:44:01 GMT
server
nginx/1.16.1
etag
"5e665631-f28f"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
62095
expires
Sat, 15 Oct 2022 05:04:05 GMT
big-bang.jpg
friends.in.ua/posters/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/big-bang.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0462c90aa69c24ecb90cfb59024b71fb99c89c911432d5ad21c7cbf18ef7ea6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 23 Jul 2019 15:21:03 GMT
server
nginx/1.16.1
etag
"5d3725df-11543"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
70979
expires
Sat, 15 Oct 2022 05:04:05 GMT
sheldon.jpg
friends.in.ua/posters/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/sheldon.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0914444836fae2f430d7c42f27b07a536508197a35aa9e4c8294bc5f7978d08b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 06 Aug 2019 14:10:15 GMT
server
nginx/1.16.1
etag
"5d498a47-b347"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
45895
expires
Sat, 15 Oct 2022 05:04:05 GMT
novobranec.jpg
friends.in.ua/posters/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/novobranec.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0312e1f30bf4a79a90bead6d2cd681c2049e8a51d9e4a55249f21b2300da09c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Wed, 20 Nov 2019 20:16:55 GMT
server
nginx/1.16.1
etag
"5dd59f37-bc29"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
48169
expires
Sat, 15 Oct 2022 05:04:05 GMT
met-mother.jpg
friends.in.ua/posters/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/met-mother.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
94d7aa346974c2fb89458181777b05db520c81fefd53220dd124f064b08e6866
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 06 Aug 2019 19:03:02 GMT
server
nginx/1.16.1
etag
"5d49cee6-e08a"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
57482
expires
Sat, 15 Oct 2022 05:04:05 GMT
alf.jpg
friends.in.ua/posters/alf/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/alf/alf.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
19bcad5c32c05a87eeecac5ae6a3398dc2b3d2a0409a32f32c4824b4a0ca9459
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Mon, 16 Sep 2019 21:48:34 GMT
server
nginx/1.16.1
etag
"5d800332-e9cb"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
59851
expires
Sat, 15 Oct 2022 05:04:05 GMT
joey.jpg
friends.in.ua/posters/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/joey.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
d9f7eb7abd8c938bdd86975d382911f93580a1a4622b2b816fb920f93e9a66ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Sun, 11 Aug 2019 15:35:16 GMT
server
nginx/1.16.1
etag
"5d5035b4-bb7c"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
47996
expires
Sat, 15 Oct 2022 05:04:05 GMT
ncis.jpg
friends.in.ua/posters/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/ncis.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
00ac6ba4c7cd386ce2f692f45e7718b866bb00af4a14be2efab8e49a90b3df01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Wed, 14 Aug 2019 22:12:20 GMT
server
nginx/1.16.1
etag
"5d548744-10fae"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
69550
expires
Sat, 15 Oct 2022 05:04:05 GMT
dyvni-dyva.jpg
friends.in.ua/posters/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/dyvni-dyva.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
c6002842e5f7cd5d7898ccd55452049240e2014e283191fb63770bfe3ec49973
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Sat, 06 Jul 2019 22:49:34 GMT
server
nginx/1.16.1
etag
"5d21257e-d53b"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
54587
expires
Sat, 15 Oct 2022 05:04:05 GMT
doktor-haus.jpg
friends.in.ua/posters/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/doktor-haus.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f60dae7119e9a426e1d780c4975d6bcc5a86ee60638a8bd0588324ed29905438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Mon, 17 Jun 2019 15:06:56 GMT
server
nginx/1.16.1
etag
"5d07ac90-d009"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
53257
expires
Sat, 15 Oct 2022 05:04:05 GMT
rozcharuvannya.jpg
friends.in.ua/posters/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/rozcharuvannya.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
425d14466d34dbb0acaa9cac644d5508c96124e36c0f233b365dff87a6e37874
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Thu, 16 May 2019 21:43:08 GMT
server
nginx/1.16.1
etag
"5cddd96c-a50d"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
42253
expires
Sat, 15 Oct 2022 05:04:05 GMT
policiya-paradayz.jpg
friends.in.ua/posters/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/posters/policiya-paradayz.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
5ce0bbe89a521f471b2e1dcac3dfde2fa5532200acc9d5d3c8a450f363a2c54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Sun, 19 May 2019 19:05:17 GMT
server
nginx/1.16.1
etag
"5ce1a8ed-8991"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
35217
expires
Sat, 15 Oct 2022 05:04:05 GMT
jquery.cookie.js
friends.in.ua/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/js/jquery.cookie.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Fri, 11 Aug 2017 11:22:09 GMT
server
nginx/1.16.1
etag
"598d9361-c31"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
3121
expires
Sat, 15 Oct 2022 05:04:05 GMT
share.js
friends.in.ua/templates/StopFilm/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/js/share.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
77b923d6fd76d50e9728f2786c10de9ab04d7853b863244de8f4f9ab612f8bd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Sun, 18 Jun 2017 13:36:13 GMT
server
nginx/1.16.1
etag
"594681cd-c98"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
3224
expires
Sat, 15 Oct 2022 05:04:05 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		161 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2072b344a4c1604ce23e31d3f4cd6b54934adb30b360113553a4873bf08232e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54528
x-xss-protection
0
server
cafe
etag
6744415482936397325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 05 Oct 2022 05:04:06 GMT
pushy.min.js
friends.in.ua/templates/StopFilm/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/js/pushy.min.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
5f1a3a89f85d7d8fea248137111c5030e521d9efa3da80f95eaa2bf8ac3b6836
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Sun, 18 Jun 2017 13:36:13 GMT
server
nginx/1.16.1
etag
"594681cd-7d2"
content-type
application/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
2002
expires
Sat, 15 Oct 2022 05:04:05 GMT
ping
test.takedwn.ws/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://test.takedwn.ws/ping
Requested by
Host: kodir2.github.io
URL: https://kodir2.github.io/actualize.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.45.78 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3204216.ip-141-95-45.eu
Software
nginx /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 05 Oct 2022 05:04:05 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
player
stats.myangular.life/ 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.myangular.life/player?hit=script&sub=actualize&host=friends.in.ua
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.247.92 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.92.247.251.148.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 05 Oct 2022 05:04:05 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
thesimpsons.jpg
friends.in.ua/templates/StopFilm/images/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/templates/StopFilm/images/thesimpsons.jpg
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/templates/StopFilm/css/style.css?v=1.1.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
480e671f35917348ea232ffe01e2d759469f630f3b4045689e60d2edf69b63e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/templates/StopFilm/css/style.css?v=1.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:05 GMT
strict-transport-security
max-age=31536000;
last-modified
Wed, 21 Jun 2017 10:09:06 GMT
server
nginx/1.16.1
etag
"594a45c2-78aa"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
30890
expires
Sat, 15 Oct 2022 05:04:05 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 05 Oct 2022 03:15:57 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6488
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 05 Oct 2022 05:15:57 GMT
sdk.js
connect.facebook.net/ru_RU/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
abd981d1d2dd3eaf724234dce2f17d1dad9ec8229bdd7b88b86ce0f98944cdcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 05 Oct 2022 05:04:05 GMT
content-md5
fZ0RCmAPdKq8UKmHmJzTKg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
NDWO7AC80edAgSe5791f/h9c6d/SiSAeIdWarZ1tgpWvCpO/MW5NliULbNprM6wH8pJgo4+zEx9mUYMxN2Ym0w==
x-fb-trip-id
917726464
x-fb-content-md5
af41d2a2550b95e95b9279505588f505
cross-origin-opener-policy
same-origin-allow-popups
etag
"b5124a1f812f988b5264401af3c5befb"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Wed, 05 Oct 2022 05:13:46 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUJiZTaR.woff2
fonts.gstatic.com/s/oswald/v49/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUJiZTaR.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600|Oswald:700&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c298c7796b872b6caa387178a0089923ed809b663bc5584601ec7c2182eb2bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://friends.in.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 00:37:51 GMT
x-content-type-options
nosniff
age
102374
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5856
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:16:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Oct 2023 00:37:51 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600|Oswald:700&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://friends.in.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 21:17:32 GMT
x-content-type-options
nosniff
age
114393
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10172
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:23:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 21:17:32 GMT
sdk.js
connect.facebook.net/ru_RU/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js?hash=957747196514c976a6bfae1d4830f4d2
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
adf7d809294b4ff2720377059881a98f3be0c44e29f58091dcf148e82c4240d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://friends.in.ua/
Origin
https://friends.in.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 05 Oct 2022 05:04:06 GMT
content-md5
tznVueupF9uYQ0Y8G7+ZvA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
87166
x-fb-rlafr
0
x-fb-debug
/w3NkrNkAWur26CEKJHMCPsYq9yIktGD6KrVmOvigFDsXfqMQaorn0eVSfhZX9u6aitmcZW+IO0WeLNlkO0t8Q==
x-fb-content-md5
492972e61efd44141540ebf594136773
cross-origin-opener-policy
same-origin-allow-popups
etag
"f058e40ea7c704ddae502775b45629ad"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 04 Oct 2023 21:00:05 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=996524046&t=pageview&_s=1&dl=https%3A%2F%2Ffriends.in.ua%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2000057280&gjid=1394721086&cid=280957019.1664946246&tid=UA-60815340-5&_gid=749856625.1664946246&_r=1&_slc=1&z=2020843353
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://friends.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://friends.in.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=996524046&t=pageview&_s=1&dl=https%3A%2F%2Ffriends.in.ua%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=2041869514&gjid=571579031&cid=280957019.1664946246&tid=UA-60815340-5&_gid=749856625.1664946246&_r=1&gtm=2oua30&z=1141763558
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://friends.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://friends.in.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/webp
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/ Frame 5763 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
53863
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 14:06:23 GMT
etag
9671129459699598864
expires
Tue, 18 Oct 2022 14:06:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dc
s.sarafan.fun/ 		2 B
201 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.sarafan.fun/dc?rid=R0I=::633d13e10f06978647990549
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.9.86.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.122.86.9.176.clients.your-server.de
Software
nginx /
Resource Hash
4e3cf60495dca6411d155372c42aa62f07a6f0c5792f016cff361dd7a3965b20

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:06 GMT
Content-Encoding
gzip
Server
nginx
Connection
close
Transfer-Encoding
chunked
Content-Type
text/plain
/
reichelcormier.bid/candy/ 		57 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reichelcormier.bid/candy/?method=adwuid&c=&r=0.5028551651456397
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.159.92 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
bd4a5ebd77ca7caeb1413b5a37eca762d38c9e1d0705f32d31259078064fcc3b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:06 GMT
Content-Encoding
gzip
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/plain
Access-Control-Allow-Origin
https://friends.in.ua
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Method
GET,POST
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ 		349 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1034840951493578&plah=friends.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26c1055d87ef81bd223708ab6db9f5b302efd683ff7132c338cfa14b4e082cbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117210
x-xss-protection
0
server
cafe
etag
12158485936490458092
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 05 Oct 2022 05:04:06 GMT
/
aurabom.ru/player/ 		126 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aurabom.ru/player/
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.224.112.249 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde377-2.fornex.org
Software
nginx /
Resource Hash
8e541fe13532c4ee1bde21ed75e710a4d436f393dcf34080d2627b626a064783

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:06 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"1f73f-kB14UJ4n1OHjy6DlgcgKxA"
Vary
Accept-Encoding
Transfer-Encoding
chunked
X-Hostname
dsde326.rotator.viboom.com
Content-Type
text/javascript; charset=utf-8
Connection
keep-alive
humanitarian-five.js
franecki.net/js/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://franecki.net/js/humanitarian-five.js?no_dmp=1
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
6b5f93fcba0cae2cf7d63478302e219b922d252bca9925061e733d5494da52ac

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:06 GMT
Content-Encoding
gzip
Last-Modified
Sun, 02 Oct 2022 10:49:31 GMT
Server
openresty
ETag
W/"63396cbb-ad30"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Connection
close
test-ad.php
friends.in.ua/ 		4 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/test-ad.php?adsize=981&adnet=120x600&adspace=adslot
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 / PHP/5.6.40
Resource Hash
5db1fee4b5703808c48078a76768b155b421b210c0761cd6a5d223f4d99f1eaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept
*/*
Referer
https://friends.in.ua/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:06 GMT
strict-transport-security
max-age=31536000;
server
nginx/1.16.1
x-powered-by
PHP/5.6.40
content-type
text/html; charset=UTF-8
fontawesome-webfont.woff
friends.in.ua/templates/StopFilm/fonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://friends.in.ua/templates/StopFilm/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/templates/StopFilm/css/font-awesome.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://friends.in.ua/templates/StopFilm/css/font-awesome.css
Origin
https://friends.in.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:06 GMT
strict-transport-security
max-age=31536000;
last-modified
Sun, 18 Jun 2017 13:36:13 GMT
server
nginx/1.16.1
etag
"ffac-5523c1a1a4d40"
content-type
application/font-woff
accept-ranges
bytes
content-length
65452
adv.png
friends.in.ua/ 		544 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friends.in.ua/adv.png?adsize=981&adnet=120x600&adspace=adslot
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
e9d04b52142cb63af955d167a62bc412e280b01a17648994aa4b838e0c979c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:06 GMT
strict-transport-security
max-age=31536000;
last-modified
Tue, 10 Apr 2018 22:08:58 GMT
server
nginx/1.16.1
etag
"5acd35fa-220"
content-type
image/png
cache-control
max-age=864000
accept-ranges
bytes
content-length
544
expires
Sat, 15 Oct 2022 05:04:06 GMT
azure_rus.gif
www.megastock.ru/doc/88x31_user/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.megastock.ru/doc/88x31_user/azure_rus.gif
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.118.48.164 , Russian Federation, ASN25308 (CITYLAN-AS, RU),
Reverse DNS
Software
openresty / ASP.NET
Resource Hash
1cdfec4471965cdc07a0a4fff3c5d65c624d201dd2d30772d1fa40adff2d9e4e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:06 GMT
Last-Modified
Thu, 07 Nov 2013 09:45:35 GMT
Server
openresty
ETag
"1d4ce71b9edbce1:0"
X-Powered-By
ASP.NET
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2183
/
godsave.lgbt/r/ 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://godsave.lgbt/r/?auid=633d10e00a26414069625101&p=633d10e00a26414069625101
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.159.92 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://friends.in.ua
Date
Wed, 05 Oct 2022 05:04:06 GMT
Access-Control-Allow-Credentials
true
Server
openresty
Connection
close, close
Access-Control-Allow-Method
GET,POST
/
quitzon.net/r/ 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://quitzon.net/r/?auid=633d10e00a26414069625101&p=633d10e00a26414069625101
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.159.92 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://friends.in.ua
Date
Wed, 05 Oct 2022 05:04:06 GMT
Access-Control-Allow-Credentials
true
Server
openresty
Connection
close, close
Access-Control-Allow-Method
GET,POST
/
bashirian.biz/r/ 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bashirian.biz/r/?auid=633d10e00a26414069625101&p=633d10e00a26414069625101
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.159.92 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://friends.in.ua
Date
Wed, 05 Oct 2022 05:04:06 GMT
Access-Control-Allow-Credentials
true
Server
openresty
Connection
close, close
Access-Control-Allow-Method
GET,POST
/
franecki.net/r/ 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://franecki.net/r/?auid=633d10e00a26414069625101&p=633d10e00a26414069625101
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://friends.in.ua
Date
Wed, 05 Oct 2022 05:04:06 GMT
Access-Control-Allow-Credentials
true
Server
openresty
Connection
close, close
Access-Control-Allow-Method
GET,POST
/
buckridge.link/r/ 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buckridge.link/r/?auid=633d10e00a26414069625101&p=633d10e00a26414069625101
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.159.92 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://friends.in.ua
Date
Wed, 05 Oct 2022 05:04:06 GMT
Access-Control-Allow-Credentials
true
Server
openresty
Connection
close, close
Access-Control-Allow-Method
GET,POST
/
0qq20ey4fo5veh0t.wisokykulas.bid/r/ 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://0qq20ey4fo5veh0t.wisokykulas.bid/r/?auid=633d10e00a26414069625101&p=633d10e00a26414069625101
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.159.92 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://friends.in.ua
Date
Wed, 05 Oct 2022 05:04:06 GMT
Access-Control-Allow-Credentials
true
Server
openresty
Connection
close, close
Access-Control-Allow-Method
GET,POST
67b798e50a15eca78568eeb621e83c3f.js
franecki.net/assets/pack/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://franecki.net/assets/pack/67b798e50a15eca78568eeb621e83c3f.js?1&dmpguid=633d10e00a26414069625101&adwuid=633d10e00a26414069625101&ct=na&webp=1&sw=1600&sh=1200&ww=1600&wh=1200&fp=42a0872bef3364e3484ecd91a6996b1e&libjs=1&dc_rid=633d13e10f06978647990549
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
a57acc7776143c4260462075f7ee06df650c3ea5969900f63f1246b0fb76cff4
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:06 GMT
Strict-Transport-Security
max-age=86400; includeSubDomains; preload
Content-Encoding
gzip
x-render-time
7.44
Server
openresty
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=utf-8
x-adwsegments
{"r:100842:iprange:1":1}
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
Connection
close
Access-Control-Allow-Headers
*
x-cid
33246
Expires
Mon, 04 Dec 1999 21:29:02 GMT
/
quitzon.net/r/ 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://quitzon.net/r/?auid=633d10e00a26414069625101&p=633d10e00a26414069625101
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.159.92 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://friends.in.ua
Date
Wed, 05 Oct 2022 05:04:06 GMT
Access-Control-Allow-Credentials
true
Server
openresty
Connection
close, close
Access-Control-Allow-Method
GET,POST
/
bashirian.biz/r/ 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bashirian.biz/r/?auid=633d10e00a26414069625101&p=633d10e00a26414069625101
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.159.92 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://friends.in.ua
Date
Wed, 05 Oct 2022 05:04:06 GMT
Access-Control-Allow-Credentials
true
Server
openresty
Connection
close, close
Access-Control-Allow-Method
GET,POST
/
franecki.net/r/ 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://franecki.net/r/?auid=633d10e00a26414069625101&p=633d10e00a26414069625101
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://friends.in.ua
Date
Wed, 05 Oct 2022 05:04:06 GMT
Access-Control-Allow-Credentials
true
Server
openresty
Connection
close, close
Access-Control-Allow-Method
GET,POST
/
buckridge.link/r/ 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buckridge.link/r/?auid=633d10e00a26414069625101&p=633d10e00a26414069625101
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.159.92 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://friends.in.ua
Date
Wed, 05 Oct 2022 05:04:06 GMT
Access-Control-Allow-Credentials
true
Server
openresty
Connection
close, close
Access-Control-Allow-Method
GET,POST
/
0qq20ey4fo5veh0t.wisokykulas.bid/r/ 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://0qq20ey4fo5veh0t.wisokykulas.bid/r/?auid=633d10e00a26414069625101&p=633d10e00a26414069625101
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.159.92 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://friends.in.ua
Date
Wed, 05 Oct 2022 05:04:06 GMT
Access-Control-Allow-Credentials
true
Server
openresty
Connection
close, close
Access-Control-Allow-Method
GET,POST
b884872a195939d21d07f1384cc7928d.js
franecki.net/assets/pack/ 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://franecki.net/assets/pack/b884872a195939d21d07f1384cc7928d.js?1&dmpguid=633d10e00a26414069625101&adwuid=633d10e00a26414069625101&ct=na&webp=1&sw=1600&sh=1200&ww=1600&wh=1200&fp=42a0872bef3364e3484ecd91a6996b1e&libjs=1&dc_rid=633d13e10f06978647990549
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:06 GMT
Strict-Transport-Security
max-age=86400; includeSubDomains; preload
Content-Encoding
gzip
x-render-time
3.69
Server
openresty
Transfer-Encoding
chunked
x-adwsegments
{"r:100842:iprange:1":1}
access-control-allow-credentials
true
Connection
close
Access-Control-Allow-Headers
*
/
quitzon.net/r/ 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://quitzon.net/r/?auid=633d10e00a26414069625101&p=633d10e00a26414069625101
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.159.92 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://friends.in.ua
Date
Wed, 05 Oct 2022 05:04:06 GMT
Access-Control-Allow-Credentials
true
Server
openresty
Connection
close, close
Access-Control-Allow-Method
GET,POST
/
bashirian.biz/r/ 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bashirian.biz/r/?auid=633d10e00a26414069625101&p=633d10e00a26414069625101
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.159.92 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://friends.in.ua
Date
Wed, 05 Oct 2022 05:04:06 GMT
Access-Control-Allow-Credentials
true
Server
openresty
Connection
close, close
Access-Control-Allow-Method
GET,POST
/
franecki.net/r/ 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://franecki.net/r/?auid=633d10e00a26414069625101&p=633d10e00a26414069625101
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://friends.in.ua
Date
Wed, 05 Oct 2022 05:04:06 GMT
Access-Control-Allow-Credentials
true
Server
openresty
Connection
close, close
Access-Control-Allow-Method
GET,POST
/
buckridge.link/r/ 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buckridge.link/r/?auid=633d10e00a26414069625101&p=633d10e00a26414069625101
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.159.92 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://friends.in.ua
Date
Wed, 05 Oct 2022 05:04:06 GMT
Access-Control-Allow-Credentials
true
Server
openresty
Connection
close, close
Access-Control-Allow-Method
GET,POST
/
0qq20ey4fo5veh0t.wisokykulas.bid/r/ 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://0qq20ey4fo5veh0t.wisokykulas.bid/r/?auid=633d10e00a26414069625101&p=633d10e00a26414069625101
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.159.92 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://friends.in.ua
Date
Wed, 05 Oct 2022 05:04:06 GMT
Access-Control-Allow-Credentials
true
Server
openresty
Connection
close, close
Access-Control-Allow-Method
GET,POST
0cebdb31bcc8cbf9d7da8a95e22b5982.js
franecki.net/assets/pack/ 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://franecki.net/assets/pack/0cebdb31bcc8cbf9d7da8a95e22b5982.js?1&dmpguid=633d10e00a26414069625101&adwuid=633d10e00a26414069625101&ct=na&webp=1&sw=1600&sh=1200&ww=1600&wh=1200&fp=42a0872bef3364e3484ecd91a6996b1e&libjs=1&dc_rid=633d13e10f06978647990549
Requested by
Host: franecki.net
URL: https://franecki.net/js/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:06 GMT
Strict-Transport-Security
max-age=86400; includeSubDomains; preload
Content-Encoding
gzip
x-render-time
31.72
Server
openresty
Transfer-Encoding
chunked
x-adwsegments
{"r:100842:iprange:1":1}
access-control-allow-credentials
true
Connection
close
Access-Control-Allow-Headers
*
cookie.js
partner.googleadservices.com/gampad/ 		217 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=friends.in.ua&callback=_gfp_s_&client=ca-pub-1034840951493578
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1034840951493578&plah=friends.in.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
0e1c15d159d08a6083b8c9e50b6f08308a348106bf60b385300761cb816574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=friends.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1034840951493578&plah=friends.in.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=friends.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1034840951493578&plah=friends.in.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1D48 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1034840951493578&output=html&adk=1812271804&adf=3025194257&lmt=1664946246&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffriends.in.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664946246374&bpp=3&bdt=772&idt=338&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6510274249015&frm=20&pv=2&ga_vid=280957019.1664946246&ga_sid=1664946247&ga_hid=996524046&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44767667%2C42531705%2C44774605%2C44773747%2C31068921&oid=2&pvsid=1761487809210438&tmod=1979612422&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=418
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1034840951493578&plah=friends.in.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 05:04:06 GMT
expires
Wed, 05 Oct 2022 05:04:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
t.js
sholke.com/ Frame 35F7 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3932261664946246815
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-87.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0627e2de3ed07693664eed5c932c94daed9d98b3f10043914b93c34b83e8627c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:46:57 GMT
x-amz-version-id
dA4Fe8HVqWzJ0kdxW9pTboxBQT4XyDQO
content-encoding
br
last-modified
Mon, 03 Oct 2022 09:57:56 GMT
server
AmazonS3
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
etag
W/"1f8bcab833fd358cdd3a0188d9bf9292"
age
73030
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
JjB8T2z6vod8nBHJ0pCt8eNiB_NJcFp_7L59HPpbtVGOxtrh0wkvgw==
t6vjtkugvap61lmhzkwwc.json
sholke.com/c/ Frame 35F7 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sholke.com/c/t6vjtkugvap61lmhzkwwc.json
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3932261664946246815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-87.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a98859a06a5d54bc094c0d0c65c42972c38eea07c5c9f3b3fdba600ca35fe69c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:55:59 GMT
x-amz-version-id
TyzjzRKNL5iNtXNTfF2YuqIxHdmPS61v
via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified
Sun, 02 Oct 2022 19:00:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
72489
etag
"b2a12e7633668011df064a417992127b"
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
content-length
1285
x-amz-cf-id
FZSzXFJwXaHdoo5I-mE8foCZJa_VohF_ITKXBCUfPjx29g5-BdFSZQ==
watch.js
mc.yandex.ru/metrika/ 		159 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: aurabom.ru
URL: https://aurabom.ru/player/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
3d2c19c70416e84216783738fae9623c624eb7049c401bd90b218f3f5646d7f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Tue, 04 Oct 2022 10:25:54 GMT
etag
"633be002-dfc5"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
57285
expires
Wed, 05 Oct 2022 06:04:07 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-57015589-1&l=viboomGa
Requested by
Host: aurabom.ru
URL: https://aurabom.ru/player/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
91b6795f67761fdfd9a0953af510ed66f0e0d42ca3157c71200030bffba91393
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42404
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Oct 2022 05:04:07 GMT
video.css
aurabom.ru/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aurabom.ru/video.css
Requested by
Host: aurabom.ru
URL: https://aurabom.ru/player/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.224.112.249 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde377-2.fornex.org
Software
nginx /
Resource Hash
892cb57a1eeb3e07a75462120d3b8429f2cf28d1f57aba1d7933395a9043bb7b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:07 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"688f-KJGOmg0i5xsU4jAsDLZ+fw"
Vary
Accept-Encoding
Transfer-Encoding
chunked
X-Hostname
dsde326.rotator.viboom.com
Content-Type
text/css; charset=utf-8
Connection
keep-alive
pixel.js
x01.aidata.io/
Redirect Chain
  • https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=f066c4adb2048ac01caf6e9cf8fac0bb&v=1664946246998
  • https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=f066c4adb2048ac01caf6e9cf8fac0bb&v=1664946246998&pid=VIBOOM&js=1&show_js_referer=1&bounce=1
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=f066c4adb2048ac01caf6e9cf8fac0bb&v=1664946246998&pid=VIBOOM&js=1&show_js_referer=1&bounce=1
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Server
89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51803.reg.regrucolo.ru
Software
nginx /
Resource Hash
a65970eb3bbac287ee9adc7ec325dc9ba71df20c00df16e6aed8aa92f1f7b637

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:07 GMT
content-encoding
gzip
last-modified
Wed, 05 Oct 2022 05:04:06 GMT
server
nginx
access-control-allow-methods
GET, POST
content-type
application/javascript
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Wed, 05 Oct 2022 05:04:06 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:07 GMT
last-modified
Wed, 05 Oct 2022 05:04:06 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=f066c4adb2048ac01caf6e9cf8fac0bb&v=1664946246998&pid=VIBOOM&js=1&show_js_referer=1&bounce=1
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Wed, 05 Oct 2022 05:04:06 GMT
/
aurabom.ru/video/get/ 		202 B
715 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aurabom.ru/video/get/?platformId=101909&format=3&overrollType=embeded&sig=31aeb6078a58f6d2&data=%7B%22shown%22%3A%5B%5D%2C%22errors%22%3A%5B%5D%2C%22dimentions%22%3A%7B%7D%2C%22referer%22%3A%22https%3A%2F%2Ffriends.in.ua%2F%22%2C%22origReferer%22%3A%22https%3A%2F%2Ffriends.in.ua%2F%22%2C%22location%22%3A%22https%3A%2F%2Ffriends.in.ua%2F%22%2C%22n%22%3A0%2C%22lang%22%3A%22en-US%22%2C%22title%22%3A%22%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS%22%7D&vbmuid=f066c4adb2048ac01caf6e9cf8fac0bb
Requested by
Host: aurabom.ru
URL: https://aurabom.ru/player/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.224.112.249 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde377-2.fornex.org
Software
nginx /
Resource Hash
8d4b9d561703235b44c824408370d4405e2c2c7ba7da310af7f40fc094da283e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:07 GMT
Server
nginx
ETag
W/"ca-2ZN5lu9UKj1bfipcdO3KEw"
Rotator-message
video: no campaignAccess, code: -11, msg: undefined, format: 3, platformId: 101909, rtrCampaignId: false
X-Hostname
dsde326.rotator.viboom.com
Content-Type
text/javascript; charset=utf-8
Vary
Accept-Encoding
Connection
keep-alive
Content-Length
202
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 01E7 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3932261664946246815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75b79012e2d2d2600ec7f91783f319aa75d867e7feabccd943045af6fcf2540f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27720
x-xss-protection
0
server
sffe
etag
"1354 / 872 of 1000 / last-modified: 1664921228"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 05 Oct 2022 05:04:07 GMT
prebid6.28.0.js
hb.adpone.com/ Frame 01E7 		401 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.28.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3932261664946246815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ca4233eefee59f7a233f8c2f33000cd3211d91006bcfb6818c20da79d2b1918

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
x-amz-version-id
x5L5JdEDG5On.qeaBIFlrpEiCcjiPsIi
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1WK9F5SGH4H8HNFE
age
3879
x-amz-id-2
e9WQKgJ4P5rK1R92PCMK6vZNhe90CSF9YlhQVLMuV27wSP4RgNYzabJPpgwtuWpA4tm4xX/fC+o=
last-modified
Thu, 01 Sep 2022 08:38:40 GMT
server
cloudflare
etag
W/"94ea378b0eaeec94d5e74f26642abb74"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbPMhdfx7RHQ5H3YNxAu9qSlJ2xmoiIAjEZ%2FhQNG%2FEhcGldHxxjeU1JZmmBE4Q0gWfN99edcOUVVJnTTmLFv2pRg%2BkLknAYe62cs8QtB%2Bh0obZg1Sh8ubsmmGTZ8DI41US40B820NUvmItM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75539d5d9fc7e630-LHR
p.html
sholke.com/r/ Frame D4F0 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=shkmyqoh&e=1786821995930
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3932261664946246815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-87.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
73031
content-encoding
br
content-type
text/html
date
Tue, 04 Oct 2022 08:46:57 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id
8JqXmGFnW4-SPVOeujFd9KAlf97UBn95yIk-wNcIOCFp2V2oLPzNCA==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame 082A 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=geafdakmvm&e=1786821995930
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3932261664946246815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-87.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
73031
content-encoding
br
content-type
text/html
date
Tue, 04 Oct 2022 08:46:57 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id
8LKLd6xoZ-usVQUEkWTuLKWauo9QbYWBn49qYar4kyIIT2PK-_uTzA==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame 6B06 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=jbsaxzrm&e=1786821995930
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3932261664946246815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-87.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
73031
content-encoding
br
content-type
text/html
date
Tue, 04 Oct 2022 08:46:57 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id
uIHtdK0-wGACXTDSgbzbaOb7gouzyfRz0yk2PsiRUjC4oHYZZdTxKA==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame 3619 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=ktlghlouxp&e=1786821995930
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3932261664946246815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-87.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
73031
content-encoding
br
content-type
text/html
date
Tue, 04 Oct 2022 08:46:57 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id
ccID_HSDtlPhl05PScbkLsk7T22q1wj0t9DTYTMzboPwKHrJM4P2RQ==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame 15CB 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=cbafbqyzha&e=1786821995930
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3932261664946246815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-87.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
73031
content-encoding
br
content-type
text/html
date
Tue, 04 Oct 2022 08:46:57 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id
SQplVJWUbblDBk_Bk1zPwbBsdOj_k7xMp_ooBsk4j8b6okCFs_CiEg==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame FF4F 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=nemtdqdon&e=1786821995930
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3932261664946246815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-87.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
73031
content-encoding
br
content-type
text/html
date
Tue, 04 Oct 2022 08:46:57 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id
hhiGTRbLz8iDNUENQCiYi2YD-Clm8GJFnw8H85PT7xVDSEAlVzMlRQ==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame A55D 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=fklemz&e=1786821995930
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3932261664946246815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-87.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
73031
content-encoding
br
content-type
text/html
date
Tue, 04 Oct 2022 08:46:57 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id
RrV7X6uUSS6c8kc5iYm9PznuqPGvzcYzQNlMrhDzTJVelvzbRFhOjg==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame BC30 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=gymqprfj&e=1786821995930
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3932261664946246815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-87.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
73031
content-encoding
br
content-type
text/html
date
Tue, 04 Oct 2022 08:46:57 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id
u0NXNBort7fvZfV0-pZfRfIpXyXKiYx7q7SggoyUHQ3eYkiWghrGZA==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame FCBF 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=cgjxxle&e=1786821995930
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3932261664946246815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-87.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
73031
content-encoding
br
content-type
text/html
date
Tue, 04 Oct 2022 08:46:57 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id
IWquUZEgG5niKb71dA2h_JgdnFyUXzMbnX_3TyU5h5axWnnqLzxsiw==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame 4106 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=tlmpocx&e=1786821995930
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3932261664946246815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-87.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
73031
content-encoding
br
content-type
text/html
date
Tue, 04 Oct 2022 08:46:57 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id
Mmb9pWgwZbU4paZ1UmZSwQvtX2Z9i7fBjvyTOWPb0TOF6OR-3KcscA==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame C7D2 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=oyfdjywa&e=1786821995930
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3932261664946246815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-87.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
73031
content-encoding
br
content-type
text/html
date
Tue, 04 Oct 2022 08:46:57 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id
S9wOZGVYMHGe-IAoVpc456PBhYmDHh6_Bu6DpUWaBwivxbtQ2xZafA==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame C9A9 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=ihgvalvhu&e=1786821995930
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3932261664946246815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-87.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
73031
content-encoding
br
content-type
text/html
date
Tue, 04 Oct 2022 08:46:57 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id
ISNRHscDmlhWFFjNMS7QL4mgtDoHdmFrGrMrAj1eLzjwoC91sK7nkw==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame 1069 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=snhgrrt&e=1786821995930
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3932261664946246815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-87.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
73031
content-encoding
br
content-type
text/html
date
Tue, 04 Oct 2022 08:46:57 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id
dAG0BURiDabXZot0spczEzb-uj7DGO4jeSGn43GaY_NoB_u-n5a38w==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
p.html
sholke.com/r/ Frame 9231 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sholke.com/r/p.html?f=deriin&e=1786821995930
Requested by
Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3932261664946246815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-87.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
73031
content-encoding
br
content-type
text/html
date
Tue, 04 Oct 2022 08:46:57 GMT
etag
W/"5cf55433b12622d72185936eb7379e13"
last-modified
Wed, 08 Jun 2022 20:58:01 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id
XhaQtB3Gp42qEVWKAPO_lVF5-P_xQux1zlTmN4bjtt8eEnBwZw7DLg==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache
Hit from cloudfront
b
mxtads.com/6238012052/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mxtads.com/6238012052/b
Requested by
Host: aurabom.ru
URL: https://aurabom.ru/player/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.196.39.165 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6845b6896e74c6be8da223ccf09aa5556c1bb53bd3b947c1f91408e8df31871f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
private
Date
Wed, 05 Oct 2022 05:04:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Oct 2022 05:04:07 GMT
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=0
Connection
close
Expires
Wed, 05 Oct 2022 05:04:07 GMT
prebid6.15.0.js
hb.adpone.com/ Frame D4F0 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=shkmyqoh&e=1786821995930
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EMZ5Q9SASTZY4Y5Q
age
6437
x-amz-id-2
rtqE7lSkD1Qq7flBk9KK0SyWpIRb+pFWSUiTgEch/lh71SSXtK2DENw5qYHEdf4VgYuw05pJ/jY4xi8INZEGOA==
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhnV2QK9qobD2SIdTYf8GPo%2Fr6JfWZGivfWdLMXFDwqlOAtPCnFMwuzLT0ZDU0Rjq3QQM%2Bz%2BQ3PqtWjid8OhOoRi6wG98q%2FrxBsTnt%2FLKR7NRzHNG%2Bzc5p%2FmnwJlM4jN2Qkz4uA%2BM8Y%2BvJk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75539d5e4ffae630-LHR
prebid6.15.0.js
hb.adpone.com/ Frame 082A 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=geafdakmvm&e=1786821995930
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EMZ5Q9SASTZY4Y5Q
age
6437
x-amz-id-2
rtqE7lSkD1Qq7flBk9KK0SyWpIRb+pFWSUiTgEch/lh71SSXtK2DENw5qYHEdf4VgYuw05pJ/jY4xi8INZEGOA==
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AYLTfOJVVpOLDryPB6fIc0dVui3vUw1vhJNqvYzVxIgkiZlBLvpWwjMINJdosJ80YHjgn55sumP1HAkusFizbQKe%2BhEsmKNpxr2tfzh5Hha4Mhii8s0KbHKKdGEREDL%2BqNHitUL%2B32maizQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75539d5e5802e630-LHR
prebid6.15.0.js
hb.adpone.com/ Frame 6B06 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=jbsaxzrm&e=1786821995930
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EMZ5Q9SASTZY4Y5Q
age
6437
x-amz-id-2
rtqE7lSkD1Qq7flBk9KK0SyWpIRb+pFWSUiTgEch/lh71SSXtK2DENw5qYHEdf4VgYuw05pJ/jY4xi8INZEGOA==
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvohLUA9FfSwPUc1yWv3a8SOGGLNakNQ88c%2FAvlxZAKQylPd8hf2x8Ug%2BvEBLRCnIu3QtbEab2NNEzHULv7foxJtMfRZqNeBpVp%2FaQ0wqKqo6dhcqh%2F7pAFynGcGEKwkWGwrbMwQ6DnBX6o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75539d5e780fe630-LHR
prebid6.15.0.js
hb.adpone.com/ Frame 3619 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=ktlghlouxp&e=1786821995930
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EMZ5Q9SASTZY4Y5Q
age
6437
x-amz-id-2
rtqE7lSkD1Qq7flBk9KK0SyWpIRb+pFWSUiTgEch/lh71SSXtK2DENw5qYHEdf4VgYuw05pJ/jY4xi8INZEGOA==
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wv2ZiNqDGlP31ymwMNx2okwpwpP%2Fjy2501%2BJhE%2F9XKiEc0ieWrqAFi6oKsJpB6xOljAhhmG8E3KeWhHzfYHn24ydnwjrG2AFgdRgAIPN%2B8nYNsMTBcpwfmuZl30qzkNN5UlAmI%2F4kQbDNak%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75539d5ea82ae630-LHR
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=996524046&t=pageview&_s=1&dl=https%3A%2F%2Ffriends.in.ua%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=449182672&gjid=2141302497&cid=280957019.1664946246&tid=UA-57015589-1&_gid=749856625.1664946246&_r=1&gtm=2oua30&z=1700110592
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://friends.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://friends.in.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-57015589-1&l=viboomGa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 05 Oct 2022 03:15:57 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6490
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 05 Oct 2022 05:15:57 GMT
prebid6.15.0.js
hb.adpone.com/ Frame 15CB 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=cbafbqyzha&e=1786821995930
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EMZ5Q9SASTZY4Y5Q
age
6437
x-amz-id-2
rtqE7lSkD1Qq7flBk9KK0SyWpIRb+pFWSUiTgEch/lh71SSXtK2DENw5qYHEdf4VgYuw05pJ/jY4xi8INZEGOA==
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4xKoLVH4NO%2FiWYwYj3orZZEoPW0SOz9png9r6XmWDynMx90P6yG7mgNZkm0nxsTTElpN4vSH71lrPWbBf1c85IGjcviIoENlUPShw%2BqZEkMRJK%2FH9NHp8GHcNYts9zQXfaEuFNLztf6jsU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75539d5ee843e630-LHR
prebid6.15.0.js
hb.adpone.com/ Frame FF4F 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=nemtdqdon&e=1786821995930
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EMZ5Q9SASTZY4Y5Q
age
6437
x-amz-id-2
rtqE7lSkD1Qq7flBk9KK0SyWpIRb+pFWSUiTgEch/lh71SSXtK2DENw5qYHEdf4VgYuw05pJ/jY4xi8INZEGOA==
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gSOqxoo%2FE%2FBZTK99QmK27HC9w8EM%2FZhbTC0%2F%2FrO6%2FrbdZSR0oG1iU4tP%2FOGnDnqX9ooP7PuM7uoY%2FTLxU2JGLMARTRtfG4zwvVgfN5iv2pSz4Kj9NN1ouXcnrZBXUYAZRYp9beb6xIkkTA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75539d5f1853e630-LHR
cdb
bidder.criteo.com/ Frame 01E7 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.28.0&cb=71912382972
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.28.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://friends.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://friends.in.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 01E7 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.28.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b25afe836fe01228950b19da4d18283305bf86d810c9c29f1aaa0b54987c098e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://friends.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:07 GMT
AN-X-Request-Uuid
a4ac7f8a-0581-49d3-9e29-8b2343f840be
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://friends.in.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 01E7 		171 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.28.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://friends.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:07 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://friends.in.ua
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
1
mc.yandex.ru/watch/36124145/
Redirect Chain
  • https://mc.yandex.ru/watch/36124145?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A1080%3Afu%3A0%3Aen%3Autf-8%3Ala...
  • https://mc.yandex.ru/watch/36124145/1?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A1080%3Afu%3A0%3Aen%3Autf-8%3A...
439 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/36124145/1?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A1080%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1002476763303%3Ahid%3A19899889%3Az%3A0%3Ai%3A20221005050407%3Aet%3A1664946248%3Ac%3A1%3Arn%3A258156370%3Arqn%3A1%3Au%3A166494624878543126%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C88%2C607%2C42%2C110%2C0%2C%2C753%2C19%2C%2C%2C%2C1601%3Acpf%3A1%3Ans%3A1664946244793%3Arqnl%3A1%3Ast%3A1664946248%3At%3A%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8cb9f3311deb33c6fa63d01af5dee7bc21943abf45f767093d8587c7210757ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 05-Oct-2022 05:04:08 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://friends.in.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
439
x-xss-protection
1; mode=block
expires
Wed, 05-Oct-2022 05:04:08 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:07 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 05-Oct-2022 05:04:07 GMT
location
/watch/36124145/1?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A1080%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1002476763303%3Ahid%3A19899889%3Az%3A0%3Ai%3A20221005050407%3Aet%3A1664946248%3Ac%3A1%3Arn%3A258156370%3Arqn%3A1%3Au%3A166494624878543126%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C88%2C607%2C42%2C110%2C0%2C%2C753%2C19%2C%2C%2C%2C1601%3Acpf%3A1%3Ans%3A1664946244793%3Arqnl%3A1%3Ast%3A1664946248%3At%3A%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
access-control-allow-origin
https://friends.in.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 05-Oct-2022 05:04:07 GMT
prebid6.15.0.js
hb.adpone.com/ Frame A55D 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=fklemz&e=1786821995930
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EMZ5Q9SASTZY4Y5Q
age
6437
x-amz-id-2
rtqE7lSkD1Qq7flBk9KK0SyWpIRb+pFWSUiTgEch/lh71SSXtK2DENw5qYHEdf4VgYuw05pJ/jY4xi8INZEGOA==
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SH2QnjJfZS8hLB9KkefQabq7UKCeTbJYeHPY0NfJ1MPmWaYjHTOHdZHW%2FugI7bM4Mqe%2FlcCeq374goT0tK9%2F9KjnJx%2BSZaNKVPNJtsyQQHz40CgxRPBmbJTPB3lv0k2As%2FPmzTFv%2FPfpxAw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75539d5fb888e630-LHR
prebid6.15.0.js
hb.adpone.com/ Frame BC30 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=gymqprfj&e=1786821995930
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EMZ5Q9SASTZY4Y5Q
age
6437
x-amz-id-2
rtqE7lSkD1Qq7flBk9KK0SyWpIRb+pFWSUiTgEch/lh71SSXtK2DENw5qYHEdf4VgYuw05pJ/jY4xi8INZEGOA==
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HAQ2VspkezWXnOOELNrEfsR3VGHsHYMSj%2BQRsQbj7%2BpFlyKia51eE4ZQQ1t2LKQ3%2FHIZjU0WkMFS0uB2e2y6dhLfn05C6btnJ%2BSmxpu4BuGt4Nh0y59DAPxY9s8pY8JX%2FIy2LaY7Bt%2BiB6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75539d5fc890e630-LHR
pixel.js
x01.aidata.io/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=f066c4adb2048ac01caf6e9cf8fac0bb&v=1664946247655&url=https%3A%2F%2Ffriends.in.ua%2F&is_js_referrer=1&origin_referrer=
Requested by
Host: x01.aidata.io
URL: https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=f066c4adb2048ac01caf6e9cf8fac0bb&v=1664946246998
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51803.reg.regrucolo.ru
Software
nginx /
Resource Hash
2228a0b683bc8f4fb23a7ae799d6d6a0effc8143b0d4cff7d0f74f5c30ab5717

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:07 GMT
content-encoding
gzip
last-modified
Wed, 05 Oct 2022 05:04:06 GMT
server
nginx
access-control-allow-methods
GET, POST
content-type
application/javascript
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Wed, 05 Oct 2022 05:04:06 GMT
prebid6.15.0.js
hb.adpone.com/ Frame FCBF 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=cgjxxle&e=1786821995930
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EMZ5Q9SASTZY4Y5Q
age
6437
x-amz-id-2
rtqE7lSkD1Qq7flBk9KK0SyWpIRb+pFWSUiTgEch/lh71SSXtK2DENw5qYHEdf4VgYuw05pJ/jY4xi8INZEGOA==
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PLugw%2B9%2FBqhVix9zlF5TkAd22ZdNhwBfKJ9uGTPSgaHKhvrdnT1G%2BY9KjrDhp2D8AflonazvMDu4BAFxhvVyEr1gcNKhpIiS%2BrcVML%2FXKJ3ZqMcVzrg78vjJ0ZDbbp3SZROBqNxSyaJZ58%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75539d5ff8a4e630-LHR
prebid6.15.0.js
hb.adpone.com/ Frame 4106 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=tlmpocx&e=1786821995930
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EMZ5Q9SASTZY4Y5Q
age
6437
x-amz-id-2
rtqE7lSkD1Qq7flBk9KK0SyWpIRb+pFWSUiTgEch/lh71SSXtK2DENw5qYHEdf4VgYuw05pJ/jY4xi8INZEGOA==
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IyQheL0jTKcY7lO77kFPVpFgiM9KTRA%2FqAvkJTE4v2Q%2FJHRw9RFvtG7Cqai4sI9J1r9eltjPeF0ZgPSGyTQ1Q%2FMiOn0Ek0sJ8ANv5wiyF21jQcWHkRxGv6uBS3t%2FAMHxKBpuhHOG%2FP4G%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75539d6058cee630-LHR
prebid6.15.0.js
hb.adpone.com/ Frame C7D2 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=oyfdjywa&e=1786821995930
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EMZ5Q9SASTZY4Y5Q
age
6437
x-amz-id-2
rtqE7lSkD1Qq7flBk9KK0SyWpIRb+pFWSUiTgEch/lh71SSXtK2DENw5qYHEdf4VgYuw05pJ/jY4xi8INZEGOA==
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTeLBv7nl6Rnp3wmzm%2BIk42I8rE4WC8NwIdXiiW%2FVwnS1%2FFpN41hqBSRHIeAJ0KZKBKxTWlMMi8YecA3pr0%2BwDEt0saxBUrukrc%2Fpsb5WzXvUX6gMmK%2F3dffusnaEpfgkTB91X%2B2qSKanIk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75539d6068d2e630-LHR
prebid6.15.0.js
hb.adpone.com/ Frame C9A9 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=ihgvalvhu&e=1786821995930
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EMZ5Q9SASTZY4Y5Q
age
6437
x-amz-id-2
rtqE7lSkD1Qq7flBk9KK0SyWpIRb+pFWSUiTgEch/lh71SSXtK2DENw5qYHEdf4VgYuw05pJ/jY4xi8INZEGOA==
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJL9dRFK%2BXm7T%2FBfrHi29ae075jz%2FnuCkE2PcyFqpHDBmehi8EshwmCA5jzsE1dKCFUBDqShXG%2FkNBqno4wFVeMW6f9WJ02EVcsGVCNyrWd40KL8QAiJ4c5%2B7Wui3EXtAmbO%2BtKgY5FxRIc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75539d6078dfe630-LHR
prebid6.15.0.js
hb.adpone.com/ Frame 1069 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=snhgrrt&e=1786821995930
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EMZ5Q9SASTZY4Y5Q
age
6437
x-amz-id-2
rtqE7lSkD1Qq7flBk9KK0SyWpIRb+pFWSUiTgEch/lh71SSXtK2DENw5qYHEdf4VgYuw05pJ/jY4xi8INZEGOA==
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNBSM0Gawioco9m2GMxyzZJnU2Fj0NRODfO7ih2VNRLs%2FSCc%2B%2BT6ebEZ63%2Fkr3264yuRgyZ4YSZ3uaTeq4enHLg7zrRpSKk%2Fe7J7ImjEGxIEbtve%2B76Nm2%2Fm%2FokYfWTjDwevc%2BYE%2FXyPzOU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75539d60a8ede630-LHR
prebid6.15.0.js
hb.adpone.com/ Frame 9231 		368 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid6.15.0.js
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=deriin&e=1786821995930
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
x-amz-version-id
xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EMZ5Q9SASTZY4Y5Q
age
6437
x-amz-id-2
rtqE7lSkD1Qq7flBk9KK0SyWpIRb+pFWSUiTgEch/lh71SSXtK2DENw5qYHEdf4VgYuw05pJ/jY4xi8INZEGOA==
last-modified
Wed, 30 Mar 2022 09:13:54 GMT
server
cloudflare
etag
W/"ead6e8c23bf835688215d35a6b357336"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h31njRBBg4rjyOna4DkY0pGBsU04VYLGFVvInMUFN6f2X5oe6lM5bm4iyO7doKKqkiXRzLzI%2BvgiaIlQBcLJ2i%2FkuGcFYGtBI6%2FeSYvVDFuOJLsQnhAEDPuNK%2FVM3n6PjYRL1k%2BqvUAUunE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75539d60f90be630-LHR
pubads_impl_2022092901.js
securepubads.g.doubleclick.net/gpt/ Frame 01E7 		376 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54a6606bed93bee86d6763cdc2f435c3501de5b129044f7896fda2080e9d5caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 11:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
496710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130415
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 08:35:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 29 Sep 2023 11:05:38 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 01E7 		73 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=friends.in.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cee490fdb12f5a7b47e3c3cb6c07082dbb80d36bac565762799456fde264424d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72
x-xss-protection
0
expires
Wed, 05 Oct 2022 05:04:08 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 04 Oct 2022 10:25:54 GMT
etag
"633be002-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 05 Oct 2022 06:04:07 GMT
v1
prg.smartadserver.com/prebid/ Frame 082A 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:07 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 082A 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=50766868938
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 082A 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
defb36c068311c70e18e287848d67e949bf28231fbda84f8195230af93264ffe
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
AN-X-Request-Uuid
48e05497-4d7d-408d-b854-47fc2756f9b6
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame D4F0 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9ca899b0ece9e303d13aa03a73f1e0506537e2a9c3d4eaa17ec74b626944afc0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
AN-X-Request-Uuid
57f80edb-ca7c-4c56-a3c5-a5ea0d712945
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame D4F0 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=91108730748
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame D4F0 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:07 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 6B06 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:07 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 6B06 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
99f22b41ec6e96d685dfaad61b30fd290392a7533e58ce523dcf9eee53d459f8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4f2f31ae-dfe6-4443-a9f7-fa4ba92c4769
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 6B06 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=46724491350
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 3619 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7d3a7e7199b391db7fb524f30850024e5d78d0cc0351b6b19d64df33c054c2dc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e3fc9db9-4b1a-4a8d-a88a-ae38b537f89f
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 3619 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:07 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 3619 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=13720898895
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame FF4F 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:07 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame FF4F 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
aa7b6be652ae0d71e1a84a2dc95aea3ba4882b51f947182450c860573ba56be0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a60b6c74-747a-4d54-87c1-1c6fd0b5bbf6
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame FF4F 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=69588402420
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
cdb
bidder.criteo.com/ Frame 15CB 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=12378427110
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 15CB 		138 B
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
eb3a9257c5a34558ff23fc6805d348b2b173f77d971f0f1ac116abb213bf314a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
AN-X-Request-Uuid
a5917b0a-10ab-4658-96e4-dfa500d3ca35
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 15CB 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:07 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame BC30 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=27299032349
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame BC30 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4a75c66f062272ef990890d3c3f5512acd5b226d96ff6b681be45940bbfd5e34
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
AN-X-Request-Uuid
5a38ba4a-bd53-4cfc-932c-49d0ab7c8d7d
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame BC30 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:07 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame C7D2 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f503f946755018ce89f4d10e137a20764541934ab6f84151b3f5a753046c07f6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
eb33eb32-5346-4355-bd94-ffba5c9f94da
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame C7D2 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:07 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame C7D2 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=76402571254
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame A55D 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
363ccdf06428224471488086dcb2003cb37375978a93cee3dc0f04536d4a0de6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
AN-X-Request-Uuid
54ce9b9c-0559-4715-8fb2-f1563a9d8000
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame A55D 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:07 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame A55D 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=87654715093
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 4106 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:07 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 4106 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=61375309925
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 4106 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
25e06362bf019c5bca6144ff1f865cd9d4b6dc71961b63f102f00ac3dc47dc44
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
AN-X-Request-Uuid
3320708b-75ad-4f64-9934-6951bcd682bc
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame C9A9 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:07 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame C9A9 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b0f87452b6c5dfe646057214eec42f400d6f9e8597a9676f633de1838b359f2d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2532874b-910f-46e5-ae35-3b1735497140
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame C9A9 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=22198188947
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame FCBF 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:07 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame FCBF 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7258e5031b7e0c11836aa6f93982492a25dbb5aaa757eb580257ec1fbc1d9cb0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bb49a6ab-4641-4168-b5f6-f5564969dcd9
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame FCBF 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=26534177279
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
v1
prg.smartadserver.com/prebid/ Frame 1069 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:07 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 1069 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=78199270777
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 1069 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c5008a39ea338d4746654aabff5c6cc84f1f2dfebe07c0235b12f3684ff61951
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
af7b1913-6ee7-421a-81ce-82e5c89dc212
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 9231 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
53ed2416e0f25590e6b400cf443e06615a0b40cddbf5a90eda5cead01b78c4b9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3092eed6-b705-43f9-87fd-15333ff2284a
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 9231 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sholke.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 9231 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=54232403159
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:04:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://sholke.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1034840951493578&plah=friends.in.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a97341f8b59d56b7c3e87a0370d63376122b0c9d680a1e20f15870d7d4bd83d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11125
x-xss-protection
0
stats
x01.aidata.io/ Frame 79F6 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/stats?pixel=VIBOOM&v=1664946247655&url=https%3A%2F%2Ffriends.in.ua%2F&is_js_referrer=1&origin_referrer=&pid=VIBOOM&js=1&sid=760581a50189438f87e4cc5160cb15cd&__upin=GUhsHCRIUb7W4q27fB+pkQ&id=f066c4adb2048ac01caf6e9cf8fac0bb&url=https%3A%2F%2Ffriends.in.ua%2F&payload=%7B%22event%22%3A%22referrer%22%2C%22type%22%3A%22referrer%22%2C%22data%22%3A%7B%22value%22%3A%22%22%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51803.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
server
nginx
0.gif
x01.aidata.io/ Frame 79F6
Redirect Chain
  • https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
  • https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Protocol
H2
Server
89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51803.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:08 GMT
last-modified
Wed, 05 Oct 2022 05:04:07 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Wed, 05 Oct 2022 05:04:07 GMT

Redirect headers

Location
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Date
Wed, 05 Oct 2022 05:04:08 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Connection
keep-alive
Content-Length
324
Content-Type
text/html; charset=iso-8859-1
pixel.js
x01.aidata.io/ Frame 79F6 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=f066c4adb2048ac01caf6e9cf8fac0bb&url=https%3A%2F%2Ffriends.in.ua%2F&v=1664946248204&is_js_referrer=1&es_name=GA&es_uid=280957019.1664946246
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51803.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
last-modified
Wed, 05 Oct 2022 05:04:07 GMT
server
nginx
access-control-allow-methods
GET, POST
content-type
application/javascript
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Wed, 05 Oct 2022 05:04:07 GMT
pixel.js
x01.aidata.io/ Frame 79F6 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=f066c4adb2048ac01caf6e9cf8fac0bb&url=https%3A%2F%2Ffriends.in.ua%2F&v=1664946248204&is_js_referrer=1&es_name=YM&es_uid=166494624878543126
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51803.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
last-modified
Wed, 05 Oct 2022 05:04:07 GMT
server
nginx
access-control-allow-methods
GET, POST
content-type
application/javascript
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Wed, 05 Oct 2022 05:04:07 GMT
integrator.js
adservice.google.co.uk/adsid/ Frame 01E7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=friends.in.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 01E7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=friends.in.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 01E7 		574 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3852460161047042&correlator=4107176477551089&eid=31068458%2C31067826&output=ldjh&gdfp_req=1&vrg=2022092901&ptt=17&impl=fifs&iu_parts=21671350435%3A22643588514%2C300x600-friends.in.ua&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=651839845&sfv=1-0-38&fsapi=false&eri=1&sc=1&cookie=ID%3D2b344166dd3221cf-2258acea3ace00cb%3AT%3D1664946246%3ART%3D1664946246%3AS%3DALNI_MZWrsLZsXhHQRID5EasKBwARUkmfQ&abxe=1&dt=1664946248262&lmt=1664946248&dlt=1664946247125&idt=1110&adxs=1115&adys=100&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=rvr533yw7hou&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Ffriends.in.ua%2F&ref=https%3A%2F%2Ffriends.in.ua%2F&top=https%3A%2F%2Ffriends.in.ua%2F&frm=23&vis=1&psz=300x600&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=280957019.1664946246&ga_sid=1664946248&ga_hid=171372741&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4583b20b71a970b8b8c1b628041b948635a6a06bb8d229c51046376dae3c80f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
308
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://friends.in.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 01E7 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b62e41470c1ea230f6c98660f2fd4f8f43a2617762988c848d78b46aeb669c61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11129
x-xss-protection
0
container.html
9a542a62a474b891d7e38d3a57fb71a5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A24D 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9a542a62a474b891d7e38d3a57fb71a5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 05:04:08 GMT
expires
Thu, 05 Oct 2023 05:04:08 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
script.js
acdn.adnxs-simple.com/strikeforce/ Frame 40AE 		119 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
309fb9d17db1beaf94bbdbc62c9a6d764b7574af63db15442c19a5257a038327

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
Wed, 28 Sep 2022 05:11:20 GMT
Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
85955
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
42434
X-Served-By
cache-lga13622-LGA, cache-lcy19263-LCY
Last-Modified
Tue, 13 Sep 2022 17:35:58 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1664946248.453430,VS0,VE0
ETag
W/"6320bf7e-1dca8"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
6, 32560
durly.js
c.evidon.com/ Frame 40AE 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=600
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b3d7038e6de59b491dbd1106574b963cfd9c86132da7ad98adf20497ab64dca6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 17:48:38 GMT
server
AkamaiNetStorage
etag
"77eac3ea1e7d41656b54c0d2b88123bb:1664387318.736431"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
1606
tfav_adl_68.js
j.adlooxtracking.com/ads/js/ Frame 40AE 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.24.88 , France, ASN16276 (OVH, FR),
Reverse DNS
js14.adlooxtracking.com
Software
nginx/1.15.8 /
Resource Hash
2ebd8f4b206d3cc70d859e3b0c7dfb47e21f79b0d925a50a94353334e8c72e5d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Dec 2021 10:09:54 GMT
Server
nginx/1.15.8
ETag
W/"61b86d72-ffba"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=3600
Connection
keep-alive
px
go.affec.tv/ Frame 40AE
Redirect Chain
  • https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=7333661205868930011&tag_id=21752842&creative_id=337423894&creative_size=300x600&reserve_price=0&price_paid=0.04438&bid_price=0.07973&ecp=0....
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D633d10483eb8100001fef25f%26chc%3Daf%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx
  • https://map.go.affec.tv/map/an/7069281149188091664?ch=633d10483eb8100001fef25f&chc=af&gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
  • https://go.affec.tv/px
43 B
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.affec.tv/px
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=jbsaxzrm&e=1786821995930
Protocol
H2
Server
63.32.155.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-155-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4842e7f28ce31b8044560bb63762638d957dae394c1b18b24808a2d459886d4c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-length
43
content-type
image/gif

Redirect headers

location
//go.affec.tv/px
date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
content-length
71
vary
Accept-Encoding
content-type
text/html; charset=utf-8
trk.js
cdn.adnxs.com/v/s/228/ Frame 40AE 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/228/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
17ea00f45c87696eea458d8499980bc6bfd9f4eab9f4d351cf0b71e1578a5adf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
Thu, 21 Sep 2023 09:19:52 GMT
Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1194256
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29297
X-Served-By
cache-lga21929-LGA, cache-lcy19252-LCY
Last-Modified
Wed, 21 Sep 2022 09:19:38 GMT
Server
AkamaiNetStorage
X-Timer
S1664946248.383345,VS0,VE0
ETag
"8675c94c6eb0b952165c5ba715b70918:1663751978.592998"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
3, 104055
it
ams3-ib.adnxs.com/ Frame 40AE 		0
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QLSDPDtUgYAAAMA1gAFAQjIoPSZBhDbx4W3rsCZ42UYkN7ilYK4yI1iKjYJa1AYU-m4pj8RCu1sSV1goD8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeM_0BYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFmNENoZmdpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall3T0RUZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFYRUw1QUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQFAQzRCZ28umgKZASFRUnowY1E6ZQIsSXV5bFFFZ0FDZ0FNHc0ET2cukQFAUkF1QzlKdUZoUmcya1k3RDkdeQBCHXkMQmhtcCljDHFUOXAJgQEBBEJ4AQYJARBCNEFJazVs9IEBOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTA2qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDTk3NyNBTVMzOjYwODTaBAIIAeAEAfAEltzyoAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUn-gUECAAQAJAGAJgGAKIGDzEwMjY0I0FNUzM6NTkwNLgGAMEGAAAAAAAA8D_QBuUC2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGggEI87wxEnxPeFBsQjFrQUFBQURBQWtDQlFFSW01alFCUkRzZ000QkdLMnhZQ0FIS0FCQW9OUzVBa2pZOWZRRFVMZ3ZXSkF1Y1FBQUFBQUEhlhBlQUNCQVGjWEFBQWlBRUFrQUVBbWdFQ0NBQ29BUUN4LiAAkIAHAYgHAKAHAboHDwgAEAAYACAAMAA4jwlAAMgHz_QF0gcNCQANugEeCNoHBgknaOAHAOoHAggA8Aful0uKCAIQAJUIAACAP5gIAQ..&s=92b53c4a98f4f6454a6f60a39ab8a45ae540bd6f
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
AN-X-Request-Uuid
6afa8cac-c704-407c-bb88-8e0ddfee197f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
t.illuma-tech.com/ Frame 40AE 		43 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.illuma-tech.com/img?adv_id=3671963&auction_id=7333661205868930011&cpg_id=15507930&cp_id=0&referer_url_enc=https%253A%252F%252Ffriends.in.ua%252F&tag_id=21752842&creative_id=337423894
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.76.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-76-91.eu-west-1.compute.amazonaws.com
Software
uvicorn /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 05 Oct 2022 05:04:08 GMT
server
uvicorn
bsredirect5.js
rtbcdn.doubleverify.com/ Frame B951 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_500470871311
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5885a54db7d6039ea505d57f5642e5e8ac558befd30a24422bc3933e0e103aaa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 11:08:56 GMT
Server
Microsoft-IIS/10.0
ETag
"c9b648bb97bbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
843
durly.js
c.evidon.com/ Frame B951 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=600
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b3d7038e6de59b491dbd1106574b963cfd9c86132da7ad98adf20497ab64dca6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 17:48:38 GMT
server
AkamaiNetStorage
etag
"77eac3ea1e7d41656b54c0d2b88123bb:1664387318.736431"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
1606
tfav_adl_68.js
j.adlooxtracking.com/ads/js/ Frame B951 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.24.88 , France, ASN16276 (OVH, FR),
Reverse DNS
js14.adlooxtracking.com
Software
nginx/1.15.8 /
Resource Hash
2ebd8f4b206d3cc70d859e3b0c7dfb47e21f79b0d925a50a94353334e8c72e5d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Dec 2021 10:09:54 GMT
Server
nginx/1.15.8
ETag
W/"61b86d72-ffba"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=3600
Connection
keep-alive
px
go.affec.tv/ Frame B951
Redirect Chain
  • https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=1020635960482417400&tag_id=21752842&creative_id=337423897&creative_size=300x600&reserve_price=0&price_paid=0.050271&bid_price=0.07973&ecp=0...
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D633d104895adfc000177fe39%26chc%3Daf%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx
  • https://map.go.affec.tv/map/an/7069281149188091664?ch=633d104895adfc000177fe39&chc=af&gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
  • https://go.affec.tv/px
43 B
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.affec.tv/px
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=ktlghlouxp&e=1786821995930
Protocol
H2
Server
63.32.155.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-155-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4842e7f28ce31b8044560bb63762638d957dae394c1b18b24808a2d459886d4c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-length
43
content-type
image/gif

Redirect headers

location
//go.affec.tv/px
date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
content-length
71
vary
Accept-Encoding
content-type
text/html; charset=utf-8
trk.js
cdn.adnxs.com/v/s/228/ Frame B951 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/228/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
17ea00f45c87696eea458d8499980bc6bfd9f4eab9f4d351cf0b71e1578a5adf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
Thu, 21 Sep 2023 09:19:52 GMT
Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1194256
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29297
X-Served-By
cache-lga21929-LGA, cache-lcy19229-LCY
Last-Modified
Wed, 21 Sep 2022 09:19:38 GMT
Server
AkamaiNetStorage
X-Timer
S1664946248.383832,VS0,VE0
ETag
"8675c94c6eb0b952165c5ba715b70918:1663751978.592998"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
3, 846335
it
ams3-ib.adnxs.com/ Frame B951 		0
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QLSDPDtUgYAAAMA1gAFAQjIoPSZBhD4la3s-d-BlQ4YkN7ilYK4yI1iKjYJ4sm_lCe9qT8RTCjIfe-Moj8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJnc8qABWIuylQFgAGj-4LABeLDxBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeADByJywgMzM3NDIzODk3Nh8A8LCSAuEEIXVJQkRxUWltbmZvWEVKbmM4cUFCR0FBZ2k3S1ZBVEFBT0FCQUFFalJCMUNLMks4S1dBQmdtQVZvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFHb0FRR3dBUUM1QVotUkNiS0Y2N0Vfd1FGY1FjWmdGbW0wUDhrQkFBQUFBQUFBOERfWkFiaFlVWU5wR093XzRBSGQ3SVVDOVFFcFhJODltQUlBb0FJQnRRSUEBMwh2UUkBB9hBd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNWENPZUx1eVFRQWhnQkxRBTvwYXlCMlJsWm1GMWJIUzZBd2xCVFZNek9qVTVPVGpnQTdndmdBU0d1ZmNJaUFUaTdxTUprQVFCbUFRQnNnUUtDTkQwNXdrUThOV2REYm9FR2dpRkJCR2FtWm1abVptcFB4a0FBBWc4QUFBQ0RqbU9VT3dRU2FtESAIOGtFARsJARhEWUJBRHhCCQ0FAWxpQVh1THBBRjg3d3hxUVgyWFJIOGJ5WHdQN0VGBSEFAUBEQkJleFJ1QjZGNjdFX3lRVQUWFEFBRHdQOTIoAAhaQlENG_BDUEFfNEFXbFB2QUYyc095Ql9nRm00X2dBWUlHQTBkQ1VJZ0dBSkFHQVpnR0FLRUc3Rkc0SG9YcnNULW9CZ1N5QmlRSkENSwxBQUFSAQUNAQBaDQgBAQBoAQUJAUBDNEJnby6aApkBIVVSekhkZzplAixJdXlsUUVnQUNnQU0dzQxPZ2xCOZFAaEF1QzlKdUZoUmcya1k3RDkdeQBCHXkQQmhtcG0lYwxxVDlwCYEBAQRCeAEGCQEQQjRBSWs1bPSBAThEOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk2LjEwNqgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA05NzcjQU1TMzo1OTk42gQCCAHgBAHwBJnc8qABiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFJ_oFBAgAEACQBgCYBgCiBg8xMDI2NCNBTVMzOjYwMDS4BgDBBgAAAAAAAPA_0AblAtoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBoIBCPO8MRJ8bnhOQkdsa0FBQUFEQUFrQ0JRRUltNWpRQlJEc2dNNEJHSzJ4WUNBSEtBQkFvTlM1QWtqWTlmUURVTGd2V1BRdWNRQUFBQUFBIZYQZUFDQkFRo1hBQUFpQUVBa0FFQW1nRUNDQUNvQVFDeC4gAJCABwGIBwCgBwG6Bw8IABAAGAAgADAAOI8JQADIB7DxBdIHDQkADboBHgjaBwYJJ2jgBwDqBwIIAPAH7pdLiggCEACVCAAAgD-YCAE.&s=8248f1129ab1bce89437dfcdb2f22b949626258e
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
AN-X-Request-Uuid
16bf58fe-aac1-4859-942b-41d62adead58
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
t.illuma-tech.com/ Frame B951 		43 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.illuma-tech.com/img?adv_id=3671963&auction_id=1020635960482417400&cpg_id=15507930&cp_id=0&referer_url_enc=https%253A%252F%252Ffriends.in.ua%252F&tag_id=21752842&creative_id=337423897
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.76.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-76-91.eu-west-1.compute.amazonaws.com
Software
uvicorn /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 05 Oct 2022 05:04:08 GMT
server
uvicorn
bsredirect5.js
rtbcdn.doubleverify.com/ Frame 3830 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_102797483882
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5885a54db7d6039ea505d57f5642e5e8ac558befd30a24422bc3933e0e103aaa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 11:08:56 GMT
Server
Microsoft-IIS/10.0
ETag
"c9b648bb97bbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
843
durly.js
c.evidon.com/ Frame 3830 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=600
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b3d7038e6de59b491dbd1106574b963cfd9c86132da7ad98adf20497ab64dca6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 17:48:38 GMT
server
AkamaiNetStorage
etag
"77eac3ea1e7d41656b54c0d2b88123bb:1664387318.736431"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
1606
tfav_adl_68.js
j.adlooxtracking.com/ads/js/ Frame 3830 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.24.88 , France, ASN16276 (OVH, FR),
Reverse DNS
js14.adlooxtracking.com
Software
nginx/1.15.8 /
Resource Hash
2ebd8f4b206d3cc70d859e3b0c7dfb47e21f79b0d925a50a94353334e8c72e5d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Dec 2021 10:09:54 GMT
Server
nginx/1.15.8
ETag
W/"61b86d72-ffba"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=3600
Connection
keep-alive
px
go.affec.tv/ Frame 3830
Redirect Chain
  • https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=2202376199574566737&tag_id=21752842&creative_id=337423894&creative_size=300x600&reserve_price=0&price_paid=0.041434&bid_price=0.07973&ecp=0...
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D633d104895adfc000177fe38%26chc%3Daf%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx
  • https://map.go.affec.tv/map/an/7069281149188091664?ch=633d104895adfc000177fe38&chc=af&gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
  • https://go.affec.tv/px
43 B
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.affec.tv/px
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=nemtdqdon&e=1786821995930
Protocol
H2
Server
63.32.155.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-155-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4842e7f28ce31b8044560bb63762638d957dae394c1b18b24808a2d459886d4c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-length
43
content-type
image/gif

Redirect headers

location
//go.affec.tv/px
date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
content-length
71
vary
Accept-Encoding
content-type
text/html; charset=utf-8
trk.js
cdn.adnxs.com/v/s/228/ Frame 3830 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/228/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
17ea00f45c87696eea458d8499980bc6bfd9f4eab9f4d351cf0b71e1578a5adf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
Thu, 21 Sep 2023 09:19:52 GMT
Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1194256
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29297
X-Served-By
cache-lga21929-LGA, cache-lcy19221-LCY
Last-Modified
Wed, 21 Sep 2022 09:19:38 GMT
Server
AkamaiNetStorage
X-Timer
S1664946248.398601,VS0,VE0
ETag
"8675c94c6eb0b952165c5ba715b70918:1663751978.592998"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
3, 862100
it
ams3-ib.adnxs.com/ Frame 3830 		0
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QLSDPDtUgYAAAMA1gAFAQjIoPSZBhDR7qrrwa-ayB4YkN7ilYK4yI1iKjYJrpNEMso2pT8R0J5-XiiUnj8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeLHzBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFZb0RsYkFpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall3TlRiZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFXb0w1QUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQFAQzRCZ28umgKZASFRQnlyY1E6ZQIsSXV5bFFFZ0FDZ0FNHc0ET2cukQFAWkF1QzlKdUZoUmcya1k3RDkdeQBCHXkMQmhtcCljDHFUOXAJgQEBBEJ4AQYJARBCNEFJazVs9IEBOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTA2qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDTk3NyNBTVMzOjYwNTbaBAIIAeAEAfAEltzyoAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUn-gUECAAQAJAGAJgGAKIGDzEwMjY0I0FNUzM6NjA2N7gGAMEGAAAAAAAA8D_QBuUC2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGggEI87wxEnxYeE9BRGxrQUFBQURBQWtDQlFFSW01alFCUkRzZ000QkdLMnhZQ0FIS0FCQW9OUzVBa2pZOWZRRFVMZ3ZXTE12Y1FBQUFBQUEhlhBlQUNCQVGjWEFBQWlBRUFrQUVBbWdFQ0NBQ29BUUN4LiAAkIAHAYgHAKAHAboHDwgAEAAYACAAMAA4jwlAAMgHsfMF0gcNCQANugEeCNoHBgknaOAHAOoHAggA8Aful0uKCAIQAJUIAACAP5gIAQ..&s=a0ddabc4c41de53e16ecf47a2a622f01f810db1e
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
AN-X-Request-Uuid
a74ba7c3-d2d2-4f96-999e-6bc044d957cb
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
t.illuma-tech.com/ Frame 3830 		43 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.illuma-tech.com/img?adv_id=3671963&auction_id=2202376199574566737&cpg_id=15507930&cp_id=0&referer_url_enc=https%253A%252F%252Ffriends.in.ua%252F&tag_id=21752842&creative_id=337423894
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.76.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-76-91.eu-west-1.compute.amazonaws.com
Software
uvicorn /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 05 Oct 2022 05:04:08 GMT
server
uvicorn
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1034840951493578&plah=friends.in.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Oct 2022 05:04:08 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 01E7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Oct 2022 05:04:08 GMT
bsredirect5.js
rtbcdn.doubleverify.com/ Frame F1F1 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_684878505973
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5885a54db7d6039ea505d57f5642e5e8ac558befd30a24422bc3933e0e103aaa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 11:08:56 GMT
Server
Microsoft-IIS/10.0
ETag
"c9b648bb97bbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
843
durly.js
c.evidon.com/ Frame F1F1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=600
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b3d7038e6de59b491dbd1106574b963cfd9c86132da7ad98adf20497ab64dca6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 17:48:38 GMT
server
AkamaiNetStorage
etag
"77eac3ea1e7d41656b54c0d2b88123bb:1664387318.736431"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
1606
tfav_adl_68.js
j.adlooxtracking.com/ads/js/ Frame F1F1 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.24.88 , France, ASN16276 (OVH, FR),
Reverse DNS
js14.adlooxtracking.com
Software
nginx/1.15.8 /
Resource Hash
2ebd8f4b206d3cc70d859e3b0c7dfb47e21f79b0d925a50a94353334e8c72e5d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Dec 2021 10:09:54 GMT
Server
nginx/1.15.8
ETag
W/"61b86d72-ffba"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=3600
Connection
keep-alive
px
go.affec.tv/ Frame F1F1
Redirect Chain
  • https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=361279077131230550&tag_id=21752842&creative_id=337423894&creative_size=300x600&reserve_price=0&price_paid=0.056163&bid_price=0.07973&ecp=0....
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D633d10488f60350001844ee5%26chc%3Daf%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx
  • https://map.go.affec.tv/map/an/7069281149188091664?ch=633d10488f60350001844ee5&chc=af&gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
  • https://go.affec.tv/px
43 B
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.affec.tv/px
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=oyfdjywa&e=1786821995930
Protocol
H2
Server
63.32.155.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-155-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4842e7f28ce31b8044560bb63762638d957dae394c1b18b24808a2d459886d4c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-length
43
content-type
image/gif

Redirect headers

location
//go.affec.tv/px
date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
content-length
71
vary
Accept-Encoding
content-type
text/html; charset=utf-8
trk.js
cdn.adnxs.com/v/s/228/ Frame F1F1 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/228/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
17ea00f45c87696eea458d8499980bc6bfd9f4eab9f4d351cf0b71e1578a5adf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
Thu, 21 Sep 2023 09:19:52 GMT
Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1194256
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29297
X-Served-By
cache-lga21929-LGA, cache-lcy19252-LCY
Last-Modified
Wed, 21 Sep 2022 09:19:38 GMT
Server
AkamaiNetStorage
X-Timer
S1664946248.421756,VS0,VE0
ETag
"8675c94c6eb0b952165c5ba715b70918:1663751978.592998"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
3, 104056
it
ams3-ib.adnxs.com/ Frame F1F1 		0
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QLSDPDtUgYAAAMA1gAFAQjIoPSZBhDWusCJga3hgQUYkN7ilYK4yI1iKjYJWUNn1mXBrD8RjmMjsoG5pD8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeIL2BYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFtb0E4aXdpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall4TWpEZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFYb0w1QUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQE8QzRCZ28umgKZASFPQng2Yj5lAixJdXlsUUVnQUNnQU0dzQRPZy6RAUBCQXVDOUp1RmhSZzJrWTdEOR15AEIdeQxCaG1wKWMMcVQ5cAmBAQEEQngBBgkBEEI0QUlrNWz0gQE4RDgu2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTM4LjE5Ni4xMDaoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQNOTc3I0FNUzM6NjEyMNoEAggB4AQB8ASW3PKgAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBSf6BQQIABAAkAYAmAYAogYPMTAyNjQjQU1TMzo2MTI2uAYAwQYAAAAAAADwP9AG5QLaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gaCAQjzvDESfG1oTlZHVmtBQUFBREFBa0NCUUVJbTVqUUJSRHNnTTRCR0syeFlDQUhLQUJBb05TNUFralk5ZlFEVUxndldPNHZjUUFBQUFBQSGWEGVBQ0JBUaNYQUFBaUFFQWtBRUFtZ0VDQ0FDb0FRQ3guIACQgAcBiAcAoAcBugcPCAAQABgAIAAwADiPCUAAyAeC9gXSBw0JAA26AR4I2gcGCSdo4AcA6gcCCADwB-6XS4oIAhAAlQgAAIA_mAgB&s=5e24dd44e9a9d99c63d47dcab3eedad5954ed6fc
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
AN-X-Request-Uuid
f5797e4c-c01f-4b3d-be76-5bcfba28c4cd
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
t.illuma-tech.com/ Frame F1F1 		43 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.illuma-tech.com/img?adv_id=3671963&auction_id=361279077131230550&cpg_id=15507930&cp_id=0&referer_url_enc=https%253A%252F%252Ffriends.in.ua%252F&tag_id=21752842&creative_id=337423894
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.76.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-76-91.eu-west-1.compute.amazonaws.com
Software
uvicorn /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 05 Oct 2022 05:04:08 GMT
server
uvicorn
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://sholke.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 05 Oct 2022 05:04:08 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ Frame 40AE 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sholke.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bsredirect5.js
rtbcdn.doubleverify.com/ Frame 40AE 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_750141063520
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5885a54db7d6039ea505d57f5642e5e8ac558befd30a24422bc3933e0e103aaa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 11:08:56 GMT
Server
Microsoft-IIS/10.0
ETag
"c9b648bb97bbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
843
bsredirect5_internal78.js
rtbcdn.doubleverify.com/ Frame B951 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_500470871311
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f02a298299ee39eeaa176665bbf5960d01638638b01cbebfd59429e3e320c159

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 11:09:25 GMT
Server
Microsoft-IIS/10.0
ETag
"80e054cc97bbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13172
bsredirect5_internal78.js
rtbcdn.doubleverify.com/ Frame 3830 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_102797483882
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f02a298299ee39eeaa176665bbf5960d01638638b01cbebfd59429e3e320c159

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 11:09:25 GMT
Server
Microsoft-IIS/10.0
ETag
"80e054cc97bbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13172
bsredirect5_internal78.js
rtbcdn.doubleverify.com/ Frame F1F1 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_684878505973
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f02a298299ee39eeaa176665bbf5960d01638638b01cbebfd59429e3e320c159

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 11:09:25 GMT
Server
Microsoft-IIS/10.0
ETag
"80e054cc97bbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13172
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 567F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
33199
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 19:50:49 GMT
expires
Wed, 04 Oct 2023 19:50:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EED9 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a3d0f082a00a8246b6d228e59fb7648b54977c7c9ed91e576f2b445c9e349869
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zOvbIsYcA6ZxmAm_bzpL6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-zOvbIsYcA6ZxmAm_bzpL6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 05:04:08 GMT
expires
Wed, 05 Oct 2022 05:04:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bsredirect5.js
rtbcdn.doubleverify.com/ Frame F062 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_444826284428
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5885a54db7d6039ea505d57f5642e5e8ac558befd30a24422bc3933e0e103aaa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 11:08:56 GMT
Server
Microsoft-IIS/10.0
ETag
"c9b648bb97bbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
843
durly.js
c.evidon.com/ Frame F062 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=600
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b3d7038e6de59b491dbd1106574b963cfd9c86132da7ad98adf20497ab64dca6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 17:48:38 GMT
server
AkamaiNetStorage
etag
"77eac3ea1e7d41656b54c0d2b88123bb:1664387318.736431"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
1606
tfav_adl_68.js
j.adlooxtracking.com/ads/js/ Frame F062 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.24.88 , France, ASN16276 (OVH, FR),
Reverse DNS
js14.adlooxtracking.com
Software
nginx/1.15.8 /
Resource Hash
2ebd8f4b206d3cc70d859e3b0c7dfb47e21f79b0d925a50a94353334e8c72e5d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Dec 2021 10:09:54 GMT
Server
nginx/1.15.8
ETag
W/"61b86d72-ffba"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=3600
Connection
keep-alive
px
go.affec.tv/ Frame F062
Redirect Chain
  • https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=4060561551230475910&tag_id=21752842&creative_id=337423894&creative_size=300x600&reserve_price=0&price_paid=0.056163&bid_price=0.07973&ecp=0...
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D633d10488f60350001844ee9%26chc%3Daf%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx
  • https://map.go.affec.tv/map/an/7069281149188091664?ch=633d10488f60350001844ee9&chc=af&gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
  • https://go.affec.tv/px
43 B
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.affec.tv/px
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=ihgvalvhu&e=1786821995930
Protocol
H2
Server
63.32.155.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-155-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4842e7f28ce31b8044560bb63762638d957dae394c1b18b24808a2d459886d4c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-length
43
content-type
image/gif

Redirect headers

location
//go.affec.tv/px
date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
content-length
71
vary
Accept-Encoding
content-type
text/html; charset=utf-8
trk.js
cdn.adnxs.com/v/s/228/ Frame F062 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/228/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
17ea00f45c87696eea458d8499980bc6bfd9f4eab9f4d351cf0b71e1578a5adf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
Thu, 21 Sep 2023 09:19:52 GMT
Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1194257
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29297
X-Served-By
cache-lga21929-LGA, cache-lcy19252-LCY
Last-Modified
Wed, 21 Sep 2022 09:19:38 GMT
Server
AkamaiNetStorage
X-Timer
S1664946249.564633,VS0,VE0
ETag
"8675c94c6eb0b952165c5ba715b70918:1663751978.592998"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
3, 104057
it
ams3-ib.adnxs.com/ Frame F062 		0
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QLSDPDtUgYAAAMA1gAFAQjIoPSZBhCGvc6N-eaArTgYkN7ilYK4yI1iKjYJWUNn1mXBrD8RjmMjsoG5pD8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeLfzBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFZNER2YXdpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall3TmpIZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFXdEw1QUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQFAQzRCZ28umgKZASFQQnlVY0E6ZQIsSXV5bFFFZ0FDZ0FNHc0ET2cukQFARkF1QzlKdUZoUmcya1k3RDkdeQBCHXkMQmhtcCljDHFUOXAJgQEBBEJ4AQYJARBCNEFJazVs9IEBOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTA2qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDTk3NyNBTVMzOjYwNjHaBAIIAeAEAfAEltzyoAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUn-gUECAAQAJAGAJgGAKIGDzEwMjY0I0FNUzM6NjAwMrgGAMEGAAAAAAAA8D_QBuUC2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGggEI87wxEnxuUlBqR1ZrQUFBQURBQWtDQlFFSW01alFCUkRzZ000QkdLMnhZQ0FIS0FCQW9OUzVBa2pZOWZRRFVMZ3ZXUEl1Y1FBQUFBQUEhlhBlQUNCQVGjWEFBQWlBRUFrQUVBbWdFQ0NBQ29BUUN4LiAAkIAHAYgHAKAHAboHDwgAEAAYACAAMAA4jwlAAMgHt_MF0gcNCQANugEeCNoHBgknaOAHAOoHAggA8Aful0uKCAIQAJUIAACAP5gIAQ..&s=7d951d7160101c764c36e282f94ee8baee543603
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
AN-X-Request-Uuid
e89853ff-f524-4ddd-bc26-7e0f72fad4a4
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
t.illuma-tech.com/ Frame F062 		43 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.illuma-tech.com/img?adv_id=3671963&auction_id=4060561551230475910&cpg_id=15507930&cp_id=0&referer_url_enc=https%253A%252F%252Ffriends.in.ua%252F&tag_id=21752842&creative_id=337423894
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.76.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-76-91.eu-west-1.compute.amazonaws.com
Software
uvicorn /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 05 Oct 2022 05:04:08 GMT
server
uvicorn
bsredirect5.js
rtbcdn.doubleverify.com/ Frame 7395 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_716163031507
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5885a54db7d6039ea505d57f5642e5e8ac558befd30a24422bc3933e0e103aaa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 11:08:56 GMT
Server
Microsoft-IIS/10.0
ETag
"c9b648bb97bbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
843
durly.js
c.evidon.com/ Frame 7395 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=600
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b3d7038e6de59b491dbd1106574b963cfd9c86132da7ad98adf20497ab64dca6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 17:48:38 GMT
server
AkamaiNetStorage
etag
"77eac3ea1e7d41656b54c0d2b88123bb:1664387318.736431"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
1606
tfav_adl_68.js
j.adlooxtracking.com/ads/js/ Frame 7395 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.24.88 , France, ASN16276 (OVH, FR),
Reverse DNS
js14.adlooxtracking.com
Software
nginx/1.15.8 /
Resource Hash
2ebd8f4b206d3cc70d859e3b0c7dfb47e21f79b0d925a50a94353334e8c72e5d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Dec 2021 10:09:54 GMT
Server
nginx/1.15.8
ETag
W/"61b86d72-ffba"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=3600
Connection
keep-alive
px
go.affec.tv/ Frame 7395
Redirect Chain
  • https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=6206491701015862126&tag_id=21752842&creative_id=337423894&creative_size=300x600&reserve_price=0&price_paid=0.041434&bid_price=0.07973&ecp=0...
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D633d104895adfc000177fe40%26chc%3Daf%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx
  • https://map.go.affec.tv/map/an/7069281149188091664?ch=633d104895adfc000177fe40&chc=af&gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
  • https://go.affec.tv/px
43 B
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.affec.tv/px
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=snhgrrt&e=1786821995930
Protocol
H2
Server
63.32.155.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-155-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4842e7f28ce31b8044560bb63762638d957dae394c1b18b24808a2d459886d4c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-length
43
content-type
image/gif

Redirect headers

location
//go.affec.tv/px
date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
content-length
71
vary
Accept-Encoding
content-type
text/html; charset=utf-8
trk.js
cdn.adnxs.com/v/s/228/ Frame 7395 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/228/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
17ea00f45c87696eea458d8499980bc6bfd9f4eab9f4d351cf0b71e1578a5adf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
Thu, 21 Sep 2023 09:19:52 GMT
Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1194256
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29297
X-Served-By
cache-lga21929-LGA, cache-lcy19221-LCY
Last-Modified
Wed, 21 Sep 2022 09:19:38 GMT
Server
AkamaiNetStorage
X-Timer
S1664946249.570021,VS0,VE0
ETag
"8675c94c6eb0b952165c5ba715b70918:1663751978.592998"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
3, 862101
it
ams3-ib.adnxs.com/ Frame 7395 		0
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QLSDPDtUgYAAAMA1gAFAQjIoPSZBhDuttejmer4kFYYkN7ilYK4yI1iKjYJrpNEMso2pT8R0J5-XiiUnj8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeO3wBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFwb0RKa2dpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall3TURUZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFYMExwQUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQFAQzRCZ28umgKZASFPUnk4Ync6ZQIsSXV5bFFFZ0FDZ0FNHc0ET2cukQFAUkF1QzlKdUZoUmcya1k3RDkdeQBCHXkMQmhtcCljDHFUOXAJgQEBBEJ4AQYJARBCNEFJazVs9IEBOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTA2qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDTk3NyNBTVMzOjYwMDTaBAIIAeAEAfAEltzyoAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUn-gUECAAQAJAGAJgGAKIGDzEwMjY0I0FNUzM6NjExObgGAMEGAAAAAAAA8D_QBuUC2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGggEI87wxEnxreE1NR0ZrQUFBQURBQWtDQlFFSW01alFCUkRzZ000QkdLMnhZQ0FIS0FCQW9OUzVBa2pZOWZRRFVMZ3ZXT2N2Y1FBQUFBQUEhlhBlQUNCQVGjWEFBQWlBRUFrQUVBbWdFQ0NBQ29BUUN4LiAAkIAHAYgHAKAHAboHDwgAEAAYACAAMAA4jwlAAMgH7fAF0gcNCQANugEeCNoHBgknaOAHAOoHAggA8Aful0uKCAIQAJUIAACAP5gIAQ..&s=585bff7c37a7bde8852ddbb9b81ced14b0470b96
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
AN-X-Request-Uuid
137d6d33-2472-479b-90e6-ced08b961dee
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
t.illuma-tech.com/ Frame 7395 		43 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.illuma-tech.com/img?adv_id=3671963&auction_id=6206491701015862126&cpg_id=15507930&cp_id=0&referer_url_enc=https%253A%252F%252Ffriends.in.ua%252F&tag_id=21752842&creative_id=337423894
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.76.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-76-91.eu-west-1.compute.amazonaws.com
Software
uvicorn /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 05 Oct 2022 05:04:08 GMT
server
uvicorn
bsredirect5.js
rtbcdn.doubleverify.com/ Frame 0776 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_434043063280
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5885a54db7d6039ea505d57f5642e5e8ac558befd30a24422bc3933e0e103aaa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 11:08:56 GMT
Server
Microsoft-IIS/10.0
ETag
"c9b648bb97bbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
843
durly.js
c.evidon.com/ Frame 0776 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=600
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b3d7038e6de59b491dbd1106574b963cfd9c86132da7ad98adf20497ab64dca6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 17:48:38 GMT
server
AkamaiNetStorage
etag
"77eac3ea1e7d41656b54c0d2b88123bb:1664387318.736431"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
1606
tfav_adl_68.js
j.adlooxtracking.com/ads/js/ Frame 0776 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.24.88 , France, ASN16276 (OVH, FR),
Reverse DNS
js14.adlooxtracking.com
Software
nginx/1.15.8 /
Resource Hash
2ebd8f4b206d3cc70d859e3b0c7dfb47e21f79b0d925a50a94353334e8c72e5d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Dec 2021 10:09:54 GMT
Server
nginx/1.15.8
ETag
W/"61b86d72-ffba"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=3600
Connection
keep-alive
px
go.affec.tv/ Frame 0776
Redirect Chain
  • https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=5019200188778785509&tag_id=21752842&creative_id=337423894&creative_size=300x600&reserve_price=0&price_paid=0.041434&bid_price=0.07973&ecp=0...
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D633d10483eb8100001fef267%26chc%3Daf%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx
  • https://map.go.affec.tv/map/an/7069281149188091664?ch=633d10483eb8100001fef267&chc=af&gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
  • https://go.affec.tv/px
43 B
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.affec.tv/px
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=cgjxxle&e=1786821995930
Protocol
H2
Server
63.32.155.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-155-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4842e7f28ce31b8044560bb63762638d957dae394c1b18b24808a2d459886d4c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-length
43
content-type
image/gif

Redirect headers

location
//go.affec.tv/px
date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
content-length
71
vary
Accept-Encoding
content-type
text/html; charset=utf-8
trk.js
cdn.adnxs.com/v/s/228/ Frame 0776 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/228/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
17ea00f45c87696eea458d8499980bc6bfd9f4eab9f4d351cf0b71e1578a5adf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
Thu, 21 Sep 2023 09:19:52 GMT
Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1194256
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29297
X-Served-By
cache-lga21929-LGA, cache-lcy19229-LCY
Last-Modified
Wed, 21 Sep 2022 09:19:38 GMT
Server
AkamaiNetStorage
X-Timer
S1664946249.588786,VS0,VE0
ETag
"8675c94c6eb0b952165c5ba715b70918:1663751978.592998"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
3, 846336
it
ams3-ib.adnxs.com/ Frame 0776 		0
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QLSDPDtUgYAAAMA1gAFAQjIoPSZBhDl1e6lqf_x00UYkN7ilYK4yI1iKjYJrpNEMso2pT8R0J5-XiiUnj8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeJryBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFRb0FtV1FpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUJnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall3TWpiZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFXS0w1QUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQFAQzRCZ28umgKZASFQUnpXY0E6ZQIsSXV5bFFFZ0FDZ0FNHc0ET2cukQFAWkF1QzlKdUZoUmcya1k3RDkdeQBCHXkMQmhtcCljDHFUOXAJgQEBBEJ4AQYJARBCNEFJazVs9IEBOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTA2qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDTk3NyNBTVMzOjYwMjbaBAIIAeAEAfAEltzyoAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUn-gUECAAQAJAGAJgGAKIGDzEwMjY0I0FNUzM6NjA4MLgGAMEGAAAAAAAA8D_QBuUC2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGggEI87wxEnxiQlBqRUZrQUFBQURBQWtDQlFFSW01alFCUkRzZ000QkdLMnhZQ0FIS0FCQW9OUzVBa2pZOWZRRFVMZ3ZXTUF2Y1FBQUFBQUEhlhBlQUNCQVGjWEFBQWlBRUFrQUVBbWdFQ0NBQ29BUUN4LiAAkIAHAYgHAKAHAboHDwgAEAAYACAAMAA4jwlAAMgHmvIF0gcNCQANugEeCNoHBgknaOAHAOoHAggA8Aful0uKCAIQAJUIAACAP5gIAQ..&s=8447fd1294ab3469a6583a33167ab03f65e9b992
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
AN-X-Request-Uuid
d7e361dc-6287-4ff7-aa81-ba6d8b9e9314
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
t.illuma-tech.com/ Frame 0776 		43 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.illuma-tech.com/img?adv_id=3671963&auction_id=5019200188778785509&cpg_id=15507930&cp_id=0&referer_url_enc=https%253A%252F%252Ffriends.in.ua%252F&tag_id=21752842&creative_id=337423894
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.76.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-76-91.eu-west-1.compute.amazonaws.com
Software
uvicorn /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 05 Oct 2022 05:04:08 GMT
server
uvicorn
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6248 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
33199
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 19:50:49 GMT
expires
Wed, 04 Oct 2023 19:50:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E7D6 		783 B
742 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eb9e53d22eac938bc21678a0fcd30d0f279e0b4d6fdae9f87d79cfe1ee4afcc7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-71l0MXqbtoLpEuwVRZYgVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-71l0MXqbtoLpEuwVRZYgVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 05:04:08 GMT
expires
Wed, 05 Oct 2022 05:04:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bsredirect5_internal78.js
rtbcdn.doubleverify.com/ Frame 40AE 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f02a298299ee39eeaa176665bbf5960d01638638b01cbebfd59429e3e320c159

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 11:09:25 GMT
Server
Microsoft-IIS/10.0
ETag
"80e054cc97bbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13172
verifyc.js
rtb0.doubleverify.com/ Frame 3830 		447 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verifyc.js?ctx=3758893&cmp=27157518&plc=326462199&sid=6603073&num=5&srcurlD=0&callback=__verify_callback_102797483882&jsTagObjCallback=__tagObject_callback_102797483882&ssl=1&refD=2&htmlmsging=1&guid=1664946248584926&nav_pltfrm=Win32&brid=3&brver=99&bridua=3&dvp_strhd=0.30&dvpx_strhd=0.30&m1=13&fcifrms=14&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&eparams=5G0FC%3Dl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2Tar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3ETar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3E&ver=106&dvp_exetime=4.40
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
600612fe49e1e39ab8ccff7d0f5261e65e810c008ab71b8a8dd4901ac8f8cdbe

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
10/04/2022 05:04:08
verifyc.js
rtb0.doubleverify.com/ Frame B951 		447 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verifyc.js?ctx=3758893&cmp=27157518&plc=326462202&sid=6603073&num=5&srcurlD=0&callback=__verify_callback_500470871311&jsTagObjCallback=__tagObject_callback_500470871311&ssl=1&refD=2&htmlmsging=1&guid=1664946248605421&nav_pltfrm=Win32&brid=3&brver=99&bridua=3&dvp_strhd=0.20&dvpx_strhd=0.20&m1=13&fcifrms=14&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&eparams=5G0FC%3Dl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2Tar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3ETar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3E&ver=106&dvp_exetime=4.00
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
32a9235b760199923caee53c00c27522b9a7344ec5e7547ec84e69834a5d37b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
10/04/2022 05:04:08
verifyc.js
rtb0.doubleverify.com/ Frame F1F1 		447 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verifyc.js?ctx=3758893&cmp=27157518&plc=326462199&sid=6603073&num=5&srcurlD=0&callback=__verify_callback_684878505973&jsTagObjCallback=__tagObject_callback_684878505973&ssl=1&refD=2&htmlmsging=1&guid=1664946248630614&nav_pltfrm=Win32&brid=3&brver=99&bridua=3&dvp_strhd=0.20&dvpx_strhd=0.20&m1=13&fcifrms=14&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&eparams=5G0FC%3Dl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2Tar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3ETar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3E&ver=106&dvp_exetime=2.10
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
8ecc93ad96e703f108ae165143026978ee581790b7186af002102bcb536d6878

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
10/04/2022 05:04:08
bsredirect5_internal78.js
rtbcdn.doubleverify.com/ Frame F062 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_444826284428
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f02a298299ee39eeaa176665bbf5960d01638638b01cbebfd59429e3e320c159

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 11:09:25 GMT
Server
Microsoft-IIS/10.0
ETag
"80e054cc97bbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13172
bsredirect5.js
rtbcdn.doubleverify.com/ Frame 85FA 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_301443612361
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5885a54db7d6039ea505d57f5642e5e8ac558befd30a24422bc3933e0e103aaa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 11:08:56 GMT
Server
Microsoft-IIS/10.0
ETag
"c9b648bb97bbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
843
durly.js
c.evidon.com/ Frame 85FA 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=600
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b3d7038e6de59b491dbd1106574b963cfd9c86132da7ad98adf20497ab64dca6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 17:48:38 GMT
server
AkamaiNetStorage
etag
"77eac3ea1e7d41656b54c0d2b88123bb:1664387318.736431"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
1606
tfav_adl_68.js
j.adlooxtracking.com/ads/js/ Frame 85FA 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.187.24.88 , France, ASN16276 (OVH, FR),
Reverse DNS
js14.adlooxtracking.com
Software
nginx/1.15.8 /
Resource Hash
2ebd8f4b206d3cc70d859e3b0c7dfb47e21f79b0d925a50a94353334e8c72e5d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Dec 2021 10:09:54 GMT
Server
nginx/1.15.8
ETag
W/"61b86d72-ffba"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=3600
Connection
keep-alive
px
go.affec.tv/ Frame 85FA
Redirect Chain
  • https://go.affec.tv/i/611cd427bc326a56c7c4e2d1?auction_id=7807471130944395031&tag_id=21752842&creative_id=337423894&creative_size=300x600&reserve_price=0&price_paid=0.04438&bid_price=0.07973&ecp=0....
  • https://map.go.affec.tv/map/af/?gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D633d10488f60350001844ef1%26chc%3Daf%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D%252F%252Fgo.affec.tv%252Fpx
  • https://map.go.affec.tv/map/an/7069281149188091664?ch=633d10488f60350001844ef1&chc=af&gdpr=&gdpr_consent=&redirect_url=%2F%2Fgo.affec.tv%2Fpx
  • https://go.affec.tv/px
43 B
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.affec.tv/px
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=deriin&e=1786821995930
Protocol
H2
Server
63.32.155.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-155-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4842e7f28ce31b8044560bb63762638d957dae394c1b18b24808a2d459886d4c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:08 GMT
content-length
43
content-type
image/gif

Redirect headers

location
//go.affec.tv/px
date
Wed, 05 Oct 2022 05:04:08 GMT
content-encoding
gzip
content-length
71
vary
Accept-Encoding
content-type
text/html; charset=utf-8
trk.js
cdn.adnxs.com/v/s/228/ Frame 85FA 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/228/trk.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
17ea00f45c87696eea458d8499980bc6bfd9f4eab9f4d351cf0b71e1578a5adf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
Thu, 21 Sep 2023 09:19:52 GMT
Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1194256
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29297
X-Served-By
cache-lga21929-LGA, cache-lcy19229-LCY
Last-Modified
Wed, 21 Sep 2022 09:19:38 GMT
Server
AkamaiNetStorage
X-Timer
S1664946249.670510,VS0,VE0
ETag
"8675c94c6eb0b952165c5ba715b70918:1663751978.592998"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
3, 846337
it
ams3-ib.adnxs.com/ Frame 85FA 		0
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QLSDPDtUgYAAAMA1gAFAQjIoPSZBhCXrrvQi7TtrGwYkN7ilYK4yI1iKjYJa1AYU-m4pj8RCu1sSV1goD8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeIf1BYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFoWUIxZmdpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUJnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall4TUREZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFYVUw1QUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQE8QzRCZ28umgKZASFOaHpzYj5lAixJdXlsUUVnQUNnQU0dzQRPZy6RAUBCQXVDOUp1RmhSZzJrWTdEOR15AEIdeQxCaG1wKWMMcVQ5cAmBAQEEQngBBgkBEEI0QUlrNWz0gQE4RDgu2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTM4LjE5Ni4xMDaoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQNOTc3I0FNUzM6NjEwMNoEAggB4AQB8ASW3PKgAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBSf6BQQIABAAkAYAmAYAogYPMTAyNjQjQU1TMzo1OTk1uAYAwQYAAAAAAADwP9AG5QLaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gaCAQjzvDESfGxoT2FHRmtBQUFBREFBa0NCUUVJbTVqUUJSRHNnTTRCR0syeFlDQUhLQUJBb05TNUFralk5ZlFEVUxndldPc3VjUUFBQUFBQSGWEGVBQ0JBUaNYQUFBaUFFQWtBRUFtZ0VDQ0FDb0FRQ3guIACQgAcBiAcAoAcBugcPCAAQABgAIAAwADiPCUAAyAeH9QXSBw0JAA26AR4I2gcGCSdo4AcA6gcCCADwB-6XS4oIAhAAlQgAAIA_mAgB&s=a6b6e460735c4a958af244849416933cba5794ae
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
AN-X-Request-Uuid
bdcc5c0e-cb8b-4f72-b613-9b9fc8b79f9f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
t.illuma-tech.com/ Frame 85FA 		43 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.illuma-tech.com/img?adv_id=3671963&auction_id=7807471130944395031&cpg_id=15507930&cp_id=0&referer_url_enc=https%253A%252F%252Ffriends.in.ua%252F&tag_id=21752842&creative_id=337423894
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.76.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-76-91.eu-west-1.compute.amazonaws.com
Software
uvicorn /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 05 Oct 2022 05:04:08 GMT
server
uvicorn
bsredirect5_internal78.js
rtbcdn.doubleverify.com/ Frame 7395 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_716163031507
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f02a298299ee39eeaa176665bbf5960d01638638b01cbebfd59429e3e320c159

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 11:09:25 GMT
Server
Microsoft-IIS/10.0
ETag
"80e054cc97bbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13172
bsredirect5_internal78.js
rtbcdn.doubleverify.com/ Frame 0776 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_434043063280
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f02a298299ee39eeaa176665bbf5960d01638638b01cbebfd59429e3e320c159

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 11:09:25 GMT
Server
Microsoft-IIS/10.0
ETag
"80e054cc97bbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13172
verifyc.js
rtb0.doubleverify.com/ Frame 40AE 		447 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verifyc.js?ctx=3758893&cmp=27157518&plc=326462199&sid=6603073&num=5&srcurlD=0&callback=__verify_callback_750141063520&jsTagObjCallback=__tagObject_callback_750141063520&ssl=1&refD=2&htmlmsging=1&guid=1664946248657128&nav_pltfrm=Win32&brid=3&brver=99&bridua=3&dvp_strhd=0.00&dvpx_strhd=0.00&m1=13&fcifrms=14&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&eparams=5G0FC%3Dl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2Tar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3ETar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3E&ver=106&dvp_exetime=2.10
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
479eb0a60fcc13a65e631985de2ff415d416c84f53265014a31cc12ca2c91e7f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
10/04/2022 05:04:08
bsredirect5_internal78.js
rtbcdn.doubleverify.com/ Frame 85FA 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5.js?callback=__dvredirect_callback_301443612361
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f02a298299ee39eeaa176665bbf5960d01638638b01cbebfd59429e3e320c159

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 11:09:25 GMT
Server
Microsoft-IIS/10.0
ETag
"80e054cc97bbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13172
verifyc.js
rtb0.doubleverify.com/ Frame 7395 		447 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verifyc.js?ctx=3758893&cmp=27157518&plc=326462199&sid=6603073&num=5&srcurlD=0&callback=__verify_callback_716163031507&jsTagObjCallback=__tagObject_callback_716163031507&ssl=1&refD=2&htmlmsging=1&guid=1664946248759416&nav_pltfrm=Win32&brid=3&brver=99&bridua=3&dvp_strhd=0.20&dvpx_strhd=0.20&m1=13&fcifrms=14&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&eparams=5G0FC%3Dl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2Tar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3ETar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3E&ver=106&dvp_exetime=2.90
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
0c1e40e99923109f31cc5674720dd10ca5f757aeeccc60c750efede4054678fd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
10/04/2022 05:04:08
verifyc.js
rtb0.doubleverify.com/ Frame 0776 		447 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verifyc.js?ctx=3758893&cmp=27157518&plc=326462199&sid=6603073&num=5&srcurlD=0&callback=__verify_callback_434043063280&jsTagObjCallback=__tagObject_callback_434043063280&ssl=1&refD=2&htmlmsging=1&guid=1664946248773812&nav_pltfrm=Win32&brid=3&brver=99&bridua=3&dvp_strhd=0.20&dvpx_strhd=0.20&m1=13&fcifrms=14&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&eparams=5G0FC%3Dl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2Tar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3ETar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3E&ver=106&dvp_exetime=2.20
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
6ad1b5f4f6a16a10ce4cb2c275f4f3f3db4d5c1cf487d6abfb51894af4dda90b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
10/04/2022 05:04:08
verifyc.js
rtb0.doubleverify.com/ Frame F062 		447 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verifyc.js?ctx=3758893&cmp=27157518&plc=326462199&sid=6603073&num=5&srcurlD=0&callback=__verify_callback_444826284428&jsTagObjCallback=__tagObject_callback_444826284428&ssl=1&refD=2&htmlmsging=1&guid=1664946248784941&nav_pltfrm=Win32&brid=3&brver=99&bridua=3&dvp_strhd=0.00&dvpx_strhd=0.00&m1=13&fcifrms=14&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&eparams=5G0FC%3Dl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2Tar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3ETar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3E&ver=106&dvp_exetime=1.80
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
1eb7e2bcd2b65c17f5c658b19c297a4e8061f4c3f249ab09196179fb50473151

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
10/04/2022 05:04:08
verifyc.js
rtb0.doubleverify.com/ Frame 85FA 		447 B
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verifyc.js?ctx=3758893&cmp=27157518&plc=326462199&sid=6603073&num=5&srcurlD=0&callback=__verify_callback_301443612361&jsTagObjCallback=__tagObject_callback_301443612361&ssl=1&refD=2&htmlmsging=1&guid=1664946248830173&nav_pltfrm=Win32&brid=3&brver=99&bridua=3&dvp_strhd=0.10&dvpx_strhd=0.10&m1=13&fcifrms=14&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&eparams=5G0FC%3Dl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2Tar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3ETar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3E&ver=106&dvp_exetime=1.80
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
18e618623f45775fc9cf4c362a7a226b1de8cde5117b858eb60e14cbb2a9a1ef

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
10/04/2022 05:04:08
sodar
pagead2.googlesyndication.com/pagead/ Frame EED9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220928&jk=1761487809210438&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame E7D6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092901&jk=3852460161047042&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js
pagead2.googlesyndication.com/bg/ Frame 567F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 17:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15966
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Oct 2023 17:54:43 GMT
b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js
pagead2.googlesyndication.com/bg/ Frame 6248 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 17:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15966
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Oct 2023 17:54:43 GMT
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame F1F1 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=759fe684b50d44adb6e412b19f5385d6&vfdur=230&cbust=1664946248865583
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
10/04/2022 05:04:08
dcmads.js
www.googletagservices.com/dcm/ Frame F1F1 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:30:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10831
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 13:41:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 05 Oct 2022 05:30:41 GMT
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 3830 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=d6de5d6693f647f3895493ab0aea61b3&vfdur=274&cbust=1664946248867640
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
10/04/2022 05:04:08
dcmads.js
www.googletagservices.com/dcm/ Frame 3830 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:30:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10831
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 13:41:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 05 Oct 2022 05:30:41 GMT
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame B951 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=aaf79a11d86b4d0a8e74eb996fe63221&vfdur=253&cbust=1664946248868257
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
10/04/2022 05:04:08
dcmads.js
www.googletagservices.com/dcm/ Frame B951 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:30:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10831
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 13:41:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 05 Oct 2022 05:30:41 GMT
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 40AE 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=a4ab27add13a4afc9211b5d5d888f931&vfdur=203&cbust=1664946248870247
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
10/04/2022 05:04:08
dcmads.js
www.googletagservices.com/dcm/ Frame 40AE 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:30:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10831
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 13:41:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 05 Oct 2022 05:30:41 GMT
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 7395 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=a71558e233b546378f4a683d29a277f0&vfdur=131&cbust=1664946248894746
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:08 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
10/04/2022 05:04:08
dcmads.js
www.googletagservices.com/dcm/ Frame 7395 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:30:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10831
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 13:41:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 05 Oct 2022 05:30:41 GMT
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 0776 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=d52b842ce98f4ee9a29157062b373903&vfdur=133&cbust=1664946248944490
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:09 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
10/04/2022 05:04:09
dcmads.js
www.googletagservices.com/dcm/ Frame 0776 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:30:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10831
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 13:41:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 05 Oct 2022 05:30:41 GMT
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame F062 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=83a1c36ae3be40b1b83bf13959c8d30e&vfdur=189&cbust=1664946248986841
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:09 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
10/04/2022 05:04:09
dcmads.js
www.googletagservices.com/dcm/ Frame F062 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:30:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10831
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 13:41:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 05 Oct 2022 05:30:41 GMT
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 85FA 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=3f126cf95c1048e0994fa0dd6ec0f132&vfdur=143&cbust=1664946248987253
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:09 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
10/04/2022 05:04:09
dcmads.js
www.googletagservices.com/dcm/ Frame 85FA 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: rtbcdn.doubleverify.com
URL: https://rtbcdn.doubleverify.com/bsredirect5_internal78.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:30:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10831
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 13:41:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 05 Oct 2022 05:30:41 GMT
generate_204
tpc.googlesyndication.com/ Frame 6248 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?S15VbA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 567F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?SUBNOA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
impl_v91.js
www.googletagservices.com/dcm/ Frame F1F1 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v91.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 17:00:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23646
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:32:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 17:00:55 GMT
impl_v91.js
www.googletagservices.com/dcm/ Frame 3830 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v91.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 17:00:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23646
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:32:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 17:00:55 GMT
impl_v91.js
www.googletagservices.com/dcm/ Frame 40AE 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v91.js
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 17:00:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23646
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:32:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 17:00:55 GMT
impl_v91.js
www.googletagservices.com/dcm/ Frame F062 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v91.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 17:00:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23646
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:32:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 17:00:55 GMT
impl_v91.js
www.googletagservices.com/dcm/ Frame 7395 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v91.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 17:00:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23646
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:32:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 17:00:55 GMT
impl_v91.js
www.googletagservices.com/dcm/ Frame 85FA 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v91.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 17:00:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23646
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:32:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 17:00:55 GMT
impl_v91.js
www.googletagservices.com/dcm/ Frame B951 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v91.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 17:00:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23646
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:32:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 17:00:55 GMT
impl_v91.js
www.googletagservices.com/dcm/ Frame 0776 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v91.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 17:00:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23646
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:32:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 17:00:55 GMT
B27157518.326462199;dc_ver=91.268;sz=300x600;u_sd=1;gdpr=0;dc_adk=453182781;ord=zhj2ux;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3Fa1AYU-m4pj8K7WxJXWCgPwAAAIA9Crc_l1CQg8prrT-alIJuL2m0PxfXDrqgtV...
ad.doubleclick.net/ddm/adj/N1153793.3855423HYBRIDTHEORY/ Frame 85FA 		69 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1153793.3855423HYBRIDTHEORY/B27157518.326462199;dc_ver=91.268;sz=300x600;u_sd=1;gdpr=0;dc_adk=453182781;ord=zhj2ux;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3Fa1AYU-m4pj8K7WxJXWCgPwAAAIA9Crc_l1CQg8prrT-alIJuL2m0PxfXDrqgtVlsEK-4IsAhG2JIED1jAAAAAArsSwEYKAAA0QMAAAIAAAAWrhwUC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA-B8TjwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521NhzsbgimnfoXEJbc8qABGIuylQEgACgAMexRuB6F67E_OglBTVMzOjYxMDBAuC9JuFhRg2kY7D9RAAAAAAAAAABZAAAAAAAAAABhmpmZmZmZqT9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DOTc3I0FNUzM6NjEwMA%3D%3D%2Fbn%3D96903%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Ffriends.in.ua%2F$0;xdt=1;crlt=H(iDPw(j5I;gcsr=m;stc=1;chaa=1;sttr=220;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v91.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f6.1e100.net
Software
cafe /
Resource Hash
99703aad857a9562216518b1aa196121c423c2af743156438ae2b1e30e9ac11a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28323
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B27157518.326462199;dc_ver=91.268;dc_eid=40004000;sz=300x600;u_sd=1;gdpr=0;dc_adk=2973613050;ord=bv6d83;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FrpNEMso2pT_Qnn5eKJSePwAAAIA9Crc_l1CQg8prrT-al...
ad.doubleclick.net/ddm/adj/N1153793.3855423HYBRIDTHEORY/ Frame 0776 		69 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1153793.3855423HYBRIDTHEORY/B27157518.326462199;dc_ver=91.268;dc_eid=40004000;sz=300x600;u_sd=1;gdpr=0;dc_adk=2973613050;ord=bv6d83;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FrpNEMso2pT_Qnn5eKJSePwAAAIA9Crc_l1CQg8prrT-alIJuL2m0P-Wqu5T6x6dFEK-4IsAhG2JIED1jAAAAAArsSwEYKAAA0QMAAAIAAAAWrhwUC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPSLuZgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521PRzWcAimnfoXEJbc8qABGIuylQEgACgAMexRuB6F67E_OglBTVMzOjYwMjZAuC9JuFhRg2kY7D9RAAAAAAAAAABZAAAAAAAAAABhmpmZmZmZqT9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DOTc3I0FNUzM6NjAyNg%3D%3D%2Fbn%3D96538%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Ffriends.in.ua%2F$0;xdt=1;crlt=H(iDPw(j5I;gcsr=m;stc=1;chaa=1;sttr=205;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v91.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f6.1e100.net
Software
cafe /
Resource Hash
d41883b69b87c3c0e651d52ff6d1b0b3510123b4d9b4af3de2f6c34cbef3917e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28236
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B27157518.326462199;dc_ver=91.268;sz=300x600;u_sd=1;gdpr=0;dc_adk=1203382775;ord=ks5lpo;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FrpNEMso2pT_Qnn5eKJSePwAAAIA9Crc_l1CQg8prrT-alIJuL2m0P27bdZRR4...
ad.doubleclick.net/ddm/adj/N1153793.3855423HYBRIDTHEORY/ Frame 7395 		69 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1153793.3855423HYBRIDTHEORY/B27157518.326462199;dc_ver=91.268;sz=300x600;u_sd=1;gdpr=0;dc_adk=1203382775;ord=ks5lpo;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FrpNEMso2pT_Qnn5eKJSePwAAAIA9Crc_l1CQg8prrT-alIJuL2m0P27bdZRR4yFWEK-4IsAhG2JIED1jAAAAAArsSwEYKAAA0QMAAAIAAAAWrhwUC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAryAv4wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ORy8bwimnfoXEJbc8qABGIuylQEgACgAMexRuB6F67E_OglBTVMzOjYwMDRAuC9JuFhRg2kY7D9RAAAAAAAAAABZAAAAAAAAAABhmpmZmZmZqT9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DOTc3I0FNUzM6NjAwNA%3D%3D%2Fbn%3D96365%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Ffriends.in.ua%2F$0;xdt=1;crlt=H(iDPw(j5I;gcsr=m;stc=1;chaa=1;sttr=241;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v91.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f6.1e100.net
Software
cafe /
Resource Hash
4941d02cb94ba17abdab02b4baa3fe5a12cca24abf1675064914fc303ff11efe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28224
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B27157518.326462202;dc_ver=91.268;sz=300x600;u_sd=1;gdpr=0;dc_adk=1250990293;ord=q3qa36;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F4sm_lCe9qT9MKMh974yiPwAAAIA9Crc_l1CQg8prrT-alIJuL2m0P_hKi53_B...
ad.doubleclick.net/ddm/adj/N1153793.3855423HYBRIDTHEORY/ Frame B951 		70 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1153793.3855423HYBRIDTHEORY/B27157518.326462202;dc_ver=91.268;sz=300x600;u_sd=1;gdpr=0;dc_adk=1250990293;ord=q3qa36;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F4sm_lCe9qT9MKMh974yiPwAAAIA9Crc_l1CQg8prrT-alIJuL2m0P_hKi53_BioOEK-4IsAhG2JIED1jAAAAAArsSwEYKAAA0QMAAAIAAAAZrhwUC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAvSHLcgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521URzHdgimnfoXEJnc8qABGIuylQEgACgAMexRuB6F67E_OglBTVMzOjU5OThAuC9JuFhRg2kY7D9RAAAAAAAAAABZAAAAAAAAAABhmpmZmZmZqT9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DOTc3I0FNUzM6NTk5OA%3D%3D%2Fbn%3D96432%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Ffriends.in.ua%2F$0;xdt=1;crlt=H(iDPw(j5I;gcsr=m;stc=1;chaa=1;sttr=221;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v91.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f6.1e100.net
Software
cafe /
Resource Hash
216db878858f983f4aa17e422e00ff9fa80a9a50941f9f0e3f5aa4a77297aa56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28387
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B27157518.326462199;dc_ver=91.268;sz=300x600;u_sd=1;gdpr=0;dc_adk=1670905722;ord=w0bwx0;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FrpNEMso2pT_Qnn5eKJSePwAAAIA9Crc_l1CQg8prrT-alIJuL2m0P1G3ah18a...
ad.doubleclick.net/ddm/adj/N1153793.3855423HYBRIDTHEORY/ Frame 3830 		69 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1153793.3855423HYBRIDTHEORY/B27157518.326462199;dc_ver=91.268;sz=300x600;u_sd=1;gdpr=0;dc_adk=1670905722;ord=w0bwx0;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FrpNEMso2pT_Qnn5eKJSePwAAAIA9Crc_l1CQg8prrT-alIJuL2m0P1G3ah18aZAeEK-4IsAhG2JIED1jAAAAAArsSwEYKAAA0QMAAAIAAAAWrhwUC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA1B8qmgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521QByrcQimnfoXEJbc8qABGIuylQEgACgAMexRuB6F67E_OglBTVMzOjYwNTZAuC9JuFhRg2kY7D9RAAAAAAAAAABZAAAAAAAAAABhmpmZmZmZqT9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DOTc3I0FNUzM6NjA1Ng%3D%3D%2Fbn%3D96689%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Ffriends.in.ua%2F$0;xdt=1;crlt=H(iDPw(j5I;gcsr=m;stc=1;chaa=1;sttr=284;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v91.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f6.1e100.net
Software
cafe /
Resource Hash
5d3e78e83bad8162b08b4ab6c3e5f62b19c15973a51fe22855249a13d5f715d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28219
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B27157518.326462199;dc_ver=91.268;dc_eid=40004000;sz=300x600;u_sd=1;gdpr=0;dc_adk=1066843456;ord=8v6teg;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3Fa1AYU-m4pj8K7WxJXWCgPwAAAIA9Crc_l1CQg8prrT-al...
ad.doubleclick.net/ddm/adj/N1153793.3855423HYBRIDTHEORY/ Frame 40AE 		69 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1153793.3855423HYBRIDTHEORY/B27157518.326462199;dc_ver=91.268;dc_eid=40004000;sz=300x600;u_sd=1;gdpr=0;dc_adk=1066843456;ord=8v6teg;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3Fa1AYU-m4pj8K7WxJXWCgPwAAAIA9Crc_l1CQg8prrT-alIJuL2m0P9tj4eYCZsZlEK-4IsAhG2JIED1jAAAAAArsSwEYKAAA0QMAAAIAAAAWrhwUC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAwCDD0wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521QRz0cQimnfoXEJbc8qABGIuylQEgACgAMexRuB6F67E_OglBTVMzOjYwODRAuC9JuFhRg2kY7D9RAAAAAAAAAABZAAAAAAAAAABhmpmZmZmZqT9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DOTc3I0FNUzM6NjA4NA%3D%3D%2Fbn%3D96847%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Ffriends.in.ua%2F$0;xdt=1;crlt=H(iDPw(j5I;gcsr=m;stc=1;chaa=1;sttr=278;prcl=s
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f6.1e100.net
Software
cafe /
Resource Hash
84f86f662a5c1711ee6a5599ba05cf51a9383dfa460e43ad68c27acfab6fddf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28388
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B27157518.326462199;dc_ver=91.268;sz=300x600;u_sd=1;gdpr=0;dc_adk=2677554848;ord=rnyjai;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FWUNn1mXBrD-OYyOygbmkPwAAAIA9Crc_l1CQg8prrT-alIJuL2m0P1YdMBFoh...
ad.doubleclick.net/ddm/adj/N1153793.3855423HYBRIDTHEORY/ Frame F1F1 		69 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1153793.3855423HYBRIDTHEORY/B27157518.326462199;dc_ver=91.268;sz=300x600;u_sd=1;gdpr=0;dc_adk=2677554848;ord=rnyjai;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FWUNn1mXBrD-OYyOygbmkPwAAAIA9Crc_l1CQg8prrT-alIJuL2m0P1YdMBFohQMFEK-4IsAhG2JIED1jAAAAAArsSwEYKAAA0QMAAAIAAAAWrhwUC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAqh6KPwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521OBx6bwimnfoXEJbc8qABGIuylQEgACgAMexRuB6F67E_OglBTVMzOjYxMjBAuC9JuFhRg2kY7D9RAAAAAAAAAABZAAAAAAAAAABhmpmZmZmZqT9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DOTc3I0FNUzM6NjEyMA%3D%3D%2Fbn%3D97026%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Ffriends.in.ua%2F$0;xdt=1;crlt=H(iDPw(j5I;gcsr=m;stc=1;chaa=1;sttr=331;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v91.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f6.1e100.net
Software
cafe /
Resource Hash
90f31d7ec5f8ad1653805597c52a9223ac01fc437bda9cc6646edb8cef74b6cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28243
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B27157518.326462199;dc_ver=91.268;dc_eid=40004001;sz=300x600;u_sd=1;gdpr=0;dc_adk=2928284355;ord=txb1ve;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FWUNn1mXBrD-OYyOygbmkPwAAAIA9Crc_l1CQg8prrT-al...
ad.doubleclick.net/ddm/adj/N1153793.3855423HYBRIDTHEORY/ Frame F062 		69 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1153793.3855423HYBRIDTHEORY/B27157518.326462199;dc_ver=91.268;dc_eid=40004001;sz=300x600;u_sd=1;gdpr=0;dc_adk=2928284355;ord=txb1ve;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FWUNn1mXBrD-OYyOygbmkPwAAAIA9Crc_l1CQg8prrT-alIJuL2m0P4aes5E3A1o4EK-4IsAhG2JIED1jAAAAAArsSwEYKAAA0QMAAAIAAAAWrhwUC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgANSAqxAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521PByUcAimnfoXEJbc8qABGIuylQEgACgAMexRuB6F67E_OglBTVMzOjYwNjFAuC9JuFhRg2kY7D9RAAAAAAAAAABZAAAAAAAAAABhmpmZmZmZqT9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DOTc3I0FNUzM6NjA2MQ%3D%3D%2Fbn%3D96695%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Ffriends.in.ua%2F$0;xdt=1;crlt=H(iDPw(j5I;gcsr=m;stc=1;chaa=1;sttr=277;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v91.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f6.1e100.net
Software
cafe /
Resource Hash
e6306e70be0972a581fac53d7d114296d4e8d81cd56ac85c8018c9e4cc7bd510
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28276
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 01E7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092901&jk=3852460161047042&bg=!ICOlI2fNAAYQgTJdMIE7ACkAdvg8WtAon1svzSpQFWZG4KR6O93g-FC2alEX9sSRrBUvnHyRVqRwcQIAAACgUgAAAAJoAQeZAs_T9-2ojOZtHBwbKxxop3YsIu3TkCNO0xT4r4pWRnEteZjLy7fVqIn8kGKywNLwpCXHMbbXdUvrccmYNz3TRmKW13tvthW3i40JqWBBrSRUuAXPnc8xg3z-SqB_nDNFaksInrOzhaiqhkh5pGkCrLFv3uv5qH3KGXm65bo0x0Ql7gehXyALIs5U7mgybEPgu4WDpa_DOHdVcH5v4Mw0fo7tKk0ipFhtqOim33ofCUUwigWrZYJVw977wu4McEAUPo18HeGD6oDmtA9IFzD1ASjmvibxdRv1ytLLSGOOijkK0EVWtU8GuUpuBMGVtU1NKWjsXngRf8f5C7x8zjAblCQlKMSOut2lhEWCUv6YNqyor7G9j7NzjE2OQTyKexNbnd5_mHQn-af0npCnGJjXqRGpTnHITVrh4saGQgnwl6mPRG1l5j19qEAjQGhNd9HzZ-fwieKATk2d_mb9gkaegtpO2K2yxY1tGkR4DsWXZikKuRP_FAfxQkdKsggfZ17-ikxCwqwGeZTwGOef1FMNY_PFvaD_kMyOXCLpgzfH5nvFAi8STuPhnfytpDAoM-h9ItM-iaMv546Cv1eH31v860uU52Fvy9XwIKN819jGNEWak2jTr2H5N2o9fOXB-NxGmSchQxhAcUd3e6VWO5nItJ-caiJp3B79HxMxWMPirf-Pk7L3jP1WN-3N2gHBmq1UEag3-uMFTRCLukj6YxYqylvpBmVXZ_Iekc_qiLcaHGAJEpmZlfd743d6x_IJKyCZPCA9X_zvOZvlYRhGO7dCZ9_3mg_sCAJOiQV9IAI4WfX3a9OypUmNabeP9kIoxYLDRf-WioWXADxR0xw87_KjyMqH3ttlDX4ynJwyoDWHJjMlJpassTjhnFlq61UxDbAQWDhEiQuW54GXLIm6QU5QGmECCYl2Ei5pmA9BW5w6R9Qyv7jj27tItjMBYAaHtyprmQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220928&jk=1761487809210438&bg=!k5ClkNTNAAYQgTJdMIE7ACkAdvg8Wt8ZHiixDm2aEjguemAYhMS69snK5aHO5s8NWh6d9_kv5pD0GwIAAADBUgAAAANoAQcKAJfgGeaMvHxTqTiG0yXy1ipKYFKzEfsJ53aZDwHZRBrqEpL7hG1bEEaTuIPdUd_J3i17nbCvKCPijHQMw5aibmteN347aiGbzhFYEa_Re81VDKUb-U9S9KL8kA8QZt9sijj5zj93pON6lZkrYFTwwxLVEXpyoEXk3zMNxKu7sgmiMPu14pQPc0q040mFbYOJTFvleCO9mWYGmQKpRce_MSNdHqxTAb5lpdfPPM5d-sl9f2I4qnRwB_ZYrG-evTKK0CV-nPO1AhCt0CFAcNsaK51btoj-G968HcNSh1rn3ZfQCcfTqFMxRUAtYd-0oScA_wPcNUuEUgQIad1n3zjKMzov7V25VWaR-bAmGWyeD60iDbo5NStF6ixZy83xCq3TxrFaWyypRkuGgjAJZ4Z79kQDrcHOWHlitSIq135-YgIdUjzpZ6w2f9ToJzTyjq1f1OFOVxuxpvuq-_d2nJGoqeLCh-3xpr5GII8Uzmgd8fOpYUWuf0IoyJj2jGaW-9-1ye6SS1x_HO_6MERRqcmnEJa7sj3Fso7KbANVp3QezITAemJcaqbZUhRypcymsmPe6mbtxfyE_jycNzSZVC-XfowciqZp8SeZrnOvHhxgfJ-eddtwDeuofI-RzrtOwFohiVsZNkdksoAZe1GG0APLlfH5DL9D5CRZcoKRKo8vUvdZIKqAGV9rQz3QwMRNfkDSey07TBSGLK_G4HM94EpVdHM7OAiOSAn7BQJjVFF2f1p1QrpSww7yCIp0vXzY4wcbdcp1g9YEJeHs4LG20g8Q4N1NkmdmTJzjPNiU3z8wktPY2IMzLnw8JJoMHhNwosiUjMTa_tRY4orBiSkySKSEjLpeRg9wghv8nPuygWVymAYpWZ6S92W9iUxvqvb5LW2zgUx9PKSxk01HanhTs1WoZaHIQ2EKTpl0f6RHNj1dZmDIuepuU3ws499oTPUeUZByiczNqw_Tj0SOI4jgae-2nt_urRKqlYFG6H8sJRaQ0zEZXIX4f8cUh59OxSQPGK3gh4XD6hpzDoe1JNXsTocl9xDmIBBPr-WHlfrsN6XbeEP4GQe05d5A5XZ8maffEeTUYAa0ld3Fn8m--PbvMtZb5rePC4bE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 3830 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Origin
https://sholke.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:52:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72679
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Oct 2022 08:52:50 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame 3830 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1153793.3855423HYBRIDTHEORY/B27157518.326462199;dc_ver=91.268;sz=300x600;u_sd=1;gdpr=0;dc_adk=1670905722;ord=w0bwx0;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FrpNEMso2pT_Qnn5eKJSePwAAAIA9Crc_l1CQg8prrT-alIJuL2m0P1G3ah18aZAeEK-4IsAhG2JIED1jAAAAAArsSwEYKAAA0QMAAAIAAAAWrhwUC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA1B8qmgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521QByrcQimnfoXEJbc8qABGIuylQEgACgAMexRuB6F67E_OglBTVMzOjYwNTZAuC9JuFhRg2kY7D9RAAAAAAAAAABZAAAAAAAAAABhmpmZmZmZqT9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DOTc3I0FNUzM6NjA1Ng%3D%3D%2Fbn%3D96689%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Ffriends.in.ua%2F$0;xdt=1;crlt=H(iDPw(j5I;gcsr=m;stc=1;chaa=1;sttr=284;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:46:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1033
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 04:46:56 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3830 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 21:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 21:11:06 GMT
ba.js
c.evidon.com/geo/ Frame 3830 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/ba.js?r220928
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=600
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3c8dc5ae9e043f688c30fcbb35619ddfb632733747471c803301fb23fc7dc21b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:09 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 17:48:02 GMT
server
AkamaiNetStorage
etag
"cfacff31cd633c239a2372c46a5e79c3:1664387282.692932"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
12428
4.gif
c.evidon.com/a/ Frame 3830 		43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/a/4.gif
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=nemtdqdon&e=1786821995930
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:09 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2010 17:07:29 GMT
server
AkamaiNetStorage
etag
"65786c291a4603aa5150a1884452838d:1271351254"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/gif
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
53
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4C93 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=nemtdqdon&e=1786821995930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
83979
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 05 Oct 2022 05:04:09 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5, 314344
X-Served-By
cache-lga13626-LGA, cache-lcy19224-LCY
X-Timer
S1664946250.862923,VS0,VE0
rd_log
ams3-ib.adnxs.com/ Frame 3830 		0
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLZDvDtWQcAAAMA1gAFAQjIoPSZBhDR7qrrwa-ayB4YkN7ilYK4yI1iKjYJrpNEMso2pT8R0J5-XiiUnj8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeLHzBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFZb0RsYkFpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall3TlRiZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFXb0w1QUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQFAQzRCZ28umgKZASFRQnlyY1E6ZQIsSXV5bFFFZ0FDZ0FNHc0ET2cukQFAWkF1QzlKdUZoUmcya1k3RDkdeQBCHXkMQmhtcCljDHFUOXAJgQEBBEJ4AQYJARBCNEFJazVs8EA4RDgu2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEv8gIRCgZBRFZfSUQSBzM2NzE5NjPyAhIKBkNQRwEUAAhxlxjyAgoKBUNQARQ4ATDyAg0KCEFEVl9GUkVRERAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BWSAHNDI5MDE0MfIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HA0KCFNQTElUAU3wsAEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTM4LjE5Ni4xMDaoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQNOTc3I0FNUzM6NjA1NtoEAggB4AQB8ASW3PKgAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAUMuAAA2AUB4AUB8AUn-gUECAAQAJAGAJgGAKIGDzEwMjY0I0FNUzM6NjA2N7gGAMEGCTQo8D_QBuUC2gYWChAJERkBWBAAGADgBgHyBoIBCPO8MRJ8WHhPQURsZe7YREFBa0NCUUVJbTVqUUJSRHNnTTRCR0syeFlDQUhLQUJBb05TNUFralk5ZlFEVUxndldMTXZjUUmXAQEQZUFDQkFxqlhBQUFpQUVBa0FFQW1nRUNDQUNvQVFDeC4gACyABwGIBwCgBwG6Bw8B20wYACAAMAA4jwlAAMgHsfMF0gcNCRG7AbkI2gcGCSdo4AcA6gcCCADwB-6XS4oIAhAAlQgAAIA_mAgB&s=6eec1dde1847d41fede6a8faabba86b36aa4b7fd&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dnemtdqdon%26e%3D1786821995930,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dnemtdqdon%26e%3D1786821995930&
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=nemtdqdon&e=1786821995930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:09 GMT
AN-X-Request-Uuid
27229da7-d7b2-452a-a925-4d56ae507861
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame B951 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Origin
https://sholke.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:52:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72679
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Oct 2022 08:52:50 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame B951 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1153793.3855423HYBRIDTHEORY/B27157518.326462202;dc_ver=91.268;sz=300x600;u_sd=1;gdpr=0;dc_adk=1250990293;ord=q3qa36;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F4sm_lCe9qT9MKMh974yiPwAAAIA9Crc_l1CQg8prrT-alIJuL2m0P_hKi53_BioOEK-4IsAhG2JIED1jAAAAAArsSwEYKAAA0QMAAAIAAAAZrhwUC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAvSHLcgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521URzHdgimnfoXEJnc8qABGIuylQEgACgAMexRuB6F67E_OglBTVMzOjU5OThAuC9JuFhRg2kY7D9RAAAAAAAAAABZAAAAAAAAAABhmpmZmZmZqT9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DOTc3I0FNUzM6NTk5OA%3D%3D%2Fbn%3D96432%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Ffriends.in.ua%2F$0;xdt=1;crlt=H(iDPw(j5I;gcsr=m;stc=1;chaa=1;sttr=221;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:46:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1033
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 04:46:56 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B951 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 21:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 21:11:06 GMT
4.gif
c.evidon.com/a/ Frame B951 		43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/a/4.gif
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=600
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:09 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2010 17:07:29 GMT
server
AkamaiNetStorage
etag
"65786c291a4603aa5150a1884452838d:1271351254"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/gif
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
53
ba.js
c.evidon.com/geo/ Frame B951 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/ba.js?r220928
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=600
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3c8dc5ae9e043f688c30fcbb35619ddfb632733747471c803301fb23fc7dc21b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:09 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 17:48:02 GMT
server
AkamaiNetStorage
etag
"cfacff31cd633c239a2372c46a5e79c3:1664387282.692932"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
12428
async_usersync.html
acdn.adnxs.com/dmp/ Frame 26A7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=ktlghlouxp&e=1786821995930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
83979
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 05 Oct 2022 05:04:09 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5, 311140
X-Served-By
cache-lga13626-LGA, cache-lcy19229-LCY
X-Timer
S1664946250.879996,VS0,VE0
rd_log
ams3-ib.adnxs.com/ Frame B951 		0
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLZDvDtWQcAAAMA1gAFAQjIoPSZBhD4la3s-d-BlQ4YkN7ilYK4yI1iKjYJ4sm_lCe9qT8RTCjIfe-Moj8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJnc8qABWIuylQFgAGj-4LABeLDxBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeADByJywgMzM3NDIzODk3Nh8A8LCSAuEEIXVJQkRxUWltbmZvWEVKbmM4cUFCR0FBZ2k3S1ZBVEFBT0FCQUFFalJCMUNLMks4S1dBQmdtQVZvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFHb0FRR3dBUUM1QVotUkNiS0Y2N0Vfd1FGY1FjWmdGbW0wUDhrQkFBQUFBQUFBOERfWkFiaFlVWU5wR093XzRBSGQ3SVVDOVFFcFhJODltQUlBb0FJQnRRSUEBMwh2UUkBB9hBd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNWENPZUx1eVFRQWhnQkxRBTvwYXlCMlJsWm1GMWJIUzZBd2xCVFZNek9qVTVPVGpnQTdndmdBU0d1ZmNJaUFUaTdxTUprQVFCbUFRQnNnUUtDTkQwNXdrUThOV2REYm9FR2dpRkJCR2FtWm1abVptcFB4a0FBBWc4QUFBQ0RqbU9VT3dRU2FtESAIOGtFARsJARhEWUJBRHhCCQ0FAWxpQVh1THBBRjg3d3hxUVgyWFJIOGJ5WHdQN0VGBSEFAUBEQkJleFJ1QjZGNjdFX3lRVQUWFEFBRHdQOTIoAAhaQlENG_BDUEFfNEFXbFB2QUYyc095Ql9nRm00X2dBWUlHQTBkQ1VJZ0dBSkFHQVpnR0FLRUc3Rkc0SG9YcnNULW9CZ1N5QmlRSkENSwxBQUFSAQUNAQBaDQgBAQBoAQUJAUBDNEJnby6aApkBIVVSekhkZzplAixJdXlsUUVnQUNnQU0dzQxPZ2xCOZFAaEF1QzlKdUZoUmcya1k3RDkdeQBCHXkQQmhtcG0lYwxxVDlwCYEBAQRCeAEGCQEQQjRBSWs1bPBAOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL_ICEQoGQURWX0lEEgczNjcxOTYz8gISCgZDUEcBFAAIcZcY8gIKCgVDUAEUOAEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAVkgBzQyOTAxNDHyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwNCghTUExJVAFN8LABMIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTA2qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDTk3NyNBTVMzOjU5OTjaBAIIAeAEAfAEmdzyoAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAFDLgAANgFAeAFAfAFJ_oFBAgAEACQBgCYBgCiBg8xMDI2NCNBTVMzOjYwMDS4BgDBBgk0KPA_0AblAtoGFgoQCREZAVgQABgA4AYB8gaCAQjzvDESfG54TkJHbGXu2ERBQWtDQlFFSW01alFCUkRzZ000QkdLMnhZQ0FIS0FCQW9OUzVBa2pZOWZRRFVMZ3ZXUFF1Y1FJlwEBEGVBQ0JBcapYQUFBaUFFQWtBRUFtZ0VDQ0FDb0FRQ3guIAAsgAcBiAcAoAcBugcPAdtMGAAgADAAOI8JQADIB7DxBdIHDQkRuwG5CNoHBgknaOAHAOoHAggA8Aful0uKCAIQAJUIAACAP5gIAQ..&s=dea798a6ebc42ac7b80517d0623bb431cb1d5ad4&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dktlghlouxp%26e%3D1786821995930,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dktlghlouxp%26e%3D1786821995930&
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=ktlghlouxp&e=1786821995930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:09 GMT
AN-X-Request-Uuid
0fb69019-7fbb-41b6-9198-49621b0793c0
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 0776 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Origin
https://sholke.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:52:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72679
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Oct 2022 08:52:50 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame 0776 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1153793.3855423HYBRIDTHEORY/B27157518.326462199;dc_ver=91.268;dc_eid=40004000;sz=300x600;u_sd=1;gdpr=0;dc_adk=2973613050;ord=bv6d83;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FrpNEMso2pT_Qnn5eKJSePwAAAIA9Crc_l1CQg8prrT-alIJuL2m0P-Wqu5T6x6dFEK-4IsAhG2JIED1jAAAAAArsSwEYKAAA0QMAAAIAAAAWrhwUC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPSLuZgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521PRzWcAimnfoXEJbc8qABGIuylQEgACgAMexRuB6F67E_OglBTVMzOjYwMjZAuC9JuFhRg2kY7D9RAAAAAAAAAABZAAAAAAAAAABhmpmZmZmZqT9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DOTc3I0FNUzM6NjAyNg%3D%3D%2Fbn%3D96538%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Ffriends.in.ua%2F$0;xdt=1;crlt=H(iDPw(j5I;gcsr=m;stc=1;chaa=1;sttr=205;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:46:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1033
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 04:46:56 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0776 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 21:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 21:11:06 GMT
4.gif
c.evidon.com/a/ Frame 0776 		43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/a/4.gif
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=600
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:09 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2010 17:07:29 GMT
server
AkamaiNetStorage
etag
"65786c291a4603aa5150a1884452838d:1271351254"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/gif
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
53
ba.js
c.evidon.com/geo/ Frame 0776 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/ba.js?r220928
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=600
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3c8dc5ae9e043f688c30fcbb35619ddfb632733747471c803301fb23fc7dc21b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:09 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 17:48:02 GMT
server
AkamaiNetStorage
etag
"cfacff31cd633c239a2372c46a5e79c3:1664387282.692932"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
12428
async_usersync.html
acdn.adnxs.com/dmp/ Frame 486F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=cgjxxle&e=1786821995930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
83979
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 05 Oct 2022 05:04:09 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5, 314345
X-Served-By
cache-lga13626-LGA, cache-lcy19224-LCY
X-Timer
S1664946250.897714,VS0,VE0
rd_log
ams3-ib.adnxs.com/ Frame 0776 		0
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLZDvDtWQcAAAMA1gAFAQjIoPSZBhDl1e6lqf_x00UYkN7ilYK4yI1iKjYJrpNEMso2pT8R0J5-XiiUnj8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeJryBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFRb0FtV1FpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUJnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall3TWpiZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFXS0w1QUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQFAQzRCZ28umgKZASFQUnpXY0E6ZQIsSXV5bFFFZ0FDZ0FNHc0ET2cukQFAWkF1QzlKdUZoUmcya1k3RDkdeQBCHXkMQmhtcCljDHFUOXAJgQEBBEJ4AQYJARBCNEFJazVs8EA4RDgu2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEv8gIRCgZBRFZfSUQSBzM2NzE5NjPyAhIKBkNQRwEUAAhxlxjyAgoKBUNQARQ4ATDyAg0KCEFEVl9GUkVRERAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BWSAHNDI5MDE0MfIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HA0KCFNQTElUAU3wsAEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTM4LjE5Ni4xMDaoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQNOTc3I0FNUzM6NjAyNtoEAggB4AQB8ASW3PKgAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAUMuAAA2AUB4AUB8AUn-gUECAAQAJAGAJgGAKIGDzEwMjY0I0FNUzM6NjA4MLgGAMEGCTQo8D_QBuUC2gYWChAJERkBWBAAGADgBgHyBoIBCPO8MRJ8YkJQakVGZe7YREFBa0NCUUVJbTVqUUJSRHNnTTRCR0syeFlDQUhLQUJBb05TNUFralk5ZlFEVUxndldNQXZjUUmXAQEQZUFDQkFxqlhBQUFpQUVBa0FFQW1nRUNDQUNvQVFDeC4gACyABwGIBwCgBwG6Bw8B20wYACAAMAA4jwlAAMgHmvIF0gcNCRG7AbkI2gcGCSdo4AcA6gcCCADwB-6XS4oIAhAAlQgAAIA_mAgB&s=efa1842d6bb7d76196646dd35c204777b4febdd0&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dcgjxxle%26e%3D1786821995930,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dcgjxxle%26e%3D1786821995930&
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=cgjxxle&e=1786821995930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:09 GMT
AN-X-Request-Uuid
5f5bedef-9f83-4cc4-9be6-1e4b5f37da59
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame F1F1 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Origin
https://sholke.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:52:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72679
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Oct 2022 08:52:50 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame F1F1 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1153793.3855423HYBRIDTHEORY/B27157518.326462199;dc_ver=91.268;sz=300x600;u_sd=1;gdpr=0;dc_adk=2677554848;ord=rnyjai;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FWUNn1mXBrD-OYyOygbmkPwAAAIA9Crc_l1CQg8prrT-alIJuL2m0P1YdMBFohQMFEK-4IsAhG2JIED1jAAAAAArsSwEYKAAA0QMAAAIAAAAWrhwUC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAqh6KPwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521OBx6bwimnfoXEJbc8qABGIuylQEgACgAMexRuB6F67E_OglBTVMzOjYxMjBAuC9JuFhRg2kY7D9RAAAAAAAAAABZAAAAAAAAAABhmpmZmZmZqT9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DOTc3I0FNUzM6NjEyMA%3D%3D%2Fbn%3D97026%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Ffriends.in.ua%2F$0;xdt=1;crlt=H(iDPw(j5I;gcsr=m;stc=1;chaa=1;sttr=331;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:46:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1033
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 04:46:56 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F1F1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 21:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 21:11:06 GMT
4.gif
c.evidon.com/a/ Frame F1F1 		43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/a/4.gif
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=600
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:09 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2010 17:07:29 GMT
server
AkamaiNetStorage
etag
"65786c291a4603aa5150a1884452838d:1271351254"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/gif
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
53
ba.js
c.evidon.com/geo/ Frame F1F1 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/ba.js?r220928
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=600
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3c8dc5ae9e043f688c30fcbb35619ddfb632733747471c803301fb23fc7dc21b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:09 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 17:48:02 GMT
server
AkamaiNetStorage
etag
"cfacff31cd633c239a2372c46a5e79c3:1664387282.692932"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
12428
async_usersync.html
acdn.adnxs.com/dmp/ Frame 63A3 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=oyfdjywa&e=1786821995930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
83979
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 05 Oct 2022 05:04:09 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5, 313561
X-Served-By
cache-lga13626-LGA, cache-lcy19247-LCY
X-Timer
S1664946250.904982,VS0,VE0
rd_log
ams3-ib.adnxs.com/ Frame F1F1 		0
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLZDvDtWQcAAAMA1gAFAQjIoPSZBhDWusCJga3hgQUYkN7ilYK4yI1iKjYJWUNn1mXBrD8RjmMjsoG5pD8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeIL2BYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFtb0E4aXdpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall4TWpEZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFYb0w1QUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQE8QzRCZ28umgKZASFPQng2Yj5lAixJdXlsUUVnQUNnQU0dzQRPZy6RAUBCQXVDOUp1RmhSZzJrWTdEOR15AEIdeQxCaG1wKWMMcVQ5cAmBAQEEQngBBgkBEEI0QUlrNWzwQDhEOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS_yAhEKBkFEVl9JRBIHMzY3MTk2M_ICEgoGQ1BHARQACHGXGPICCgoFQ1ABFDgBMPICDQoIQURWX0ZSRVEREBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8IQ1BHFQ8QCwoHQ1AVDhAQCgVJTwFZIAc0MjkwMTQx8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfCwATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk2LjEwNqgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA05NzcjQU1TMzo2MTIw2gQCCAHgBAHwBJbc8qABiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkABQy4AADYBQHgBQHwBSf6BQQIABAAkAYAmAYAogYPMTAyNjQjQU1TMzo2MTI2uAYAwQYJNCjwP9AG5QLaBhYKEAkRGQFYEAAYAOAGAfIGggEI87wxEnxtaE5WR1Zl7thEQUFrQ0JRRUltNWpRQlJEc2dNNEJHSzJ4WUNBSEtBQkFvTlM1QWtqWTlmUURVTGd2V080dmNRSZcBARBlQUNCQXGqWEFBQWlBRUFrQUVBbWdFQ0NBQ29BUUN4LiAALIAHAYgHAKAHAboHDwHbTBgAIAAwADiPCUAAyAeC9gXSBw0JEbsBuQjaBwYJJ2jgBwDqBwIIAPAH7pdLiggCEACVCAAAgD-YCAE.&s=41d6fc7e9051fad58ca6fbb4876a17fc55a67ddc&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Doyfdjywa%26e%3D1786821995930,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Doyfdjywa%26e%3D1786821995930&
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=oyfdjywa&e=1786821995930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:09 GMT
AN-X-Request-Uuid
89144e43-b260-458f-93d4-c3c4f99b3ea0
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame F062 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Origin
https://sholke.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:52:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72679
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Oct 2022 08:52:50 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame F062 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1153793.3855423HYBRIDTHEORY/B27157518.326462199;dc_ver=91.268;dc_eid=40004001;sz=300x600;u_sd=1;gdpr=0;dc_adk=2928284355;ord=txb1ve;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FWUNn1mXBrD-OYyOygbmkPwAAAIA9Crc_l1CQg8prrT-alIJuL2m0P4aes5E3A1o4EK-4IsAhG2JIED1jAAAAAArsSwEYKAAA0QMAAAIAAAAWrhwUC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgANSAqxAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521PByUcAimnfoXEJbc8qABGIuylQEgACgAMexRuB6F67E_OglBTVMzOjYwNjFAuC9JuFhRg2kY7D9RAAAAAAAAAABZAAAAAAAAAABhmpmZmZmZqT9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DOTc3I0FNUzM6NjA2MQ%3D%3D%2Fbn%3D96695%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Ffriends.in.ua%2F$0;xdt=1;crlt=H(iDPw(j5I;gcsr=m;stc=1;chaa=1;sttr=277;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:46:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1033
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 04:46:56 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F062 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 21:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 21:11:06 GMT
4.gif
c.evidon.com/a/ Frame F062 		43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/a/4.gif
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=600
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:09 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2010 17:07:29 GMT
server
AkamaiNetStorage
etag
"65786c291a4603aa5150a1884452838d:1271351254"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/gif
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
53
ba.js
c.evidon.com/geo/ Frame F062 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/ba.js?r220928
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=600
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3c8dc5ae9e043f688c30fcbb35619ddfb632733747471c803301fb23fc7dc21b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:09 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 17:48:02 GMT
server
AkamaiNetStorage
etag
"cfacff31cd633c239a2372c46a5e79c3:1664387282.692932"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
12428
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8467 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=ihgvalvhu&e=1786821995930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
83979
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 05 Oct 2022 05:04:09 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5, 311141
X-Served-By
cache-lga13626-LGA, cache-lcy19229-LCY
X-Timer
S1664946250.930142,VS0,VE0
rd_log
ams3-ib.adnxs.com/ Frame F062 		0
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLZDvDtWQcAAAMA1gAFAQjIoPSZBhCGvc6N-eaArTgYkN7ilYK4yI1iKjYJWUNn1mXBrD8RjmMjsoG5pD8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeLfzBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFZNER2YXdpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall3TmpIZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFXdEw1QUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQFAQzRCZ28umgKZASFQQnlVY0E6ZQIsSXV5bFFFZ0FDZ0FNHc0ET2cukQFARkF1QzlKdUZoUmcya1k3RDkdeQBCHXkMQmhtcCljDHFUOXAJgQEBBEJ4AQYJARBCNEFJazVs8EA4RDgu2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEv8gIRCgZBRFZfSUQSBzM2NzE5NjPyAhIKBkNQRwEUAAhxlxjyAgoKBUNQARQ4ATDyAg0KCEFEVl9GUkVRERAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BWSAHNDI5MDE0MfIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HA0KCFNQTElUAU3wsAEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTM4LjE5Ni4xMDaoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQNOTc3I0FNUzM6NjA2MdoEAggB4AQB8ASW3PKgAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAUMuAAA2AUB4AUB8AUn-gUECAAQAJAGAJgGAKIGDzEwMjY0I0FNUzM6NjAwMrgGAMEGCTQo8D_QBuUC2gYWChAJERkBWBAAGADgBgHyBoIBCPO8MRJ8blJQakdWZe7YREFBa0NCUUVJbTVqUUJSRHNnTTRCR0syeFlDQUhLQUJBb05TNUFralk5ZlFEVUxndldQSXVjUUmXAQEQZUFDQkFxqlhBQUFpQUVBa0FFQW1nRUNDQUNvQVFDeC4gACyABwGIBwCgBwG6Bw8B20wYACAAMAA4jwlAAMgHt_MF0gcNCRG7AbkI2gcGCSdo4AcA6gcCCADwB-6XS4oIAhAAlQgAAIA_mAgB&s=bbeb44eb5c2f2bfe3467780badcafc27fcc10237&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dihgvalvhu%26e%3D1786821995930,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dihgvalvhu%26e%3D1786821995930&
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=ihgvalvhu&e=1786821995930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:09 GMT
AN-X-Request-Uuid
a9db8d9e-f49c-4784-a8b9-47fab1aa8a1f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 7395 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Origin
https://sholke.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:52:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72680
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Oct 2022 08:52:50 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame 7395 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1153793.3855423HYBRIDTHEORY/B27157518.326462199;dc_ver=91.268;sz=300x600;u_sd=1;gdpr=0;dc_adk=1203382775;ord=ks5lpo;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FrpNEMso2pT_Qnn5eKJSePwAAAIA9Crc_l1CQg8prrT-alIJuL2m0P27bdZRR4yFWEK-4IsAhG2JIED1jAAAAAArsSwEYKAAA0QMAAAIAAAAWrhwUC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAryAv4wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ORy8bwimnfoXEJbc8qABGIuylQEgACgAMexRuB6F67E_OglBTVMzOjYwMDRAuC9JuFhRg2kY7D9RAAAAAAAAAABZAAAAAAAAAABhmpmZmZmZqT9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DOTc3I0FNUzM6NjAwNA%3D%3D%2Fbn%3D96365%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Ffriends.in.ua%2F$0;xdt=1;crlt=H(iDPw(j5I;gcsr=m;stc=1;chaa=1;sttr=241;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:46:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1033
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 04:46:56 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7395 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 21:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 21:11:06 GMT
4.gif
c.evidon.com/a/ Frame 7395 		43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/a/4.gif
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=600
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:09 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2010 17:07:29 GMT
server
AkamaiNetStorage
etag
"65786c291a4603aa5150a1884452838d:1271351254"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/gif
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
53
ba.js
c.evidon.com/geo/ Frame 7395 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/ba.js?r220928
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=600
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3c8dc5ae9e043f688c30fcbb35619ddfb632733747471c803301fb23fc7dc21b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:09 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 17:48:02 GMT
server
AkamaiNetStorage
etag
"cfacff31cd633c239a2372c46a5e79c3:1664387282.692932"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
12428
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7CF1 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=snhgrrt&e=1786821995930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
83979
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 05 Oct 2022 05:04:09 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5, 313562
X-Served-By
cache-lga13626-LGA, cache-lcy19247-LCY
X-Timer
S1664946250.964786,VS0,VE0
rd_log
ams3-ib.adnxs.com/ Frame 7395 		0
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLZDvDtWQcAAAMA1gAFAQjIoPSZBhDuttejmer4kFYYkN7ilYK4yI1iKjYJrpNEMso2pT8R0J5-XiiUnj8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeO3wBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFwb0RKa2dpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall3TURUZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFYMExwQUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQFAQzRCZ28umgKZASFPUnk4Ync6ZQIsSXV5bFFFZ0FDZ0FNHc0ET2cukQFAUkF1QzlKdUZoUmcya1k3RDkdeQBCHXkMQmhtcCljDHFUOXAJgQEBBEJ4AQYJARBCNEFJazVs8EA4RDgu2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEv8gIRCgZBRFZfSUQSBzM2NzE5NjPyAhIKBkNQRwEUAAhxlxjyAgoKBUNQARQ4ATDyAg0KCEFEVl9GUkVRERAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BWSAHNDI5MDE0MfIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HA0KCFNQTElUAU3wsAEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTM4LjE5Ni4xMDaoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQNOTc3I0FNUzM6NjAwNNoEAggB4AQB8ASW3PKgAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAUMuAAA2AUB4AUB8AUn-gUECAAQAJAGAJgGAKIGDzEwMjY0I0FNUzM6NjExObgGAMEGCTQo8D_QBuUC2gYWChAJERkBWBAAGADgBgHyBoIBCPO8MRJ8a3hNTUdGZe7YREFBa0NCUUVJbTVqUUJSRHNnTTRCR0syeFlDQUhLQUJBb05TNUFralk5ZlFEVUxndldPY3ZjUUmXAQEQZUFDQkFxqlhBQUFpQUVBa0FFQW1nRUNDQUNvQVFDeC4gACyABwGIBwCgBwG6Bw8B20wYACAAMAA4jwlAAMgH7fAF0gcNCRG7AbkI2gcGCSdo4AcA6gcCCADwB-6XS4oIAhAAlQgAAIA_mAgB&s=946336ac377517344344c866eb6ffb18af39f1ae&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dsnhgrrt%26e%3D1786821995930,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dsnhgrrt%26e%3D1786821995930&
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=snhgrrt&e=1786821995930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:09 GMT
AN-X-Request-Uuid
c1b8fbaf-4ab1-4dca-83c5-b0d0146609a5
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 85FA 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Origin
https://sholke.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:52:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72680
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Oct 2022 08:52:50 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame 85FA 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1153793.3855423HYBRIDTHEORY/B27157518.326462199;dc_ver=91.268;sz=300x600;u_sd=1;gdpr=0;dc_adk=453182781;ord=zhj2ux;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3Fa1AYU-m4pj8K7WxJXWCgPwAAAIA9Crc_l1CQg8prrT-alIJuL2m0PxfXDrqgtVlsEK-4IsAhG2JIED1jAAAAAArsSwEYKAAA0QMAAAIAAAAWrhwUC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA-B8TjwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521NhzsbgimnfoXEJbc8qABGIuylQEgACgAMexRuB6F67E_OglBTVMzOjYxMDBAuC9JuFhRg2kY7D9RAAAAAAAAAABZAAAAAAAAAABhmpmZmZmZqT9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DOTc3I0FNUzM6NjEwMA%3D%3D%2Fbn%3D96903%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Ffriends.in.ua%2F$0;xdt=1;crlt=H(iDPw(j5I;gcsr=m;stc=1;chaa=1;sttr=220;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:46:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1033
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 04:46:56 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 85FA 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 21:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 21:11:06 GMT
4.gif
c.evidon.com/a/ Frame 85FA 		43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/a/4.gif
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=600
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:09 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2010 17:07:29 GMT
server
AkamaiNetStorage
etag
"65786c291a4603aa5150a1884452838d:1271351254"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/gif
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
53
ba.js
c.evidon.com/geo/ Frame 85FA 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/ba.js?r220928
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=600
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3c8dc5ae9e043f688c30fcbb35619ddfb632733747471c803301fb23fc7dc21b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:09 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 17:48:02 GMT
server
AkamaiNetStorage
etag
"cfacff31cd633c239a2372c46a5e79c3:1664387282.692932"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
12428
async_usersync.html
acdn.adnxs.com/dmp/ Frame 446D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=deriin&e=1786821995930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
83979
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 05 Oct 2022 05:04:09 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5, 311142
X-Served-By
cache-lga13626-LGA, cache-lcy19229-LCY
X-Timer
S1664946250.977801,VS0,VE0
rd_log
ams3-ib.adnxs.com/ Frame 85FA 		0
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLZDvDtWQcAAAMA1gAFAQjIoPSZBhCXrrvQi7TtrGwYkN7ilYK4yI1iKjYJa1AYU-m4pj8RCu1sSV1goD8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeIf1BYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFoWUIxZmdpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUJnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall4TUREZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFYVUw1QUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQE8QzRCZ28umgKZASFOaHpzYj5lAixJdXlsUUVnQUNnQU0dzQRPZy6RAUBCQXVDOUp1RmhSZzJrWTdEOR15AEIdeQxCaG1wKWMMcVQ5cAmBAQEEQngBBgkBEEI0QUlrNWzwQDhEOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS_yAhEKBkFEVl9JRBIHMzY3MTk2M_ICEgoGQ1BHARQACHGXGPICCgoFQ1ABFDgBMPICDQoIQURWX0ZSRVEREBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8IQ1BHFQ8QCwoHQ1AVDhAQCgVJTwFZIAc0MjkwMTQx8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfCwATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk2LjEwNqgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA05NzcjQU1TMzo2MTAw2gQCCAHgBAHwBJbc8qABiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkABQy4AADYBQHgBQHwBSf6BQQIABAAkAYAmAYAogYPMTAyNjQjQU1TMzo1OTk1uAYAwQYJNCjwP9AG5QLaBhYKEAkRGQFYEAAYAOAGAfIGggEI87wxEnxsaE9hR0Zl7thEQUFrQ0JRRUltNWpRQlJEc2dNNEJHSzJ4WUNBSEtBQkFvTlM1QWtqWTlmUURVTGd2V09zdWNRSZcBARBlQUNCQXGqWEFBQWlBRUFrQUVBbWdFQ0NBQ29BUUN4LiAALIAHAYgHAKAHAboHDwHbTBgAIAAwADiPCUAAyAeH9QXSBw0JEbsBuQjaBwYJJ2jgBwDqBwIIAPAH7pdLiggCEACVCAAAgD-YCAE.&s=724f8243ecb82518bd633ec3fc20e99a03288c2f&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dderiin%26e%3D1786821995930,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dderiin%26e%3D1786821995930&
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=deriin&e=1786821995930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:10 GMT
AN-X-Request-Uuid
bfda60f9-1281-497e-bfcb-4e422f6ae4f9
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame 3830 		0
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLSDPDtUgYAAAMA1gAFAQjIoPSZBhDR7qrrwa-ayB4YkN7ilYK4yI1iKjYJrpNEMso2pT8R0J5-XiiUnj8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeLHzBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFZb0RsYkFpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall3TlRiZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFXb0w1QUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQFAQzRCZ28umgKZASFRQnlyY1E6ZQIsSXV5bFFFZ0FDZ0FNHc0ET2cukQFAWkF1QzlKdUZoUmcya1k3RDkdeQBCHXkMQmhtcCljDHFUOXAJgQEBBEJ4AQYJARBCNEFJazVs9IEBOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTA2qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDTk3NyNBTVMzOjYwNTbaBAIIAeAEAfAEltzyoAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUn-gUECAAQAJAGAJgGAKIGDzEwMjY0I0FNUzM6NjA2N7gGAMEGAAAAAAAA8D_QBuUC2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGggEI87wxEnxYeE9BRGxrQUFBQURBQWtDQlFFSW01alFCUkRzZ000QkdLMnhZQ0FIS0FCQW9OUzVBa2pZOWZRRFVMZ3ZXTE12Y1FBQUFBQUEhlhBlQUNCQVGjWEFBQWlBRUFrQUVBbWdFQ0NBQ29BUUN4LiAAkIAHAYgHAKAHAboHDwgAEAAYACAAMAA4jwlAAMgHsfMF0gcNCQANugEeCNoHBgknaOAHAOoHAggA8Aful0uKCAIQAJUIAACAP5gIAQ..&s=a0ddabc4c41de53e16ecf47a2a622f01f810db1e&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=8115962871238671285&vd=ct~0|rr~0&sv=228&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/228/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:10 GMT
AN-X-Request-Uuid
78f2df83-a9e2-45e4-991f-7eb7d1135bff
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 40AE 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Origin
https://sholke.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:52:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72680
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Oct 2022 08:52:50 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame 40AE 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp.js
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:46:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1034
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 04:46:56 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 40AE 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 21:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114784
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 21:11:06 GMT
4.gif
c.evidon.com/a/ Frame 40AE 		43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/a/4.gif
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=1267;nid=153615;ad_w=300;ad_h=600
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:10 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2010 17:07:29 GMT
server
AkamaiNetStorage
etag
"65786c291a4603aa5150a1884452838d:1271351254"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/gif
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
53
ba.js
c.evidon.com/geo/ Frame 40AE 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/ba.js?r220928
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3c8dc5ae9e043f688c30fcbb35619ddfb632733747471c803301fb23fc7dc21b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:10 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 17:48:02 GMT
server
AkamaiNetStorage
etag
"cfacff31cd633c239a2372c46a5e79c3:1664387282.692932"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
12428
async_usersync.html
acdn.adnxs.com/dmp/ Frame 840A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=jbsaxzrm&e=1786821995930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
83979
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 05 Oct 2022 05:04:10 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5, 311143
X-Served-By
cache-lga13626-LGA, cache-lcy19229-LCY
X-Timer
S1664946250.062483,VS0,VE0
rd_log
ams3-ib.adnxs.com/ Frame 40AE 		0
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLZDvDtWQcAAAMA1gAFAQjIoPSZBhDbx4W3rsCZ42UYkN7ilYK4yI1iKjYJa1AYU-m4pj8RCu1sSV1goD8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeM_0BYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFmNENoZmdpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall3T0RUZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFYRUw1QUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQFAQzRCZ28umgKZASFRUnowY1E6ZQIsSXV5bFFFZ0FDZ0FNHc0ET2cukQFAUkF1QzlKdUZoUmcya1k3RDkdeQBCHXkMQmhtcCljDHFUOXAJgQEBBEJ4AQYJARBCNEFJazVs8EA4RDgu2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEv8gIRCgZBRFZfSUQSBzM2NzE5NjPyAhIKBkNQRwEUAAhxlxjyAgoKBUNQARQ4ATDyAg0KCEFEVl9GUkVRERAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BWSAHNDI5MDE0MfIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HA0KCFNQTElUAU3wsAEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTM4LjE5Ni4xMDaoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQNOTc3I0FNUzM6NjA4NNoEAggB4AQB8ASW3PKgAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAUMuAAA2AUB4AUB8AUn-gUECAAQAJAGAJgGAKIGDzEwMjY0I0FNUzM6NTkwNLgGAMEGCTQo8D_QBuUC2gYWChAJERkBWBAAGADgBgHyBoIBCPO8MRJ8T3hQbEIxZe7YREFBa0NCUUVJbTVqUUJSRHNnTTRCR0syeFlDQUhLQUJBb05TNUFralk5ZlFEVUxndldKQXVjUUmXAQEQZUFDQkFxqlhBQUFpQUVBa0FFQW1nRUNDQUNvQVFDeC4gACyABwGIBwCgBwG6Bw8B20wYACAAMAA4jwlAAMgHz_QF0gcNCRG7AbkI2gcGCSdo4AcA6gcCCADwB-6XS4oIAhAAlQgAAIA_mAgB&s=9ecd87f435f86c5f9a26f04a337c888363fe5360&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Djbsaxzrm%26e%3D1786821995930,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Djbsaxzrm%26e%3D1786821995930&
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:10 GMT
AN-X-Request-Uuid
da208625-348e-4d0b-815f-b08271bbf9a5
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4C93 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:10 GMT
AN-X-Request-Uuid
153ddd0d-0eeb-4752-8a9b-ce59e663f27f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame B951 		0
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLSDPDtUgYAAAMA1gAFAQjIoPSZBhD4la3s-d-BlQ4YkN7ilYK4yI1iKjYJ4sm_lCe9qT8RTCjIfe-Moj8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJnc8qABWIuylQFgAGj-4LABeLDxBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeADByJywgMzM3NDIzODk3Nh8A8LCSAuEEIXVJQkRxUWltbmZvWEVKbmM4cUFCR0FBZ2k3S1ZBVEFBT0FCQUFFalJCMUNLMks4S1dBQmdtQVZvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFHb0FRR3dBUUM1QVotUkNiS0Y2N0Vfd1FGY1FjWmdGbW0wUDhrQkFBQUFBQUFBOERfWkFiaFlVWU5wR093XzRBSGQ3SVVDOVFFcFhJODltQUlBb0FJQnRRSUEBMwh2UUkBB9hBd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNWENPZUx1eVFRQWhnQkxRBTvwYXlCMlJsWm1GMWJIUzZBd2xCVFZNek9qVTVPVGpnQTdndmdBU0d1ZmNJaUFUaTdxTUprQVFCbUFRQnNnUUtDTkQwNXdrUThOV2REYm9FR2dpRkJCR2FtWm1abVptcFB4a0FBBWc4QUFBQ0RqbU9VT3dRU2FtESAIOGtFARsJARhEWUJBRHhCCQ0FAWxpQVh1THBBRjg3d3hxUVgyWFJIOGJ5WHdQN0VGBSEFAUBEQkJleFJ1QjZGNjdFX3lRVQUWFEFBRHdQOTIoAAhaQlENG_BDUEFfNEFXbFB2QUYyc095Ql9nRm00X2dBWUlHQTBkQ1VJZ0dBSkFHQVpnR0FLRUc3Rkc0SG9YcnNULW9CZ1N5QmlRSkENSwxBQUFSAQUNAQBaDQgBAQBoAQUJAUBDNEJnby6aApkBIVVSekhkZzplAixJdXlsUUVnQUNnQU0dzQxPZ2xCOZFAaEF1QzlKdUZoUmcya1k3RDkdeQBCHXkQQmhtcG0lYwxxVDlwCYEBAQRCeAEGCQEQQjRBSWs1bPSBAThEOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk2LjEwNqgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA05NzcjQU1TMzo1OTk42gQCCAHgBAHwBJnc8qABiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFJ_oFBAgAEACQBgCYBgCiBg8xMDI2NCNBTVMzOjYwMDS4BgDBBgAAAAAAAPA_0AblAtoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBoIBCPO8MRJ8bnhOQkdsa0FBQUFEQUFrQ0JRRUltNWpRQlJEc2dNNEJHSzJ4WUNBSEtBQkFvTlM1QWtqWTlmUURVTGd2V1BRdWNRQUFBQUFBIZYQZUFDQkFRo1hBQUFpQUVBa0FFQW1nRUNDQUNvQVFDeC4gAJCABwGIBwCgBwG6Bw8IABAAGAAgADAAOI8JQADIB7DxBdIHDQkADboBHgjaBwYJJ2jgBwDqBwIIAPAH7pdLiggCEACVCAAAgD-YCAE.&s=8248f1129ab1bce89437dfcdb2f22b949626258e&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=8115962871238671285&vd=ct~0|rr~0&sv=228&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/228/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:10 GMT
AN-X-Request-Uuid
cf5640a6-5029-4e36-ba62-eb3de2da7558
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 26A7 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:10 GMT
AN-X-Request-Uuid
b65bbd4c-680b-45e6-b1c9-72d6669d0eb5
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
153615.js
c.evidon.com/a/n/1267/ Frame 3830 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/a/n/1267/153615.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
94e8b99f224b394ce1a5031b2f1742c551f635eed13a813716a475d8275f46c5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:10 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 14:46:33 GMT
server
AkamaiNetStorage
etag
"6824cb2ff4568d14eda7aff13744195c:1602168393.36391"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=600
accept-ranges
bytes
access-control-allow-headers
*
content-length
867
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0105 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
98197
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 01:47:33 GMT
expires
Wed, 04 Oct 2023 01:47:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame 486F 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:10 GMT
AN-X-Request-Uuid
13393340-075c-4a35-b7f0-aec39d42b781
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8CB8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
98197
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 01:47:33 GMT
expires
Wed, 04 Oct 2023 01:47:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame 63A3 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:10 GMT
AN-X-Request-Uuid
6458664e-b8f1-4d28-a194-2610f9a03372
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame F1F1 		0
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLSDPDtUgYAAAMA1gAFAQjIoPSZBhDWusCJga3hgQUYkN7ilYK4yI1iKjYJWUNn1mXBrD8RjmMjsoG5pD8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeIL2BYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFtb0E4aXdpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall4TWpEZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFYb0w1QUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQE8QzRCZ28umgKZASFPQng2Yj5lAixJdXlsUUVnQUNnQU0dzQRPZy6RAUBCQXVDOUp1RmhSZzJrWTdEOR15AEIdeQxCaG1wKWMMcVQ5cAmBAQEEQngBBgkBEEI0QUlrNWz0gQE4RDgu2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTM4LjE5Ni4xMDaoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQNOTc3I0FNUzM6NjEyMNoEAggB4AQB8ASW3PKgAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBSf6BQQIABAAkAYAmAYAogYPMTAyNjQjQU1TMzo2MTI2uAYAwQYAAAAAAADwP9AG5QLaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gaCAQjzvDESfG1oTlZHVmtBQUFBREFBa0NCUUVJbTVqUUJSRHNnTTRCR0syeFlDQUhLQUJBb05TNUFralk5ZlFEVUxndldPNHZjUUFBQUFBQSGWEGVBQ0JBUaNYQUFBaUFFQWtBRUFtZ0VDQ0FDb0FRQ3guIACQgAcBiAcAoAcBugcPCAAQABgAIAAwADiPCUAAyAeC9gXSBw0JAA26AR4I2gcGCSdo4AcA6gcCCADwB-6XS4oIAhAAlQgAAIA_mAgB&s=5e24dd44e9a9d99c63d47dcab3eedad5954ed6fc&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=8115962871238671285&vd=ct~0|rr~0&sv=228&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/228/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:10 GMT
AN-X-Request-Uuid
b4d70cf5-05c6-4d08-91c5-b79b2b0d62c6
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
153615.js
c.evidon.com/a/n/1267/ Frame B951 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/a/n/1267/153615.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
94e8b99f224b394ce1a5031b2f1742c551f635eed13a813716a475d8275f46c5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:10 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 14:46:33 GMT
server
AkamaiNetStorage
etag
"6824cb2ff4568d14eda7aff13744195c:1602168393.36391"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=600
accept-ranges
bytes
access-control-allow-headers
*
content-length
867
vevent
ams3-ib.adnxs.com/ Frame 0776 		0
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLSDPDtUgYAAAMA1gAFAQjIoPSZBhDl1e6lqf_x00UYkN7ilYK4yI1iKjYJrpNEMso2pT8R0J5-XiiUnj8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeJryBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFRb0FtV1FpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUJnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall3TWpiZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFXS0w1QUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQFAQzRCZ28umgKZASFQUnpXY0E6ZQIsSXV5bFFFZ0FDZ0FNHc0ET2cukQFAWkF1QzlKdUZoUmcya1k3RDkdeQBCHXkMQmhtcCljDHFUOXAJgQEBBEJ4AQYJARBCNEFJazVs9IEBOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTA2qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDTk3NyNBTVMzOjYwMjbaBAIIAeAEAfAEltzyoAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUn-gUECAAQAJAGAJgGAKIGDzEwMjY0I0FNUzM6NjA4MLgGAMEGAAAAAAAA8D_QBuUC2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGggEI87wxEnxiQlBqRUZrQUFBQURBQWtDQlFFSW01alFCUkRzZ000QkdLMnhZQ0FIS0FCQW9OUzVBa2pZOWZRRFVMZ3ZXTUF2Y1FBQUFBQUEhlhBlQUNCQVGjWEFBQWlBRUFrQUVBbWdFQ0NBQ29BUUN4LiAAkIAHAYgHAKAHAboHDwgAEAAYACAAMAA4jwlAAMgHmvIF0gcNCQANugEeCNoHBgknaOAHAOoHAggA8Aful0uKCAIQAJUIAACAP5gIAQ..&s=8447fd1294ab3469a6583a33167ab03f65e9b992&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=8115962871238671285&vd=ct~0|rr~0&sv=228&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/228/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:10 GMT
AN-X-Request-Uuid
2200e215-c676-4e9d-959e-d25bbc28c336
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8467 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:10 GMT
AN-X-Request-Uuid
869fb923-cf37-4771-a82e-c794c8cf97c8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7CF1 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:10 GMT
AN-X-Request-Uuid
60f30ab2-bb89-4156-ab8d-6b51f980babf
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 446D 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:10 GMT
AN-X-Request-Uuid
9a956c8a-be2e-4f67-bc1e-ec9f6a32553b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ic5.php
data00.adlooxtracking.com/ads/ Frame 3830 		1 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D12%26scriptname%3Dadl_68%26tagid%3D1233%26typejs%3Dtvaf%26fwtype%3D2%26creatype%3D2%26targetelt%3D%26custom2area%3D0%26custom2sec%3D0%22%7D&adloox_io=1&client=affectv&campagne=68&banniere=0&visite_id=8526753956&seq=0&timezone=0&js=tfav_adl_68.js&date_regen=2021-12-14%2010%3A09%3A49&plat=12&tagid=1233&fw=log&version=2&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1986887&id2=0&id3=337423894&id4=300x600&id5=21752842&id6=3671963&id7=10264&id8=15507930&id9=7069281149188091664&id10=4290141&id12=%24ADLOOX_WEBSITE&id13=2202376199574566737&id20=614b730&p_d=0.549&d5=2266&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=postbid_if_1664946247517%40https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dnemtdqdon%26e%3D1786821995930&iframe=1&fake=010000&resolution=1600x1200&nav_lang=en-US&debug=6%3A%20top%20%21%3D%20window%20-%3E%20GLOBAL.document.referrer%20https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dnemtdqdon%26e%3D1786821995930&url_referrer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dnemtdqdon%26e%3D1786821995930&ao=https%3A%2F%2Fsholke.com&nb_cpu=4&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1
Requested by
Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.31.249 -, , ASN (),
Reverse DNS
Software
nginx/1.19.8 / PHP/7.4.30
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
PHP/7.4.30
route
ads-prod-6c549b87b4-2r5k7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
server
nginx/1.19.8
accept-ch
UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary
Accept-Encoding
accept-ch-lifetime
86400
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://sholke.com
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
expires
0
async_usersync
ib.adnxs.com/ Frame 840A 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:10 GMT
AN-X-Request-Uuid
2a13b246-b912-4610-82f0-1d10c32fbc1f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 3830 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3758893&cmp=27157518&sid=6603073&plc=326462199&num=&adid=&advid=9684977&adsrv=1&btreg=518452037&btadsrv=doubleclick&crt=170131831&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Sep 2022 15:59:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fc3bc740ccd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3830 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44883
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664796838458510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Oct 2022 05:04:10 GMT
bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
s0.2mdn.net/sadbundle/13512847103930141845/ Frame 5811 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
090ae6d3b5dbc4d9c7bd9f0f9b12e5b7a4a80485b64139445b5b157fc74c53c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
63235
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2922
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 11:30:15 GMT
expires
Wed, 04 Oct 2023 11:30:15 GMT
last-modified
Fri, 29 Apr 2022 20:43:07 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3830 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstPVTFEH0DKryDSRcPMF7Y4ZBqOznTmDCa1tBNsC5ioLWyCrrtDDn8F1Wti9Ccf-_P44ohBz8FGTSBvuxClxDN-Fvi5MANAMX228b4lA0AWD9Km31d-Gh30WnBrLf9Rclp-fp3_7E9qVGtmfDXrcWj1cA9POC7a&sig=Cg0ArKJSzMejIyiPozvIEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=615&cbvp=1&cstd=610&cisv=r20220928.73862&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
impression_pixel
t.myvisualiq.net/ul_cb/ Frame 3830
Redirect Chain
  • https://t.myvisualiq.net/impression_pixel?r=1505927299&et=i&ago=212&ao=842&aca=27157518&si=6603073&ci=170131831&pi=326462199&ad=518452037&advt=9684977&chnl=-7&vndr=115&sz=9598&u=&viq_did=&pt=i
  • https://t.myvisualiq.net/ul_cb/impression_pixel?r=1505927299&et=i&ago=212&ao=842&aca=27157518&si=6603073&ci=170131831&pi=326462199&ad=518452037&advt=9684977&chnl=-7&vndr=115&sz=9598&u=&viq_did=&pt=i
43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.myvisualiq.net/ul_cb/impression_pixel?r=1505927299&et=i&ago=212&ao=842&aca=27157518&si=6603073&ci=170131831&pi=326462199&ad=518452037&advt=9684977&chnl=-7&vndr=115&sz=9598&u=&viq_did=&pt=i
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=nemtdqdon&e=1786821995930
Protocol
HTTP/1.1
Server
3.122.138.253 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Wed, 05 Oct 2022 05:04:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://t.myvisualiq.net/ul_cb/impression_pixel?r=1505927299&et=i&ago=212&ao=842&aca=27157518&si=6603073&ci=170131831&pi=326462199&ad=518452037&advt=9684977&chnl=-7&vndr=115&sz=9598&u=&viq_did=&pt=i
Date
Wed, 05 Oct 2022 05:04:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
ad_impression.gif
beacon.krxd.net/ Frame 3830 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=uoj57punt&campaignid=27157518&advertiserid=9684977&placementid=326462199&adid=518452037&creativeid=170131831&siteid=6603073
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=nemtdqdon&e=1786821995930
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.64.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-64-12.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n008-dub-prod.krxd.net
date
Wed, 05 Oct 2022 05:04:10 GMT
cache-control
private, no-cache, no-store
x-request-time
D=26 t=1664946250
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ic5.php
data00.adlooxtracking.com/ads/ Frame B951 		1 B
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D12%26scriptname%3Dadl_68%26tagid%3D1233%26typejs%3Dtvaf%26fwtype%3D2%26creatype%3D2%26targetelt%3D%26custom2area%3D0%26custom2sec%3D0%22%7D&adloox_io=1&client=affectv&campagne=68&banniere=0&visite_id=74297071334&seq=0&timezone=0&js=tfav_adl_68.js&date_regen=2021-12-14%2010%3A09%3A49&plat=12&tagid=1233&fw=log&version=2&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1986887&id2=0&id3=337423897&id4=300x600&id5=21752842&id6=3671963&id7=10264&id8=15507930&id9=7069281149188091664&id10=4290141&id12=%24ADLOOX_WEBSITE&id13=1020635960482417400&id20=614b730&p_d=0.626&d5=2355&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=postbid_if_1664946247445%40https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dktlghlouxp%26e%3D1786821995930&iframe=1&fake=010000&resolution=1600x1200&nav_lang=en-US&debug=6%3A%20top%20%21%3D%20window%20-%3E%20GLOBAL.document.referrer%20https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dktlghlouxp%26e%3D1786821995930&url_referrer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dktlghlouxp%26e%3D1786821995930&ao=https%3A%2F%2Fsholke.com&nb_cpu=4&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1
Requested by
Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.31.249 -, , ASN (),
Reverse DNS
Software
nginx/1.19.8 / PHP/7.4.30
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
PHP/7.4.30
route
ads-prod-6c549b87b4-fj9tw
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
server
nginx/1.19.8
accept-ch
UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary
Accept-Encoding
accept-ch-lifetime
86400
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://sholke.com
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
expires
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BACB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
98197
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 01:47:33 GMT
expires
Wed, 04 Oct 2023 01:47:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
153615.js
c.evidon.com/a/n/1267/ Frame 0776 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/a/n/1267/153615.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
94e8b99f224b394ce1a5031b2f1742c551f635eed13a813716a475d8275f46c5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:10 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 14:46:33 GMT
server
AkamaiNetStorage
etag
"6824cb2ff4568d14eda7aff13744195c:1602168393.36391"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=600
accept-ranges
bytes
access-control-allow-headers
*
content-length
867
dvtp_src.js
cdn.doubleverify.com/ Frame 0776 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3758893&cmp=27157518&sid=6603073&plc=326462199&num=&adid=&advid=9684977&adsrv=1&btreg=518452037&btadsrv=doubleclick&crt=174852284&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Sep 2022 15:59:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fc3bc740ccd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0776 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44883
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664796838458510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Oct 2022 05:04:10 GMT
index.html
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 2F6B 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cac7dddfd848d7e8a382041db220990c8008e062d0c39802494a43c2f590f9a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
63039
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2042
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 11:33:31 GMT
expires
Wed, 04 Oct 2023 11:33:31 GMT
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0776 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssdY2A3lVgdrwD9FZxFBUycpfuYXiAzRgH63SjQDs3BUd2Qyf_ozQTRnz2RTrC-b5fyrSN_WhlkkP14bGYfvmrAWOazw4XRD3uhkjO308tFcV7G8LRlEdtmLuvoI7ZgrGKsIqkP6TQ_6O8lGloLSBA2mbA_dPwn&sig=Cg0ArKJSzBnm8uABp78TEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=675&cbvp=1&cstd=672&cisv=r20220928.07983&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
impression_pixel
t.myvisualiq.net/ Frame 0776 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.myvisualiq.net/impression_pixel?r=899632773&et=i&ago=212&ao=842&aca=27157518&si=6603073&ci=174852284&pi=326462199&ad=518452037&advt=9684977&chnl=-7&vndr=115&sz=9598&u=&viq_did=&pt=i
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=cgjxxle&e=1786821995930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.138.253 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Wed, 05 Oct 2022 05:04:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ad_impression.gif
beacon.krxd.net/ Frame 0776 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=uoj57punt&campaignid=27157518&advertiserid=9684977&placementid=326462199&adid=518452037&creativeid=174852284&siteid=6603073
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=cgjxxle&e=1786821995930
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.64.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-64-12.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n014-dub-prod.krxd.net
date
Wed, 05 Oct 2022 05:04:10 GMT
cache-control
private, no-cache, no-store
x-request-time
D=42 t=1664946250
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vevent
ams3-ib.adnxs.com/ Frame F062 		0
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLSDPDtUgYAAAMA1gAFAQjIoPSZBhCGvc6N-eaArTgYkN7ilYK4yI1iKjYJWUNn1mXBrD8RjmMjsoG5pD8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeLfzBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFZNER2YXdpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall3TmpIZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFXdEw1QUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQFAQzRCZ28umgKZASFQQnlVY0E6ZQIsSXV5bFFFZ0FDZ0FNHc0ET2cukQFARkF1QzlKdUZoUmcya1k3RDkdeQBCHXkMQmhtcCljDHFUOXAJgQEBBEJ4AQYJARBCNEFJazVs9IEBOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTA2qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDTk3NyNBTVMzOjYwNjHaBAIIAeAEAfAEltzyoAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUn-gUECAAQAJAGAJgGAKIGDzEwMjY0I0FNUzM6NjAwMrgGAMEGAAAAAAAA8D_QBuUC2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGggEI87wxEnxuUlBqR1ZrQUFBQURBQWtDQlFFSW01alFCUkRzZ000QkdLMnhZQ0FIS0FCQW9OUzVBa2pZOWZRRFVMZ3ZXUEl1Y1FBQUFBQUEhlhBlQUNCQVGjWEFBQWlBRUFrQUVBbWdFQ0NBQ29BUUN4LiAAkIAHAYgHAKAHAboHDwgAEAAYACAAMAA4jwlAAMgHt_MF0gcNCQANugEeCNoHBgknaOAHAOoHAggA8Aful0uKCAIQAJUIAACAP5gIAQ..&s=7d951d7160101c764c36e282f94ee8baee543603&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=8115962871238671285&vd=ct~0|rr~0&sv=228&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/228/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:10 GMT
AN-X-Request-Uuid
379e56f6-f6c5-40ef-af38-c4330df49e51
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame F1F1 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3758893&cmp=27157518&sid=6603073&plc=326462199&num=&adid=&advid=9684977&adsrv=1&btreg=518452037&btadsrv=doubleclick&crt=171146382&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Sep 2022 15:59:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fc3bc740ccd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F1F1 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44883
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664796838458510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Oct 2022 05:04:10 GMT
cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
s0.2mdn.net/sadbundle/8450626237648350216/ Frame 3A74 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e458b52e4e805d803d4075f2546c869edad223996a5da12e810ba748e1ffaed8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
63069
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2873
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 11:33:01 GMT
expires
Wed, 04 Oct 2023 11:33:01 GMT
last-modified
Mon, 23 May 2022 12:49:05 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F1F1 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu56ybejXGGUEH48udq3vROY0zo_vPOsdaVpwkVyCduO2C-GA9ZifKSvz0_fcUICEw_eprAz8CBL7WHlh_MwAJiIJVyaUK19rjc-KK-iUL4Nz5KpZIpXjHF6mIN2s6wd6yidXhTosvSm1dkx-BeWaAZHOcm09LC&sig=Cg0ArKJSzP6f3B9srrABEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=705&cbvp=1&cstd=700&cisv=r20220928.59185&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
impression_pixel
t.myvisualiq.net/ul_cb/ Frame F1F1
Redirect Chain
  • https://t.myvisualiq.net/impression_pixel?r=3712068745&et=i&ago=212&ao=842&aca=27157518&si=6603073&ci=171146382&pi=326462199&ad=518452037&advt=9684977&chnl=-7&vndr=115&sz=9598&u=&viq_did=&pt=i
  • https://t.myvisualiq.net/ul_cb/impression_pixel?r=3712068745&et=i&ago=212&ao=842&aca=27157518&si=6603073&ci=171146382&pi=326462199&ad=518452037&advt=9684977&chnl=-7&vndr=115&sz=9598&u=&viq_did=&pt=i
43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.myvisualiq.net/ul_cb/impression_pixel?r=3712068745&et=i&ago=212&ao=842&aca=27157518&si=6603073&ci=171146382&pi=326462199&ad=518452037&advt=9684977&chnl=-7&vndr=115&sz=9598&u=&viq_did=&pt=i
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=oyfdjywa&e=1786821995930
Protocol
HTTP/1.1
Server
3.122.138.253 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Wed, 05 Oct 2022 05:04:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://t.myvisualiq.net/ul_cb/impression_pixel?r=3712068745&et=i&ago=212&ao=842&aca=27157518&si=6603073&ci=171146382&pi=326462199&ad=518452037&advt=9684977&chnl=-7&vndr=115&sz=9598&u=&viq_did=&pt=i
Date
Wed, 05 Oct 2022 05:04:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
ad_impression.gif
beacon.krxd.net/ Frame F1F1 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=uoj57punt&campaignid=27157518&advertiserid=9684977&placementid=326462199&adid=518452037&creativeid=171146382&siteid=6603073
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=oyfdjywa&e=1786821995930
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.64.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-64-12.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n020-dub-prod.krxd.net
date
Wed, 05 Oct 2022 05:04:10 GMT
cache-control
private, no-cache, no-store
x-request-time
D=36 t=1664946250
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
153615.js
c.evidon.com/a/n/1267/ Frame F1F1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/a/n/1267/153615.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
94e8b99f224b394ce1a5031b2f1742c551f635eed13a813716a475d8275f46c5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:10 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 14:46:33 GMT
server
AkamaiNetStorage
etag
"6824cb2ff4568d14eda7aff13744195c:1602168393.36391"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=600
accept-ranges
bytes
access-control-allow-headers
*
content-length
867
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A7AE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
98197
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 01:47:33 GMT
expires
Wed, 04 Oct 2023 01:47:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dvtp_src.js
cdn.doubleverify.com/ Frame B951 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3758893&cmp=27157518&sid=6603073&plc=326462202&num=&adid=&advid=9684977&adsrv=1&btreg=518792542&btadsrv=doubleclick&crt=174655862&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Sep 2022 15:59:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fc3bc740ccd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B951 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44883
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664796838458510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Oct 2022 05:04:10 GMT
bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
s0.2mdn.net/sadbundle/6544176512630335808/ Frame BACB 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01eb2db1f440f089c2b59dc55fca9733225906a2af5cd8c2506e3364840c1877
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
61794
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2996
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 11:54:16 GMT
expires
Wed, 04 Oct 2023 11:54:16 GMT
last-modified
Wed, 13 Jul 2022 15:39:47 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B951 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstEjWsYv5G-WhHWhtavcgZ3kgJm9ZQUlfuPOAORraPCeBTtgG0tc5QG5a4SnV_vgYE_0ib_rpUQ3vccdIt-yiux9A9_ettxvlM8C702EuUHf5bX-jL8D22jGopGV6kygwwMkPCdfbR5WleG4hCV64rV4pbS1x3x&sig=Cg0ArKJSzHBNaXW478RSEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=780&cbvp=1&cstd=775&cisv=r20220928.30509&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
ad_impression.gif
beacon.krxd.net/ Frame B951 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=uoj57punt&campaignid=27157518&advertiserid=9684977&placementid=326462202&adid=518792542&creativeid=174655862&siteid=6603073
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=ktlghlouxp&e=1786821995930
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.64.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-64-12.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n006-dub-prod.krxd.net
date
Wed, 05 Oct 2022 05:04:10 GMT
cache-control
private, no-cache, no-store
x-request-time
D=23 t=1664946250
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
impression_pixel
t.myvisualiq.net/ Frame B951 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.myvisualiq.net/impression_pixel?r=2564661305&et=i&ago=212&ao=842&aca=27157518&si=6603073&ci=174655862&pi=326462202&ad=518792542&advt=9684977&chnl=-7&vndr=115&sz=9598&u=&viq_did=&pt=i
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=ktlghlouxp&e=1786821995930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.138.253 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Wed, 05 Oct 2022 05:04:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
dvtp_src.js
cdn.doubleverify.com/ Frame F062 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3758893&cmp=27157518&sid=6603073&plc=326462199&num=&adid=&advid=9684977&adsrv=1&btreg=518452037&btadsrv=doubleclick&crt=170052490&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Sep 2022 15:59:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fc3bc740ccd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F062 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44883
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664796838458510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Oct 2022 05:04:10 GMT
index.html
s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/ Frame 7030 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a619c113ea6042c55f99a75b34a10ad032fb1f817a614144a5e7cdba5b38c28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
62939
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1956
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 11:35:11 GMT
expires
Wed, 04 Oct 2023 11:35:11 GMT
last-modified
Thu, 21 Apr 2022 09:10:23 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F062 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7ZsJgdgwAqkUADW0S-BdODUFIXXSE_WKkNYf0w15Phzc-gh9HhH_RmdMHkq3GViWTngy_4rnTz2aDKCBarnSabYJ4nVWb2CnxgJySUphKILpzvwUVs_JoQEXi8ozk83AkdHtl8K3mxeQwsoaDos8tctJh18qo&sig=Cg0ArKJSzHBNlfixd5Q2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=685&cbvp=1&cstd=679&cisv=r20220928.83724&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
ad_impression.gif
beacon.krxd.net/ Frame F062 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=uoj57punt&campaignid=27157518&advertiserid=9684977&placementid=326462199&adid=518452037&creativeid=170052490&siteid=6603073
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=ihgvalvhu&e=1786821995930
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.64.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-64-12.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n003-dub-prod.krxd.net
date
Wed, 05 Oct 2022 05:04:10 GMT
cache-control
private, no-cache, no-store
x-request-time
D=50 t=1664946250
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
impression_pixel
t.myvisualiq.net/ Frame F062 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.myvisualiq.net/impression_pixel?r=1238573525&et=i&ago=212&ao=842&aca=27157518&si=6603073&ci=170052490&pi=326462199&ad=518452037&advt=9684977&chnl=-7&vndr=115&sz=9598&u=&viq_did=&pt=i
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=ihgvalvhu&e=1786821995930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.138.253 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Wed, 05 Oct 2022 05:04:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
dvtp_src.js
cdn.doubleverify.com/ Frame 85FA 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3758893&cmp=27157518&sid=6603073&plc=326462199&num=&adid=&advid=9684977&adsrv=1&btreg=518452037&btadsrv=doubleclick&crt=179229402&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Sep 2022 15:59:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fc3bc740ccd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 85FA 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44883
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664796838458510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Oct 2022 05:04:10 GMT
cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.html
s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/ Frame B0D0 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d194e1349888f5622daa8347a4e62864ce252ba18ba2598ad41f8108a093e802
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3050
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 05:04:10 GMT
expires
Thu, 05 Oct 2023 05:04:10 GMT
last-modified
Tue, 27 Sep 2022 10:35:48 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 85FA 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuoWE2B87PY4sYYh8ayvfxeudtEzEDoZ8ynC2LUkDPactYPQthAKgJTX-p8ubiVM-kU5qwrg-Ock5IqG1qyO-buo9F0CTc9lUG-oXDXoMdCJ6Uafo3DoSU80X0AYlx3kLiLO14cS8kR8I9b_vccVH8_ac8QOeD3&sig=Cg0ArKJSzGKtTD3spMVIEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=649&cbvp=1&cstd=646&cisv=r20220928.99382&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
impression_pixel
t.myvisualiq.net/ Frame 85FA 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.myvisualiq.net/impression_pixel?r=1432577583&et=i&ago=212&ao=842&aca=27157518&si=6603073&ci=179229402&pi=326462199&ad=518452037&advt=9684977&chnl=-7&vndr=115&sz=9598&u=&viq_did=&pt=i
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=deriin&e=1786821995930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.138.253 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Wed, 05 Oct 2022 05:04:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ad_impression.gif
beacon.krxd.net/ Frame 85FA 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=uoj57punt&campaignid=27157518&advertiserid=9684977&placementid=326462199&adid=518452037&creativeid=179229402&siteid=6603073
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=deriin&e=1786821995930
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.64.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-64-12.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n018-dub-prod.krxd.net
date
Wed, 05 Oct 2022 05:04:10 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1664946250
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
dvtp_src.js
cdn.doubleverify.com/ Frame 7395 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3758893&cmp=27157518&sid=6603073&plc=326462199&num=&adid=&advid=9684977&adsrv=1&btreg=518452037&btadsrv=doubleclick&crt=170131660&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Sep 2022 15:59:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fc3bc740ccd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7395 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44883
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664796838458510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Oct 2022 05:04:10 GMT
bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
s0.2mdn.net/sadbundle/257378062294498846/ Frame 3B19 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52eb7a07438ebdc24f89c4b1f74f57ca82d66203b0d23981d8b9b37ff9ac343f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
63127
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2960
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 11:32:03 GMT
expires
Wed, 04 Oct 2023 11:32:03 GMT
last-modified
Fri, 29 Apr 2022 20:42:14 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7395 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssdfvxPynS7rYt55Yn2oHpHGb1ghvDem7lPE3-kKegLrPsFfNHSoQl68PkeyA5UjXxjOgC6oSpYUMtkJUfoCgEadJoDdTWTQtDqkeleiqRjMjJQpwYmane3fjv7m2fdGMxPnsxEsrdcxqcXjbwVOAeelxiAiJSU&sig=Cg0ArKJSzAirnXJlZ9U3EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=675&cbvp=1&cstd=672&cisv=r20220928.93701&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
impression_pixel
t.myvisualiq.net/ Frame 7395 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.myvisualiq.net/impression_pixel?r=1649262119&et=i&ago=212&ao=842&aca=27157518&si=6603073&ci=170131660&pi=326462199&ad=518452037&advt=9684977&chnl=-7&vndr=115&sz=9598&u=&viq_did=&pt=i
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=snhgrrt&e=1786821995930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.138.253 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Wed, 05 Oct 2022 05:04:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ad_impression.gif
beacon.krxd.net/ Frame 7395 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=uoj57punt&campaignid=27157518&advertiserid=9684977&placementid=326462199&adid=518452037&creativeid=170131660&siteid=6603073
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=snhgrrt&e=1786821995930
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.64.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-64-12.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n009-dub-prod.krxd.net
date
Wed, 05 Oct 2022 05:04:10 GMT
cache-control
private, no-cache, no-store
x-request-time
D=23 t=1664946250
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
dvtp_src.js
cdn.doubleverify.com/ Frame 40AE 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3758893&cmp=27157518&sid=6603073&plc=326462199&num=&adid=&advid=9684977&adsrv=1&btreg=518452037&btadsrv=doubleclick&crt=174852284&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Sep 2022 15:59:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fc3bc740ccd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 40AE 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44883
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664796838458510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Oct 2022 05:04:10 GMT
index.html
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 04E9 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cac7dddfd848d7e8a382041db220990c8008e062d0c39802494a43c2f590f9a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
63039
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2042
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 11:33:31 GMT
expires
Wed, 04 Oct 2023 11:33:31 GMT
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 40AE 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5K2fWtEyz-0krh81FYevuZEzB3YurG27r7Z-vQxqb5Q9cex5wD4UbC-p5sPeujHpUxB3LwwWL6Lc_aYgXA0mrWdz23poTVypnO1cwECo2f0O8hPBWdfXlf_8254jjuRy1tAEBo4BVOFXfTncpduYAaT8pjogO&sig=Cg0ArKJSzIftzukUcgF2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=604&cbvp=1&cstd=598&cisv=r20220928.83605&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
ad_impression.gif
beacon.krxd.net/ Frame 40AE 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=uoj57punt&campaignid=27157518&advertiserid=9684977&placementid=326462199&adid=518452037&creativeid=174852284&siteid=6603073
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.64.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-64-12.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by
beacon-n019-dub-prod.krxd.net
date
Wed, 05 Oct 2022 05:04:10 GMT
cache-control
private, no-cache, no-store
x-request-time
D=24 t=1664946250
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
impression_pixel
t.myvisualiq.net/ Frame 40AE 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.myvisualiq.net/impression_pixel?r=3034740698&et=i&ago=212&ao=842&aca=27157518&si=6603073&ci=174852284&pi=326462199&ad=518452037&advt=9684977&chnl=-7&vndr=115&sz=9598&u=&viq_did=&pt=i
Requested by
Host: sholke.com
URL: https://sholke.com/r/p.html?f=jbsaxzrm&e=1786821995930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.138.253 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Wed, 05 Oct 2022 05:04:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ic5.php
data00.adlooxtracking.com/ads/ Frame F1F1 		1 B
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D12%26scriptname%3Dadl_68%26tagid%3D1233%26typejs%3Dtvaf%26fwtype%3D2%26creatype%3D2%26targetelt%3D%26custom2area%3D0%26custom2sec%3D0%22%7D&adloox_io=1&client=affectv&campagne=68&banniere=0&visite_id=80078314130&seq=0&timezone=0&js=tfav_adl_68.js&date_regen=2021-12-14%2010%3A09%3A49&plat=12&tagid=1233&fw=log&version=2&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1986887&id2=0&id3=337423894&id4=300x600&id5=21752842&id6=3671963&id7=10264&id8=15507930&id9=7069281149188091664&id10=4290141&id12=%24ADLOOX_WEBSITE&id13=361279077131230550&id20=614b730&p_d=0.807&d5=2107&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=postbid_if_1664946247727%40https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Doyfdjywa%26e%3D1786821995930&iframe=1&fake=010000&resolution=1600x1200&nav_lang=en-US&debug=6%3A%20top%20%21%3D%20window%20-%3E%20GLOBAL.document.referrer%20https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Doyfdjywa%26e%3D1786821995930&url_referrer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Doyfdjywa%26e%3D1786821995930&ao=https%3A%2F%2Fsholke.com&nb_cpu=4&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1
Requested by
Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.31.249 -, , ASN (),
Reverse DNS
Software
nginx/1.19.8 / PHP/7.4.30
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
PHP/7.4.30
route
ads-prod-6c549b87b4-d2d9b
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
server
nginx/1.19.8
accept-ch
UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary
Accept-Encoding
accept-ch-lifetime
86400
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://sholke.com
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
expires
0
vevent
ams3-ib.adnxs.com/ Frame 7395 		0
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLSDPDtUgYAAAMA1gAFAQjIoPSZBhDuttejmer4kFYYkN7ilYK4yI1iKjYJrpNEMso2pT8R0J5-XiiUnj8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeO3wBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFwb0RKa2dpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall3TURUZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFYMExwQUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQFAQzRCZ28umgKZASFPUnk4Ync6ZQIsSXV5bFFFZ0FDZ0FNHc0ET2cukQFAUkF1QzlKdUZoUmcya1k3RDkdeQBCHXkMQmhtcCljDHFUOXAJgQEBBEJ4AQYJARBCNEFJazVs9IEBOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTA2qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDTk3NyNBTVMzOjYwMDTaBAIIAeAEAfAEltzyoAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUn-gUECAAQAJAGAJgGAKIGDzEwMjY0I0FNUzM6NjExObgGAMEGAAAAAAAA8D_QBuUC2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGggEI87wxEnxreE1NR0ZrQUFBQURBQWtDQlFFSW01alFCUkRzZ000QkdLMnhZQ0FIS0FCQW9OUzVBa2pZOWZRRFVMZ3ZXT2N2Y1FBQUFBQUEhlhBlQUNCQVGjWEFBQWlBRUFrQUVBbWdFQ0NBQ29BUUN4LiAAkIAHAYgHAKAHAboHDwgAEAAYACAAMAA4jwlAAMgH7fAF0gcNCQANugEeCNoHBgknaOAHAOoHAggA8Aful0uKCAIQAJUIAACAP5gIAQ..&s=585bff7c37a7bde8852ddbb9b81ced14b0470b96&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=8115962871238671285&vd=ct~0|rr~0&sv=228&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/228/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:10 GMT
AN-X-Request-Uuid
9202dd43-d0a3-48dd-84e0-75e2c4332fda
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ic5.php
data00.adlooxtracking.com/ads/ Frame 0776 		1 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D12%26scriptname%3Dadl_68%26tagid%3D1233%26typejs%3Dtvaf%26fwtype%3D2%26creatype%3D2%26targetelt%3D%26custom2area%3D0%26custom2sec%3D0%22%7D&adloox_io=1&client=affectv&campagne=68&banniere=0&visite_id=32350951650&seq=0&timezone=0&js=tfav_adl_68.js&date_regen=2021-12-14%2010%3A09%3A49&plat=12&tagid=1233&fw=log&version=2&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1986887&id2=0&id3=337423894&id4=300x600&id5=21752842&id6=3671963&id7=10264&id8=15507930&id9=7069281149188091664&id10=4290141&id12=%24ADLOOX_WEBSITE&id13=5019200188778785509&id20=614b730&p_d=0.863&d5=2159&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=postbid_if_1664946247660%40https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dcgjxxle%26e%3D1786821995930&iframe=1&fake=010000&resolution=1600x1200&nav_lang=en-US&debug=6%3A%20top%20%21%3D%20window%20-%3E%20GLOBAL.document.referrer%20https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dcgjxxle%26e%3D1786821995930&url_referrer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dcgjxxle%26e%3D1786821995930&ao=https%3A%2F%2Fsholke.com&nb_cpu=4&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1
Requested by
Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.31.249 -, , ASN (),
Reverse DNS
Software
nginx/1.19.8 / PHP/7.4.30
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
PHP/7.4.30
route
ads-prod-6c549b87b4-2r5k7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
server
nginx/1.19.8
accept-ch
UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary
Accept-Encoding
accept-ch-lifetime
86400
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://sholke.com
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
expires
0
vevent
ams3-ib.adnxs.com/ Frame 85FA 		0
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLSDPDtUgYAAAMA1gAFAQjIoPSZBhCXrrvQi7TtrGwYkN7ilYK4yI1iKjYJa1AYU-m4pj8RCu1sSV1goD8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeIf1BYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFoWUIxZmdpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUJnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall4TUREZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFYVUw1QUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQE8QzRCZ28umgKZASFOaHpzYj5lAixJdXlsUUVnQUNnQU0dzQRPZy6RAUBCQXVDOUp1RmhSZzJrWTdEOR15AEIdeQxCaG1wKWMMcVQ5cAmBAQEEQngBBgkBEEI0QUlrNWz0gQE4RDgu2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTM4LjE5Ni4xMDaoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQNOTc3I0FNUzM6NjEwMNoEAggB4AQB8ASW3PKgAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBSf6BQQIABAAkAYAmAYAogYPMTAyNjQjQU1TMzo1OTk1uAYAwQYAAAAAAADwP9AG5QLaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gaCAQjzvDESfGxoT2FHRmtBQUFBREFBa0NCUUVJbTVqUUJSRHNnTTRCR0syeFlDQUhLQUJBb05TNUFralk5ZlFEVUxndldPc3VjUUFBQUFBQSGWEGVBQ0JBUaNYQUFBaUFFQWtBRUFtZ0VDQ0FDb0FRQ3guIACQgAcBiAcAoAcBugcPCAAQABgAIAAwADiPCUAAyAeH9QXSBw0JAA26AR4I2gcGCSdo4AcA6gcCCADwB-6XS4oIAhAAlQgAAIA_mAgB&s=a6b6e460735c4a958af244849416933cba5794ae&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=8115962871238671285&vd=ct~0|rr~0&sv=228&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/228/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:10 GMT
AN-X-Request-Uuid
efcd3571-2a4e-49d9-bbeb-2c4d862303ac
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
153615.js
c.evidon.com/a/n/1267/ Frame F062 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/a/n/1267/153615.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
94e8b99f224b394ce1a5031b2f1742c551f635eed13a813716a475d8275f46c5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:10 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 14:46:33 GMT
server
AkamaiNetStorage
etag
"6824cb2ff4568d14eda7aff13744195c:1602168393.36391"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=600
accept-ranges
bytes
access-control-allow-headers
*
content-length
867
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C0BA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
98197
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 01:47:33 GMT
expires
Wed, 04 Oct 2023 01:47:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
vevent
ams3-ib.adnxs.com/ Frame 40AE 		0
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLSDPDtUgYAAAMA1gAFAQjIoPSZBhDbx4W3rsCZ42UYkN7ilYK4yI1iKjYJa1AYU-m4pj8RCu1sSV1goD8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeM_0BYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFmNENoZmdpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall3T0RUZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFYRUw1QUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQFAQzRCZ28umgKZASFRUnowY1E6ZQIsSXV5bFFFZ0FDZ0FNHc0ET2cukQFAUkF1QzlKdUZoUmcya1k3RDkdeQBCHXkMQmhtcCljDHFUOXAJgQEBBEJ4AQYJARBCNEFJazVs9IEBOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTA2qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDTk3NyNBTVMzOjYwODTaBAIIAeAEAfAEltzyoAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUn-gUECAAQAJAGAJgGAKIGDzEwMjY0I0FNUzM6NTkwNLgGAMEGAAAAAAAA8D_QBuUC2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGggEI87wxEnxPeFBsQjFrQUFBQURBQWtDQlFFSW01alFCUkRzZ000QkdLMnhZQ0FIS0FCQW9OUzVBa2pZOWZRRFVMZ3ZXSkF1Y1FBQUFBQUEhlhBlQUNCQVGjWEFBQWlBRUFrQUVBbWdFQ0NBQ29BUUN4LiAAkIAHAYgHAKAHAboHDwgAEAAYACAAMAA4jwlAAMgHz_QF0gcNCQANugEeCNoHBgknaOAHAOoHAggA8Aful0uKCAIQAJUIAACAP5gIAQ..&s=92b53c4a98f4f6454a6f60a39ab8a45ae540bd6f&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=8115962871238671285&vd=ct~0|rr~0&sv=228&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/228/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:10 GMT
AN-X-Request-Uuid
91bd0837-e5f1-4069-8803-888147f7cb81
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.css
s0.2mdn.net/sadbundle/13512847103930141845/ Frame 5811 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5efe77ddc5177b5796fae7c6bc7ceee3a92b36c7b080a2863184a8a7903ee65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:30:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63235
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1178
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:43:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:30:15 GMT
bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600_media_query.css
s0.2mdn.net/sadbundle/13512847103930141845/ Frame 5811 		153 B
147 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600_media_query.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
351085b836eac6830b84a6917bf7330d4b8de3bf9ec8feb52ff3ffc1ec61544d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:30:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63235
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:43:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:30:15 GMT
css
fonts.googleapis.com/ Frame 5811 		10 KB
758 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dd2059dd98af175f39c3480a0e0db9b47370d3b11ab0eeb69100532abd389718
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Oct 2022 05:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 03:35:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Oct 2022 05:04:10 GMT
bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_bg_f1_300x600.jpg
s0.2mdn.net/sadbundle/13512847103930141845/ Frame 5811 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_bg_f1_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b3aae8d5c0fdbaa1f266cfa5272aae78f9b9a180ef43d4280ff3f5b23bc6d01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:30:15 GMT
x-content-type-options
nosniff
age
63236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33530
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:43:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:30:15 GMT
bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_dt_300x600.png
s0.2mdn.net/sadbundle/13512847103930141845/ Frame 5811 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_dt_300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58aca9a50d520a84ff24eb7055888a762e881d0101260242dcb1c8fe9da83e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:30:15 GMT
x-content-type-options
nosniff
age
63236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4944
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:43:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:30:15 GMT
bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_intel_300x600.png
s0.2mdn.net/sadbundle/13512847103930141845/ Frame 5811 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_intel_300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2322d95384d0a42987fd05817743fb27805d7ab82f918b7f14619023f0854dc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:30:15 GMT
x-content-type-options
nosniff
age
63236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4462
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:43:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:30:15 GMT
bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_bg_f2_300x600.jpg
s0.2mdn.net/sadbundle/13512847103930141845/ Frame 5811 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_bg_f2_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7470481dd9116d39ce52ffef3ba6e4f13fbe26fb7412bc5db9231f93314e119d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:30:15 GMT
x-content-type-options
nosniff
age
63236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31117
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:43:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:30:15 GMT
bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_bg_f3_300x600.jpg
s0.2mdn.net/sadbundle/13512847103930141845/ Frame 5811 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_bg_f3_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a21fd319444bfdf326ca107a85d2fdeb38c53042caabe363b441d923f22439d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:30:15 GMT
x-content-type-options
nosniff
age
63236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31814
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:43:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:30:15 GMT
bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_bg_f4_300x600.jpg
s0.2mdn.net/sadbundle/13512847103930141845/ Frame 5811 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_bg_f4_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
686e939ca3963e076e64ab8e94bbf7307246897b17ea31636f30d4d1a4b932e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:30:15 GMT
x-content-type-options
nosniff
age
63236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32123
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:43:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:30:15 GMT
bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_plus_300x600.png
s0.2mdn.net/sadbundle/13512847103930141845/ Frame 5811 		1020 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_plus_300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fd3db8ce7fd2cdb94a91c31943a479bde1af254e9fcae83e0f3559bb7a99d51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:30:15 GMT
x-content-type-options
nosniff
age
63236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1020
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:43:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:30:15 GMT
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 5811 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Oct 2022 05:04:11 GMT
bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.js
s0.2mdn.net/sadbundle/13512847103930141845/ Frame 5811 		2 KB
713 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b2122e15b2da9ba2f0059e8d368d06b74311515c0653bc747d3d6b117acb1d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13512847103930141845/bb2201g0018_054_617670_uk_cs_sb_fy23q2_oa_optiplex_fam_d12_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:30:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
674
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:43:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:30:15 GMT
publishertag.prebid.123.js
static.criteo.net/js/ld/ Frame 01E7 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.28.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 Oct 2022 05:04:11 GMT
style.css
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 2F6B 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf66c7ae342b7965a597696c3fd4a2bdec112e4899a25b4f3e73a958fd79dcbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 10:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153944
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1107
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Oct 2023 10:18:26 GMT
media_query.css
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 2F6B 		858 B
310 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/media_query.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf9ce312d39963aa2c755712a8dc205faa6930a6bb3b8b804ee6c00c9036a344
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63039
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
css
fonts.googleapis.com/ Frame 2F6B 		10 KB
758 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dd2059dd98af175f39c3480a0e0db9b47370d3b11ab0eeb69100532abd389718
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Oct 2022 05:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 05:04:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Oct 2022 05:04:10 GMT
bg_f1.jpg
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 2F6B 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/bg_f1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403c0e1e97789c75bc117d111b4462758a4243118cdcfe5858b55d35a03810ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3640
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
bg_f2.jpg
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 2F6B 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/bg_f2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f41120c9bfda2291b2b0c84043f621af033e890b61e5aaf1b62c8312f1383fe3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20228
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
bg_f3.jpg
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 2F6B 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/bg_f3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
511f3490b92ee978941e7b2e59578b6406e9528a2775f67b37d5b18f3a384f6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18258
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
bg_f4.jpg
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 2F6B 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/bg_f4.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a647079f1d21bfd8b86f7e8c0dfc6545a4022b4114adb33ea5766da7d0c781f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19642
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
bg_f5.jpg
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 2F6B 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/bg_f5.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba08e2f893a29a98b41931ac403b3fb512b21fcb47e254c251e52f892454be19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30267
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
dt.png
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 2F6B 		781 B
818 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/dt.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f5e0ffa32fd250048c345a9e0c49b670a4467e31c580f4fa4185d74483c4729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
781
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
intel.png
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 2F6B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/intel.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c541bb1bb0311d73908bdda3985cdd96b052dfe631a257f63257432b5641307e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2176
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
pro_f2.png
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 2F6B 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/pro_f2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
740e828170f6fbf1038b634e2b707e13b9d3efd99d970081e31862c53f592591
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8839
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
pro_f3.png
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 2F6B 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/pro_f3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c851ca97c012ecb1ff51d5a1c5c103d1963e3d39007e7f7a90749b21e94858b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16830
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
pro_f4.png
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 2F6B 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/pro_f4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ceff9eda6c9f3949aaae308c67e5a247f583cfe2f7144eb92c9357faf0f654b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6316
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
pro_f5.png
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 2F6B 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/pro_f5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33e4a02476f296bcf7fa2b8e925a984d5663524962eef15fd4f30a2f62b6d29e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12929
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 2F6B 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Oct 2022 05:04:11 GMT
custom.js
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 2F6B 		2 KB
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/custom.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8ea37119ce5b5d454561269b0f691cdf2ecf5dcde9ac392516a828861f49ea6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
663
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.css
s0.2mdn.net/sadbundle/8450626237648350216/ Frame 3A74 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4e2537b9bd1d0a6b1ced6f187a6021f132561b61e7426d539cd4e1a87d08230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63069
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1420
x-xss-protection
0
last-modified
Mon, 23 May 2022 12:49:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:01 GMT
cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_media_query_300x600.css
s0.2mdn.net/sadbundle/8450626237648350216/ Frame 3A74 		269 B
179 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_media_query_300x600.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69d68a19d0a1b873c533d181ee2d77d2b98e4ad2574c955855d204a8ba3c93a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63069
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
150
x-xss-protection
0
last-modified
Mon, 23 May 2022 12:49:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:01 GMT
css
fonts.googleapis.com/ Frame 3A74 		10 KB
758 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dd2059dd98af175f39c3480a0e0db9b47370d3b11ab0eeb69100532abd389718
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Oct 2022 05:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 04:09:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Oct 2022 05:04:10 GMT
cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_bg_f1_300x600.jpg
s0.2mdn.net/sadbundle/8450626237648350216/ Frame 3A74 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_bg_f1_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fc4150ef7c77c928e9ec44858aed80b40ca49c6ffb59f87d7698a2d99ccb9cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:01 GMT
x-content-type-options
nosniff
age
63070
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4934
x-xss-protection
0
last-modified
Mon, 23 May 2022 12:49:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:01 GMT
cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_dt_300x600.png
s0.2mdn.net/sadbundle/8450626237648350216/ Frame 3A74 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_dt_300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53f5a8c40cce2b52db685149304af9752cabc981cb8eddabc4bc1642e0ddda56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 06:49:49 GMT
x-content-type-options
nosniff
age
339262
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1072
x-xss-protection
0
last-modified
Mon, 23 May 2022 12:49:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 01 Oct 2023 06:49:49 GMT
cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_funding_logo_300x600.png
s0.2mdn.net/sadbundle/8450626237648350216/ Frame 3A74 		959 B
996 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_funding_logo_300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f52041fa177a27da84d924c540696137f264ea9a7f29ae6981d2c07b262d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:01 GMT
x-content-type-options
nosniff
age
63070
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
959
x-xss-protection
0
last-modified
Mon, 23 May 2022 12:49:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:01 GMT
cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_bg_f2_300x600.jpg
s0.2mdn.net/sadbundle/8450626237648350216/ Frame 3A74 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_bg_f2_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca86b63e5da3d509ca1e7fc814ff18589853d11bf147943001262b342c13a1ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:01 GMT
x-content-type-options
nosniff
age
63070
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25582
x-xss-protection
0
last-modified
Mon, 23 May 2022 12:49:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:01 GMT
cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_pro2_300x600.png
s0.2mdn.net/sadbundle/8450626237648350216/ Frame 3A74 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_pro2_300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e4bf2a6514acb56b7a7c1040fc1832aef24c59db47234c38599021611468606
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:01 GMT
x-content-type-options
nosniff
age
63070
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21190
x-xss-protection
0
last-modified
Mon, 23 May 2022 12:49:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:01 GMT
cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_bg_f3_300x600.jpg
s0.2mdn.net/sadbundle/8450626237648350216/ Frame 3A74 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_bg_f3_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd96f372517f2aa00ad5e7ac2c3d01296a80122852d07f12df5722d3faadd338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:01 GMT
x-content-type-options
nosniff
age
63070
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13430
x-xss-protection
0
last-modified
Mon, 23 May 2022 12:49:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:01 GMT
cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_pro3_300x600.png
s0.2mdn.net/sadbundle/8450626237648350216/ Frame 3A74 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_pro3_300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c8e597124eb829d4c18010e9498a7911c5b77996d3d1c8e74324a33dfffab78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:01 GMT
x-content-type-options
nosniff
age
63070
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23574
x-xss-protection
0
last-modified
Mon, 23 May 2022 12:49:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:01 GMT
cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_bg_f4_300x600.jpg
s0.2mdn.net/sadbundle/8450626237648350216/ Frame 3A74 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_bg_f4_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac87c7592329fb136ad7b708c1f131377d6051b649b5b3bc5ea7b73e9ca06b83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:01 GMT
x-content-type-options
nosniff
age
63070
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11948
x-xss-protection
0
last-modified
Mon, 23 May 2022 12:49:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:01 GMT
cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_pro4_300x600.png
s0.2mdn.net/sadbundle/8450626237648350216/ Frame 3A74 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_pro4_300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7037c2c685cb085e0dc42b3b36863d798cb5d2dc898ba382097498b0af0def72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:01 GMT
x-content-type-options
nosniff
age
63070
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19034
x-xss-protection
0
last-modified
Mon, 23 May 2022 12:49:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:01 GMT
cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_bg_f5_300x600.jpg
s0.2mdn.net/sadbundle/8450626237648350216/ Frame 3A74 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_bg_f5_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8acb2901019abb489e6744b1309eef3d46347f372f88d5d69015591939c6f53f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:01 GMT
x-content-type-options
nosniff
age
63070
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13252
x-xss-protection
0
last-modified
Mon, 23 May 2022 12:49:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:01 GMT
cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_pro5_300x600.png
s0.2mdn.net/sadbundle/8450626237648350216/ Frame 3A74 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_pro5_300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ceef2c7442a7c16af14ced2f73647567416379b68bfc95ee227b99c1119c4b4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:01 GMT
x-content-type-options
nosniff
age
63070
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11499
x-xss-protection
0
last-modified
Mon, 23 May 2022 12:49:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:01 GMT
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3A74 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Oct 2022 05:04:11 GMT
cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.js
s0.2mdn.net/sadbundle/8450626237648350216/ Frame 3A74 		3 KB
812 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c5c79e25d5702fd716c8be193096f2dad6f96ef88f8a304ff8b01289224b24e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8450626237648350216/cs2301g0012_007_610055_uk_cs_sb_fy23q1_oa_vostro_3420_warlock_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63070
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
775
x-xss-protection
0
last-modified
Mon, 23 May 2022 12:49:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:01 GMT
153615.js
c.evidon.com/a/n/1267/ Frame 7395 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/a/n/1267/153615.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
94e8b99f224b394ce1a5031b2f1742c551f635eed13a813716a475d8275f46c5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:10 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 14:46:33 GMT
server
AkamaiNetStorage
etag
"6824cb2ff4568d14eda7aff13744195c:1602168393.36391"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=600
accept-ranges
bytes
access-control-allow-headers
*
content-length
867
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AB3C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
98197
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 01:47:33 GMT
expires
Wed, 04 Oct 2023 01:47:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
153615.js
c.evidon.com/a/n/1267/ Frame 85FA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/a/n/1267/153615.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
94e8b99f224b394ce1a5031b2f1742c551f635eed13a813716a475d8275f46c5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:10 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 14:46:33 GMT
server
AkamaiNetStorage
etag
"6824cb2ff4568d14eda7aff13744195c:1602168393.36391"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=600
accept-ranges
bytes
access-control-allow-headers
*
content-length
867
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 72E6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
98197
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 01:47:33 GMT
expires
Wed, 04 Oct 2023 01:47:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ic5.php
data00.adlooxtracking.com/ads/ Frame F062 		1 B
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D12%26scriptname%3Dadl_68%26tagid%3D1233%26typejs%3Dtvaf%26fwtype%3D2%26creatype%3D2%26targetelt%3D%26custom2area%3D0%26custom2sec%3D0%22%7D&adloox_io=1&client=affectv&campagne=68&banniere=0&visite_id=93260594627&seq=0&timezone=0&js=tfav_adl_68.js&date_regen=2021-12-14%2010%3A09%3A49&plat=12&tagid=1233&fw=log&version=2&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1986887&id2=0&id3=337423894&id4=300x600&id5=21752842&id6=3671963&id7=10264&id8=15507930&id9=7069281149188091664&id10=4290141&id12=%24ADLOOX_WEBSITE&id13=4060561551230475910&id20=614b730&p_d=0.966&d5=2162&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=postbid_if_1664946247745%40https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dihgvalvhu%26e%3D1786821995930&iframe=1&fake=010000&resolution=1600x1200&nav_lang=en-US&debug=6%3A%20top%20%21%3D%20window%20-%3E%20GLOBAL.document.referrer%20https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dihgvalvhu%26e%3D1786821995930&url_referrer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dihgvalvhu%26e%3D1786821995930&ao=https%3A%2F%2Fsholke.com&nb_cpu=4&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1
Requested by
Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.31.249 -, , ASN (),
Reverse DNS
Software
nginx/1.19.8 / PHP/7.4.30
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
PHP/7.4.30
route
ads-prod-6c549b87b4-rnvsf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
server
nginx/1.19.8
accept-ch
UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary
Accept-Encoding
accept-ch-lifetime
86400
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://sholke.com
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
expires
0
153615.js
c.evidon.com/a/n/1267/ Frame 40AE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/a/n/1267/153615.js
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
94e8b99f224b394ce1a5031b2f1742c551f635eed13a813716a475d8275f46c5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:10 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 14:46:33 GMT
server
AkamaiNetStorage
etag
"6824cb2ff4568d14eda7aff13744195c:1602168393.36391"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=600
accept-ranges
bytes
access-control-allow-headers
*
content-length
867
bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.css
s0.2mdn.net/sadbundle/6544176512630335808/ Frame BACB 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9fd3253372e67937b5afa84f6b25ca46ab8de48c8e6d384c6c6c1c77d4826c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:54:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61794
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1326
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 15:39:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:54:16 GMT
bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_mq_300x600.css
s0.2mdn.net/sadbundle/6544176512630335808/ Frame BACB 		922 B
342 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_mq_300x600.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4b2e8b875ed62f4d30234ef7ecafbfd59377334ee927a645470a8b522b843ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:54:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61794
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 15:39:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:54:16 GMT
css
fonts.googleapis.com/ Frame BACB 		10 KB
758 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dd2059dd98af175f39c3480a0e0db9b47370d3b11ab0eeb69100532abd389718
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 03:59:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Oct 2022 05:04:11 GMT
bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_bg_f1_300x600.jpg
s0.2mdn.net/sadbundle/6544176512630335808/ Frame BACB 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_bg_f1_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b037ba0598ec77c1f79ffdf184d982b8245725deb557a0d8b5d4b48feaf78fcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:54:16 GMT
x-content-type-options
nosniff
age
61795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9384
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 15:39:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:54:16 GMT
bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_bg_f2_300x600.jpg
s0.2mdn.net/sadbundle/6544176512630335808/ Frame BACB 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_bg_f2_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd41cd943f982d676c19e9e786fd7ddb808383139b9ef86897663284308a3b10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:54:16 GMT
x-content-type-options
nosniff
age
61795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12653
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 15:39:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:54:16 GMT
bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_pro_f2_300x600.png
s0.2mdn.net/sadbundle/6544176512630335808/ Frame BACB 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_pro_f2_300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b75164d0bc8bb03e67016c72697b2211bbf9b9f8cb43b8aa010d26d5b766b15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:54:16 GMT
x-content-type-options
nosniff
age
61795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40978
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 15:39:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:54:16 GMT
bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_bg_f3_300x600.jpg
s0.2mdn.net/sadbundle/6544176512630335808/ Frame BACB 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_bg_f3_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b78e8a878c34b8be71de84983a5fdfd8298b29159f6df6aac9e877ac17ff0d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:54:16 GMT
x-content-type-options
nosniff
age
61795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21480
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 15:39:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:54:16 GMT
bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_bg_f4_300x600.jpg
s0.2mdn.net/sadbundle/6544176512630335808/ Frame BACB 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_bg_f4_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1944cadc3cc35becd75927386db10afe5504cca6c7977ae2c42e5c7f8496191
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:54:16 GMT
x-content-type-options
nosniff
age
61795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7762
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 15:39:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:54:16 GMT
bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_pro_f4_300x600.jpg
s0.2mdn.net/sadbundle/6544176512630335808/ Frame BACB 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_pro_f4_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63be0686efc30c972da71dc410cd58ae2b0240aff933d1b50652c5caef1b8a3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:54:16 GMT
x-content-type-options
nosniff
age
61795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11808
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 15:39:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:54:16 GMT
bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_bg_f5_300x600.jpg
s0.2mdn.net/sadbundle/6544176512630335808/ Frame BACB 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_bg_f5_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
045fa110a4973043ed9d4c2e023ed09030040f5c6b614ad729f45675e5810263
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:54:16 GMT
x-content-type-options
nosniff
age
61795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8332
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 15:39:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:54:16 GMT
bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_pro_f5_300x600.png
s0.2mdn.net/sadbundle/6544176512630335808/ Frame BACB 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_pro_f5_300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45c55ac479fbe676c7ffe1238b0648766c3e377ee4cacb8de33a5b92a378a5ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:54:16 GMT
x-content-type-options
nosniff
age
61795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16588
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 15:39:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:54:16 GMT
bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_tint_f6_300x600.png
s0.2mdn.net/sadbundle/6544176512630335808/ Frame BACB 		117 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_tint_f6_300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
027ef4099a9abb6d8cd6b9b5e6d1eab6074580d033f8c67877c7cc1a11c8b5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:54:16 GMT
x-content-type-options
nosniff
age
61795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 15:39:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:54:16 GMT
bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_bg_f7_300x600.jpg
s0.2mdn.net/sadbundle/6544176512630335808/ Frame BACB 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_bg_f7_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2afc0de9e1ef49986fc827a463dfacbb7b8f36119d34ad81e2441e1c770726d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:54:16 GMT
x-content-type-options
nosniff
age
61795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5582
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 15:39:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:54:16 GMT
bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_pro_f7_300x600.png
s0.2mdn.net/sadbundle/6544176512630335808/ Frame BACB 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_pro_f7_300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cd30bdade386d9a2cf9f9740743490cabdb616a07bd9d9c06f82c46b9382571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:54:16 GMT
x-content-type-options
nosniff
age
61795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 15:39:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:54:16 GMT
bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_dt_300x600.png
s0.2mdn.net/sadbundle/6544176512630335808/ Frame BACB 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_dt_300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7d20d8570ddfda3856b29542ac701a297dc3a027c005e78df1dd972323a6bcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:54:16 GMT
x-content-type-options
nosniff
age
61795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1112
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 15:39:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:54:16 GMT
bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_funding_300x600.png
s0.2mdn.net/sadbundle/6544176512630335808/ Frame BACB 		949 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_funding_300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d3bb41c18c870df8c7ea0d5dcedfc013a5102a01c0bc22cc78fed63ec669b23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:54:16 GMT
x-content-type-options
nosniff
age
61795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
949
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 15:39:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:54:16 GMT
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame BACB 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Oct 2022 05:04:11 GMT
bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.js
s0.2mdn.net/sadbundle/6544176512630335808/ Frame BACB 		3 KB
874 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b88c79d595d13dfcca3db322f0b1c9ee654901db33057162d87743be8e647327
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6544176512630335808/bb2302g0019_006_630782_uk_cs_sb_fy23q2_oa_lati-9330_yellowstone_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:54:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
837
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 15:39:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:54:16 GMT
style.css
s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/ Frame 7030 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fb930176fd6bf0f5290efb83af733099c0974100f0cdf42e80dc944db46ccdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62938
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1060
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 09:10:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:35:12 GMT
style_mq.css
s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/ Frame 7030 		125 B
152 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/style_mq.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6b005f5932f4947535aeb04ec796d28ac793e484fffd71b79b232506138dfec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62938
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 09:10:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:35:12 GMT
css
fonts.googleapis.com/ Frame 7030 		10 KB
758 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dd2059dd98af175f39c3480a0e0db9b47370d3b11ab0eeb69100532abd389718
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 05:04:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Oct 2022 05:04:11 GMT
bg_f1.jpg
s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/ Frame 7030 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/bg_f1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a68293ef85b8c9d40041be52e6382da5dfa3ca897627a4f58af54895287d7bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:35:12 GMT
x-content-type-options
nosniff
age
62939
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1410
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 09:10:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:35:12 GMT
dt.png
s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/ Frame 7030 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/dt.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53afc3a3b914c01577cef9bdfc8bf51fd54472c90616376cf80a9eafadcc315e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:35:12 GMT
x-content-type-options
nosniff
age
62939
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1483
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 09:10:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:35:12 GMT
funding.png
s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/ Frame 7030 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/funding.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a00f713ac3c1e56e1a5f9a92e0744d7b40b3c94ff9c5526b048e2547f867d029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:35:13 GMT
x-content-type-options
nosniff
age
62938
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1184
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 09:10:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:35:13 GMT
bg_f2.jpg
s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/ Frame 7030 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/bg_f2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68f308a3c18a93295ef2931fc6a596de9ff381e6399b480fe2de3b77c6bae6e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 10:33:18 GMT
x-content-type-options
nosniff
age
153053
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20704
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 09:10:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Oct 2023 10:33:18 GMT
bg_f3.jpg
s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/ Frame 7030 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/bg_f3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d6fa08725c37fcffa46428609d390afba3fabd3f4efbbd551bff16006d94d4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:35:13 GMT
x-content-type-options
nosniff
age
62938
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20102
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 09:10:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:35:13 GMT
bg_f4.jpg
s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/ Frame 7030 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/bg_f4.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
080f5fc502880f80dcd57b12367d688b946283db3525e722a164e84025532fbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:35:13 GMT
x-content-type-options
nosniff
age
62938
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14601
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 09:10:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:35:13 GMT
prof4.png
s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/ Frame 7030 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/prof4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5613a563cf22229f4ebd593c664e02a58837efd1fb47a93e0fa7b4e1b9f5b37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:35:13 GMT
x-content-type-options
nosniff
age
62938
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12733
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 09:10:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:35:13 GMT
bg_f5.jpg
s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/ Frame 7030 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/bg_f5.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6dda527298c0b8c28192e0300b3827c1f28e06803458b949f5c05d4aac44d3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:35:13 GMT
x-content-type-options
nosniff
age
62938
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40234
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 09:10:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:35:13 GMT
dt_f5.png
s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/ Frame 7030 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/dt_f5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9fdacf507c8e4f5c525df0a5749cc9029031c27a92cda801f1fa38375f06535
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:35:13 GMT
x-content-type-options
nosniff
age
62938
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1103
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 09:10:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:35:13 GMT
funding2.png
s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/ Frame 7030 		898 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/funding2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90d4fc09ac4f71dfbc2ce62fa5aef48b8d4fe0b8d84278943ff4afa3fb9d2bca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:35:13 GMT
x-content-type-options
nosniff
age
62938
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
898
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 09:10:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:35:13 GMT
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 7030 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Oct 2022 05:04:11 GMT
custom.js
s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/ Frame 7030 		2 KB
612 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/custom.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2422b1a31ccc40cf12980e692b48814447f8b52511ca4507bf3db00a034fc11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7499572859526605245/bb2301g0039_016_617464_uk_cs_sb_fy23q1_oa_latitudefamily-msjsos_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62939
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
575
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 09:10:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:35:12 GMT
bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.css
s0.2mdn.net/sadbundle/257378062294498846/ Frame 3B19 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66a648204ae2be6d2b10389902bb3c78a25f47f0223c8dc967adb17d88ea4d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:32:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63126
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1196
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:42:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:32:04 GMT
bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_mq_300x600.css
s0.2mdn.net/sadbundle/257378062294498846/ Frame 3B19 		461 B
233 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_mq_300x600.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39b6618099aa4a22a8187b0cd248583d63df1f1113ec3770f49be6e4433a0f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:32:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63126
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:42:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:32:04 GMT
css
fonts.googleapis.com/ Frame 3B19 		10 KB
758 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dd2059dd98af175f39c3480a0e0db9b47370d3b11ab0eeb69100532abd389718
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 03:20:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Oct 2022 05:04:11 GMT
bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_bg_f1_300x600.jpg
s0.2mdn.net/sadbundle/257378062294498846/ Frame 3B19 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_bg_f1_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f3633721bc9540be94e8c7897a326fadd9e795823c410b7ab28abbd6f08ca21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 10:42:53 GMT
x-content-type-options
nosniff
age
152478
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18971
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:42:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Oct 2023 10:42:53 GMT
bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_dt_300x600.png
s0.2mdn.net/sadbundle/257378062294498846/ Frame 3B19 		978 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_dt_300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7938c2ff019c1761fceaf068e2d881edfea7ec533b15ee386e10ef1d9afd8137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 06:45:27 GMT
x-content-type-options
nosniff
age
339524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
978
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:42:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 01 Oct 2023 06:45:27 GMT
bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_funding_300x600.png
s0.2mdn.net/sadbundle/257378062294498846/ Frame 3B19 		731 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_funding_300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4534a51a5bb40c29f40ab5b70a5081e86b34c770b50d1446db2890b0def8fdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 10:42:53 GMT
x-content-type-options
nosniff
age
152478
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
731
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:42:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Oct 2023 10:42:53 GMT
bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_bg_f2_300x600.jpg
s0.2mdn.net/sadbundle/257378062294498846/ Frame 3B19 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_bg_f2_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d246b1bf203aacd7e71fb72e454878bf92fa562d3bde221e897d554e807bf43b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 03:48:19 GMT
x-content-type-options
nosniff
age
436552
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22743
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:42:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Sep 2023 03:48:19 GMT
bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_product2_300x600.png
s0.2mdn.net/sadbundle/257378062294498846/ Frame 3B19 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_product2_300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d66f33be56fbc9ac8c56b8a9f402681039e443aa600d08a6ac738b69ff2c9589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:32:05 GMT
x-content-type-options
nosniff
age
63126
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4560
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:42:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:32:05 GMT
bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_bg_f3_300x600.jpg
s0.2mdn.net/sadbundle/257378062294498846/ Frame 3B19 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_bg_f3_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09a4807379c8dbb95b72fb6d300b8d6a4ebb5048d98df6583893b9d871e99a61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:32:05 GMT
x-content-type-options
nosniff
age
63126
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18967
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:42:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:32:05 GMT
bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_product3_300x600.png
s0.2mdn.net/sadbundle/257378062294498846/ Frame 3B19 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_product3_300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3b2476a36567877a817b0481d4e70d85248683eda28c03d0e46016313e50b61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:32:05 GMT
x-content-type-options
nosniff
age
63126
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9069
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:42:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:32:05 GMT
bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_bg_f4_300x600.jpg
s0.2mdn.net/sadbundle/257378062294498846/ Frame 3B19 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_bg_f4_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de090f509204b8071e87400dea9580912fb4ba1e7fd771e0e92a104fb07633c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:32:05 GMT
x-content-type-options
nosniff
age
63126
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19292
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:42:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:32:05 GMT
bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_product4_300x600.png
s0.2mdn.net/sadbundle/257378062294498846/ Frame 3B19 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_product4_300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbe5115094456c10685f3454e131d48d4f40d4ae7dd4e6b1e7af453fe0ee0501
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:32:05 GMT
x-content-type-options
nosniff
age
63126
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9556
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:42:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:32:05 GMT
bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_bg_f5_300x600.jpg
s0.2mdn.net/sadbundle/257378062294498846/ Frame 3B19 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_bg_f5_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ffa97740452736898a60bf7040ad3e194327fc967760751f3cc05d7769eede3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:32:05 GMT
x-content-type-options
nosniff
age
63126
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16623
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:42:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:32:05 GMT
bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_product5_300x600.png
s0.2mdn.net/sadbundle/257378062294498846/ Frame 3B19 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_product5_300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c7d21820d8c95a22e9f43a0f6de2bd01040f1ada1db0fad8826a9472777d8b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:32:05 GMT
x-content-type-options
nosniff
age
63126
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10916
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:42:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:32:05 GMT
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3B19 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Oct 2022 05:04:11 GMT
bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.js
s0.2mdn.net/sadbundle/257378062294498846/ Frame 3B19 		2 KB
766 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5a8e6a4a1f3a0ead7935f5c0114d379dfb111cc8f63e8182732d85f4eb5fde8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/257378062294498846/bb2301g0003_008_617952_uk_cs_sb_fy23q2_oa_precision_7000_series_msft_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:32:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63127
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
729
x-xss-protection
0
last-modified
Fri, 29 Apr 2022 20:42:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:32:04 GMT
style.css
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 04E9 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf66c7ae342b7965a597696c3fd4a2bdec112e4899a25b4f3e73a958fd79dcbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 10:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153944
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1107
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Oct 2023 10:18:26 GMT
media_query.css
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 04E9 		858 B
310 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/media_query.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf9ce312d39963aa2c755712a8dc205faa6930a6bb3b8b804ee6c00c9036a344
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63039
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
css
fonts.googleapis.com/ Frame 04E9 		10 KB
758 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dd2059dd98af175f39c3480a0e0db9b47370d3b11ab0eeb69100532abd389718
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 04:04:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Oct 2022 05:04:11 GMT
bg_f1.jpg
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 04E9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/bg_f1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403c0e1e97789c75bc117d111b4462758a4243118cdcfe5858b55d35a03810ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3640
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
bg_f2.jpg
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 04E9 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/bg_f2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f41120c9bfda2291b2b0c84043f621af033e890b61e5aaf1b62c8312f1383fe3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20228
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
bg_f3.jpg
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 04E9 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/bg_f3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
511f3490b92ee978941e7b2e59578b6406e9528a2775f67b37d5b18f3a384f6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18258
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
bg_f4.jpg
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 04E9 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/bg_f4.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a647079f1d21bfd8b86f7e8c0dfc6545a4022b4114adb33ea5766da7d0c781f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19642
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
bg_f5.jpg
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 04E9 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/bg_f5.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba08e2f893a29a98b41931ac403b3fb512b21fcb47e254c251e52f892454be19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30267
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
dt.png
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 04E9 		781 B
818 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/dt.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f5e0ffa32fd250048c345a9e0c49b670a4467e31c580f4fa4185d74483c4729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
781
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
intel.png
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 04E9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/intel.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c541bb1bb0311d73908bdda3985cdd96b052dfe631a257f63257432b5641307e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2176
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
pro_f2.png
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 04E9 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/pro_f2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
740e828170f6fbf1038b634e2b707e13b9d3efd99d970081e31862c53f592591
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8839
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
pro_f3.png
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 04E9 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/pro_f3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c851ca97c012ecb1ff51d5a1c5c103d1963e3d39007e7f7a90749b21e94858b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16830
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
pro_f4.png
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 04E9 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/pro_f4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ceff9eda6c9f3949aaae308c67e5a247f583cfe2f7144eb92c9357faf0f654b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6316
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
pro_f5.png
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 04E9 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/pro_f5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33e4a02476f296bcf7fa2b8e925a984d5663524962eef15fd4f30a2f62b6d29e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12929
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 04E9 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Oct 2022 05:04:11 GMT
custom.js
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 04E9 		2 KB
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/custom.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8ea37119ce5b5d454561269b0f691cdf2ecf5dcde9ac392516a828861f49ea6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
663
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.css
s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/ Frame B0D0 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5bccba5073828e61b7be4f11cd0ef35ad5eb848ba11c7aa4051f7c08b508712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1409
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 10:35:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Oct 2023 05:04:11 GMT
css
fonts.googleapis.com/ Frame B0D0 		8 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 04:52:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Oct 2022 05:04:11 GMT
cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_bgf1_300x600.jpg
s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/ Frame B0D0 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_bgf1_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
774841f7f3e43fb33b6cc8b2716400ac6d5ca51611b0833f29447ca0258d23fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:12 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17453
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 10:35:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Oct 2023 05:04:12 GMT
cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_dell_logo_300x600.png
s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/ Frame B0D0 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_dell_logo_300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c83f652b7b0d8143fd24a0c2dc31504e59480b7fd4255a1f1400e3b8e3d43de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:17:51 GMT
x-content-type-options
nosniff
age
2781
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5737
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 10:35:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Oct 2023 04:17:51 GMT
cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_logo_300x600.png
s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/ Frame B0D0 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_logo_300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8df9ebf946edc1534246020fcf80d389a87c92f9f999a48c577673298d281b29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:17:50 GMT
x-content-type-options
nosniff
age
2782
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5568
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 10:35:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Oct 2023 04:17:50 GMT
cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_bgf2_300x600.jpg
s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/ Frame B0D0 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_bgf2_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
304f1eaeafa5bb03ae53acf7a1045412ad05d1afe7c5335d0075c5a1adbcc149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:12 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26722
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 10:35:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Oct 2023 05:04:12 GMT
cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_bgf3_300x600.jpg
s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/ Frame B0D0 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_bgf3_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c663affba96bfa7878e01c0ddaac111c35a0dc75f8e8ec304f30a5f50bb88f93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:12 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16446
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 10:35:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Oct 2023 05:04:12 GMT
cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_bgf4_300x600.jpg
s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/ Frame B0D0 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_bgf4_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9df4f15430d3c3ecf3dc04d57fac9fa62ee768464cec28145f33765abd5eb7bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:12 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24635
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 10:35:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Oct 2023 05:04:12 GMT
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B0D0 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Oct 2022 05:04:11 GMT
cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.js
s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/ Frame B0D0 		3 KB
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39d48a40d78c8a90a13055b780f89dab1ac990992594a8e9b6d2eee39f79420e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17843560394561086336/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600/cs2101g0030_005_640880_uk_cs_sb_fy23q3_oa_security_month_msjs_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
796
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 10:35:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Oct 2023 05:04:11 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 58D6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
98198
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 01:47:33 GMT
expires
Wed, 04 Oct 2023 01:47:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ic5.php
data00.adlooxtracking.com/ads/ Frame 7395 		1 B
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D12%26scriptname%3Dadl_68%26tagid%3D1233%26typejs%3Dtvaf%26fwtype%3D2%26creatype%3D2%26targetelt%3D%26custom2area%3D0%26custom2sec%3D0%22%7D&adloox_io=1&client=affectv&campagne=68&banniere=0&visite_id=18768902153&seq=0&timezone=0&js=tfav_adl_68.js&date_regen=2021-12-14%2010%3A09%3A49&plat=12&tagid=1233&fw=log&version=2&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1986887&id2=0&id3=337423894&id4=300x600&id5=21752842&id6=3671963&id7=10264&id8=15507930&id9=7069281149188091664&id10=4290141&id12=%24ADLOOX_WEBSITE&id13=6206491701015862126&id20=614b730&p_d=1.073&d5=2166&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=postbid_if_1664946247769%40https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dsnhgrrt%26e%3D1786821995930&iframe=1&fake=010000&resolution=1600x1200&nav_lang=en-US&debug=6%3A%20top%20%21%3D%20window%20-%3E%20GLOBAL.document.referrer%20https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dsnhgrrt%26e%3D1786821995930&url_referrer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dsnhgrrt%26e%3D1786821995930&ao=https%3A%2F%2Fsholke.com&nb_cpu=4&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1
Requested by
Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.31.249 -, , ASN (),
Reverse DNS
Software
nginx/1.19.8 / PHP/7.4.30
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
PHP/7.4.30
route
ads-prod-6c549b87b4-k5769
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
server
nginx/1.19.8
accept-ch
UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary
Accept-Encoding
accept-ch-lifetime
86400
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://sholke.com
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
expires
0
ic5.php
data00.adlooxtracking.com/ads/ Frame 85FA 		1 B
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D12%26scriptname%3Dadl_68%26tagid%3D1233%26typejs%3Dtvaf%26fwtype%3D2%26creatype%3D2%26targetelt%3D%26custom2area%3D0%26custom2sec%3D0%22%7D&adloox_io=1&client=affectv&campagne=68&banniere=0&visite_id=33926981395&seq=0&timezone=0&js=tfav_adl_68.js&date_regen=2021-12-14%2010%3A09%3A49&plat=12&tagid=1233&fw=log&version=2&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1986887&id2=0&id3=337423894&id4=300x600&id5=21752842&id6=3671963&id7=10264&id8=15507930&id9=7069281149188091664&id10=4290141&id12=%24ADLOOX_WEBSITE&id13=7807471130944395031&id20=614b730&p_d=1.095&d5=2131&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=postbid_if_1664946247817%40https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dderiin%26e%3D1786821995930&iframe=1&fake=010000&resolution=1600x1200&nav_lang=en-US&debug=6%3A%20top%20%21%3D%20window%20-%3E%20GLOBAL.document.referrer%20https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dderiin%26e%3D1786821995930&url_referrer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dderiin%26e%3D1786821995930&ao=https%3A%2F%2Fsholke.com&nb_cpu=4&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1
Requested by
Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.31.249 -, , ASN (),
Reverse DNS
Software
nginx/1.19.8 / PHP/7.4.30
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
PHP/7.4.30
route
ads-prod-6c549b87b4-4dldc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
server
nginx/1.19.8
accept-ch
UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary
Accept-Encoding
accept-ch-lifetime
86400
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://sholke.com
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
expires
0
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame 0105 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 07:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 07:52:31 GMT
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame 8CB8 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 07:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 07:52:31 GMT
ic5.php
data00.adlooxtracking.com/ads/ Frame 40AE 		1 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D12%26scriptname%3Dadl_68%26tagid%3D1233%26typejs%3Dtvaf%26fwtype%3D2%26creatype%3D2%26targetelt%3D%26custom2area%3D0%26custom2sec%3D0%22%7D&adloox_io=1&client=affectv&campagne=68&banniere=0&visite_id=57562958747&seq=0&timezone=0&js=tfav_adl_68.js&date_regen=2021-12-14%2010%3A09%3A49&plat=12&tagid=1233&fw=log&version=2&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1986887&id2=0&id3=337423894&id4=300x600&id5=21752842&id6=3671963&id7=10264&id8=15507930&id9=7069281149188091664&id10=4290141&id12=%24ADLOOX_WEBSITE&id13=7333661205868930011&id20=614b730&p_d=1.157&d5=2605&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=postbid_if_1664946247421%40https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Djbsaxzrm%26e%3D1786821995930&iframe=1&fake=010000&resolution=1600x1200&nav_lang=en-US&debug=6%3A%20top%20%21%3D%20window%20-%3E%20GLOBAL.document.referrer%20https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Djbsaxzrm%26e%3D1786821995930&url_referrer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Djbsaxzrm%26e%3D1786821995930&ao=https%3A%2F%2Fsholke.com&nb_cpu=4&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1
Requested by
Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_68.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.31.249 -, , ASN (),
Reverse DNS
Software
nginx/1.19.8 / PHP/7.4.30
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:11 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
PHP/7.4.30
route
ads-prod-6c549b87b4-k5769
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
server
nginx/1.19.8
accept-ch
UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary
Accept-Encoding
accept-ch-lifetime
86400
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://sholke.com
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
expires
0
dv-measurements3094.js
cdn.doubleverify.com/ Frame 0662 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3094.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:11 GMT
Content-Encoding
gzip
Last-Modified
Sun, 18 Sep 2022 19:04:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0cf338991cbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106974
dv-measurements3094.js
cdn.doubleverify.com/ Frame A95F 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3094.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:11 GMT
Content-Encoding
gzip
Last-Modified
Sun, 18 Sep 2022 19:04:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0cf338991cbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106974
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame BACB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 07:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 07:52:31 GMT
async_usersync
ib.adnxs.com/ Frame 4C93 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:11 GMT
AN-X-Request-Uuid
b06c9ff0-e2fe-418d-b0ac-8de5d9ac8455
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 26A7 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:11 GMT
AN-X-Request-Uuid
ea43430b-0c0b-423d-82f5-7c971e41a7e1
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame 3830 		0
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLSDPDtUgYAAAMA1gAFAQjIoPSZBhDR7qrrwa-ayB4YkN7ilYK4yI1iKjYJrpNEMso2pT8R0J5-XiiUnj8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeLHzBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFZb0RsYkFpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall3TlRiZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFXb0w1QUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQFAQzRCZ28umgKZASFRQnlyY1E6ZQIsSXV5bFFFZ0FDZ0FNHc0ET2cukQFAWkF1QzlKdUZoUmcya1k3RDkdeQBCHXkMQmhtcCljDHFUOXAJgQEBBEJ4AQYJARBCNEFJazVs9IEBOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTA2qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDTk3NyNBTVMzOjYwNTbaBAIIAeAEAfAEltzyoAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUn-gUECAAQAJAGAJgGAKIGDzEwMjY0I0FNUzM6NjA2N7gGAMEGAAAAAAAA8D_QBuUC2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGggEI87wxEnxYeE9BRGxrQUFBQURBQWtDQlFFSW01alFCUkRzZ000QkdLMnhZQ0FIS0FCQW9OUzVBa2pZOWZRRFVMZ3ZXTE12Y1FBQUFBQUEhlhBlQUNCQVGjWEFBQWlBRUFrQUVBbWdFQ0NBQ29BUUN4LiAAkIAHAYgHAKAHAboHDwgAEAAYACAAMAA4jwlAAMgHsfMF0gcNCQANugEeCNoHBgknaOAHAOoHAggA8Aful0uKCAIQAJUIAACAP5gIAQ..&s=a0ddabc4c41de53e16ecf47a2a622f01f810db1e&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=1&sid=8115962871238671285&vd=ct~0|rr~6&sv=228&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=pv&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/228/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:11 GMT
AN-X-Request-Uuid
3dd3c3f3-7935-46ea-84a1-451d104b5281
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 486F 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:11 GMT
AN-X-Request-Uuid
2c1c71ef-a0af-4d12-a5a0-11806b4bde5c
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 63A3 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:11 GMT
AN-X-Request-Uuid
e4718581-9d8b-4239-8670-dadf0bbeb870
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dv-measurements3094.js
cdn.doubleverify.com/ Frame 3488 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3094.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:11 GMT
Content-Encoding
gzip
Last-Modified
Sun, 18 Sep 2022 19:04:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0cf338991cbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106974
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame A7AE 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 07:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 07:52:31 GMT
dv-measurements3094.js
cdn.doubleverify.com/ Frame D082 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3094.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:11 GMT
Content-Encoding
gzip
Last-Modified
Sun, 18 Sep 2022 19:04:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0cf338991cbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106974
async_usersync
ib.adnxs.com/ Frame 8467 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:11 GMT
AN-X-Request-Uuid
a8b441b6-64c4-4359-91e3-2425d5c8c9d6
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame B951 		0
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLSDPDtUgYAAAMA1gAFAQjIoPSZBhD4la3s-d-BlQ4YkN7ilYK4yI1iKjYJ4sm_lCe9qT8RTCjIfe-Moj8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJnc8qABWIuylQFgAGj-4LABeLDxBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeADByJywgMzM3NDIzODk3Nh8A8LCSAuEEIXVJQkRxUWltbmZvWEVKbmM4cUFCR0FBZ2k3S1ZBVEFBT0FCQUFFalJCMUNLMks4S1dBQmdtQVZvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFHb0FRR3dBUUM1QVotUkNiS0Y2N0Vfd1FGY1FjWmdGbW0wUDhrQkFBQUFBQUFBOERfWkFiaFlVWU5wR093XzRBSGQ3SVVDOVFFcFhJODltQUlBb0FJQnRRSUEBMwh2UUkBB9hBd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNWENPZUx1eVFRQWhnQkxRBTvwYXlCMlJsWm1GMWJIUzZBd2xCVFZNek9qVTVPVGpnQTdndmdBU0d1ZmNJaUFUaTdxTUprQVFCbUFRQnNnUUtDTkQwNXdrUThOV2REYm9FR2dpRkJCR2FtWm1abVptcFB4a0FBBWc4QUFBQ0RqbU9VT3dRU2FtESAIOGtFARsJARhEWUJBRHhCCQ0FAWxpQVh1THBBRjg3d3hxUVgyWFJIOGJ5WHdQN0VGBSEFAUBEQkJleFJ1QjZGNjdFX3lRVQUWFEFBRHdQOTIoAAhaQlENG_BDUEFfNEFXbFB2QUYyc095Ql9nRm00X2dBWUlHQTBkQ1VJZ0dBSkFHQVpnR0FLRUc3Rkc0SG9YcnNULW9CZ1N5QmlRSkENSwxBQUFSAQUNAQBaDQgBAQBoAQUJAUBDNEJnby6aApkBIVVSekhkZzplAixJdXlsUUVnQUNnQU0dzQxPZ2xCOZFAaEF1QzlKdUZoUmcya1k3RDkdeQBCHXkQQmhtcG0lYwxxVDlwCYEBAQRCeAEGCQEQQjRBSWs1bPSBAThEOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzIxNy4xMzguMTk2LjEwNqgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA05NzcjQU1TMzo1OTk42gQCCAHgBAHwBJnc8qABiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFJ_oFBAgAEACQBgCYBgCiBg8xMDI2NCNBTVMzOjYwMDS4BgDBBgAAAAAAAPA_0AblAtoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBoIBCPO8MRJ8bnhOQkdsa0FBQUFEQUFrQ0JRRUltNWpRQlJEc2dNNEJHSzJ4WUNBSEtBQkFvTlM1QWtqWTlmUURVTGd2V1BRdWNRQUFBQUFBIZYQZUFDQkFRo1hBQUFpQUVBa0FFQW1nRUNDQUNvQVFDeC4gAJCABwGIBwCgBwG6Bw8IABAAGAAgADAAOI8JQADIB7DxBdIHDQkADboBHgjaBwYJJ2jgBwDqBwIIAPAH7pdLiggCEACVCAAAgD-YCAE.&s=8248f1129ab1bce89437dfcdb2f22b949626258e&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=1&sid=8115962871238671285&vd=ct~0|rr~6&sv=228&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=pv&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/228/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:11 GMT
AN-X-Request-Uuid
ccb4c43d-bded-4465-9b54-0acd06c802fa
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dv-measurements3094.js
cdn.doubleverify.com/ Frame AF6C 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3094.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:11 GMT
Content-Encoding
gzip
Last-Modified
Sun, 18 Sep 2022 19:04:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0cf338991cbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106974
dv-measurements3094.js
cdn.doubleverify.com/ Frame F6F2 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3094.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:11 GMT
Content-Encoding
gzip
Last-Modified
Sun, 18 Sep 2022 19:04:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0cf338991cbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106974
dv-measurements3094.js
cdn.doubleverify.com/ Frame 2472 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3094.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:11 GMT
Content-Encoding
gzip
Last-Modified
Sun, 18 Sep 2022 19:04:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0cf338991cbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106974
async_usersync
ib.adnxs.com/ Frame 7CF1 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:11 GMT
AN-X-Request-Uuid
bb7f28b4-fa9e-4354-9d9e-df3a3ffbaa0a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dv-measurements3094.js
cdn.doubleverify.com/ Frame 20D9 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3094.js
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:04:11 GMT
Content-Encoding
gzip
Last-Modified
Sun, 18 Sep 2022 19:04:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0cf338991cbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106974
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5816 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
83981
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 05 Oct 2022 05:04:11 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5, 311151
X-Served-By
cache-lga13626-LGA, cache-lcy19229-LCY
X-Timer
S1664946252.694127,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9DAC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
83981
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 05 Oct 2022 05:04:11 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5, 313564
X-Served-By
cache-lga13626-LGA, cache-lcy19247-LCY
X-Timer
S1664946252.693971,VS0,VE0
async_usersync
ib.adnxs.com/ Frame 446D 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:11 GMT
AN-X-Request-Uuid
d4b8f93d-30d2-4bd0-b5ef-63c6106b3237
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 67E1 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
83981
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 05 Oct 2022 05:04:11 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5, 314350
X-Served-By
cache-lga13626-LGA, cache-lcy19224-LCY
X-Timer
S1664946252.694941,VS0,VE0
async_usersync
ib.adnxs.com/ Frame 840A 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:11 GMT
AN-X-Request-Uuid
b899462c-eda3-4cab-a0f0-79053d007556
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame EA34 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
83981
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 05 Oct 2022 05:04:11 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5, 311152
X-Served-By
cache-lga13626-LGA, cache-lcy19229-LCY
X-Timer
S1664946252.734677,VS0,VE0
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5811 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 23:05:50 GMT
x-content-type-options
nosniff
age
107901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 23:05:50 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5811 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:02:52 GMT
x-content-type-options
nosniff
age
151279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 11:02:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3A74 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:02:52 GMT
x-content-type-options
nosniff
age
151279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 11:02:52 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3A74 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 23:05:50 GMT
x-content-type-options
nosniff
age
107901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 23:05:50 GMT
dt.png
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 2F6B 		781 B
818 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/dt.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f5e0ffa32fd250048c345a9e0c49b670a4467e31c580f4fa4185d74483c4729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
781
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
intel.png
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 2F6B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/intel.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c541bb1bb0311d73908bdda3985cdd96b052dfe631a257f63257432b5641307e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2176
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2F6B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:02:52 GMT
x-content-type-options
nosniff
age
151279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 11:02:52 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2F6B 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 23:05:50 GMT
x-content-type-options
nosniff
age
107901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 23:05:50 GMT
vevent
ams3-ib.adnxs.com/ Frame 0776 		0
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLSDPDtUgYAAAMA1gAFAQjIoPSZBhDl1e6lqf_x00UYkN7ilYK4yI1iKjYJrpNEMso2pT8R0J5-XiiUnj8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeJryBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFRb0FtV1FpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUJnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall3TWpiZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFXS0w1QUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQFAQzRCZ28umgKZASFQUnpXY0E6ZQIsSXV5bFFFZ0FDZ0FNHc0ET2cukQFAWkF1QzlKdUZoUmcya1k3RDkdeQBCHXkMQmhtcCljDHFUOXAJgQEBBEJ4AQYJARBCNEFJazVs9IEBOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTA2qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDTk3NyNBTVMzOjYwMjbaBAIIAeAEAfAEltzyoAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUn-gUECAAQAJAGAJgGAKIGDzEwMjY0I0FNUzM6NjA4MLgGAMEGAAAAAAAA8D_QBuUC2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGggEI87wxEnxiQlBqRUZrQUFBQURBQWtDQlFFSW01alFCUkRzZ000QkdLMnhZQ0FIS0FCQW9OUzVBa2pZOWZRRFVMZ3ZXTUF2Y1FBQUFBQUEhlhBlQUNCQVGjWEFBQWlBRUFrQUVBbWdFQ0NBQ29BUUN4LiAAkIAHAYgHAKAHAboHDwgAEAAYACAAMAA4jwlAAMgHmvIF0gcNCQANugEeCNoHBgknaOAHAOoHAggA8Aful0uKCAIQAJUIAACAP5gIAQ..&s=8447fd1294ab3469a6583a33167ab03f65e9b992&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=0.94&sid=8115962871238671285&vd=ct~0|rr~5&sv=228&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/228/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:11 GMT
AN-X-Request-Uuid
1ce4b9f3-bf61-492c-8baa-30daee51687e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame F1F1 		0
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLSDPDtUgYAAAMA1gAFAQjIoPSZBhDWusCJga3hgQUYkN7ilYK4yI1iKjYJWUNn1mXBrD8RjmMjsoG5pD8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeIL2BYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFtb0E4aXdpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall4TWpEZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFYb0w1QUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQE8QzRCZ28umgKZASFPQng2Yj5lAixJdXlsUUVnQUNnQU0dzQRPZy6RAUBCQXVDOUp1RmhSZzJrWTdEOR15AEIdeQxCaG1wKWMMcVQ5cAmBAQEEQngBBgkBEEI0QUlrNWz0gQE4RDgu2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8yMTcuMTM4LjE5Ni4xMDaoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQNOTc3I0FNUzM6NjEyMNoEAggB4AQB8ASW3PKgAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBSf6BQQIABAAkAYAmAYAogYPMTAyNjQjQU1TMzo2MTI2uAYAwQYAAAAAAADwP9AG5QLaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gaCAQjzvDESfG1oTlZHVmtBQUFBREFBa0NCUUVJbTVqUUJSRHNnTTRCR0syeFlDQUhLQUJBb05TNUFralk5ZlFEVUxndldPNHZjUUFBQUFBQSGWEGVBQ0JBUaNYQUFBaUFFQWtBRUFtZ0VDQ0FDb0FRQ3guIACQgAcBiAcAoAcBugcPCAAQABgAIAAwADiPCUAAyAeC9gXSBw0JAA26AR4I2gcGCSdo4AcA6gcCCADwB-6XS4oIAhAAlQgAAIA_mAgB&s=5e24dd44e9a9d99c63d47dcab3eedad5954ed6fc&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=0.67&sid=8115962871238671285&vd=ct~0|rr~5&sv=228&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/228/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:11 GMT
AN-X-Request-Uuid
76e02d66-b37b-4f8d-9401-c1154114d1ab
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0C0F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
83981
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 05 Oct 2022 05:04:11 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5, 311155
X-Served-By
cache-lga13626-LGA, cache-lcy19229-LCY
X-Timer
S1664946252.921709,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 108D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
83981
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 05 Oct 2022 05:04:11 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5, 314351
X-Served-By
cache-lga13626-LGA, cache-lcy19224-LCY
X-Timer
S1664946252.917885,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 570F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
83981
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 05 Oct 2022 05:04:11 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5, 313565
X-Served-By
cache-lga13626-LGA, cache-lcy19247-LCY
X-Timer
S1664946252.949673,VS0,VE0
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BACB 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 23:05:50 GMT
x-content-type-options
nosniff
age
107901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 23:05:50 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BACB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:02:52 GMT
x-content-type-options
nosniff
age
151279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 11:02:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7030 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:02:52 GMT
x-content-type-options
nosniff
age
151279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 11:02:52 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7030 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 23:05:50 GMT
x-content-type-options
nosniff
age
107901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 23:05:50 GMT
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame C0BA 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 07:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 07:52:31 GMT
dt.png
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 04E9 		781 B
818 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/dt.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f5e0ffa32fd250048c345a9e0c49b670a4467e31c580f4fa4185d74483c4729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
781
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
intel.png
s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/ Frame 04E9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/intel.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c541bb1bb0311d73908bdda3985cdd96b052dfe631a257f63257432b5641307e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5806834784028106558/bb2301g_0001_008_632803_uk_cs_sb_fy23q2_oa_precision-5000_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:33:31 GMT
x-content-type-options
nosniff
age
63041
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2176
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 14:06:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Oct 2023 11:33:31 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4401 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sholke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
83981
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 05 Oct 2022 05:04:11 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5, 313566
X-Served-By
cache-lga13626-LGA, cache-lcy19247-LCY
X-Timer
S1664946252.997964,VS0,VE0
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame AB3C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 07:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 07:52:31 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3B19 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:02:52 GMT
x-content-type-options
nosniff
age
151280
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 11:02:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 04E9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:02:52 GMT
x-content-type-options
nosniff
age
151280
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 11:02:52 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 04E9 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 23:05:50 GMT
x-content-type-options
nosniff
age
107902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 23:05:50 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B0D0 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 23:05:50 GMT
x-content-type-options
nosniff
age
107902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 23:05:50 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B0D0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:02:52 GMT
x-content-type-options
nosniff
age
151280
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 11:02:52 GMT
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame 72E6 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 07:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 07:52:31 GMT
syncframe
gum.criteo.com/ Frame E6DA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://friends.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 05:04:12 GMT
server
Kestrel
server-processing-duration-in-ticks
680784
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 01E7 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://friends.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 Oct 2022 05:04:12 GMT
vevent
ams3-ib.adnxs.com/ Frame F062 		0
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLSDPDtUgYAAAMA1gAFAQjIoPSZBhCGvc6N-eaArTgYkN7ilYK4yI1iKjYJWUNn1mXBrD8RjmMjsoG5pD8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeLfzBYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFZNER2YXdpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall3TmpIZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFXdEw1QUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQFAQzRCZ28umgKZASFQQnlVY0E6ZQIsSXV5bFFFZ0FDZ0FNHc0ET2cukQFARkF1QzlKdUZoUmcya1k3RDkdeQBCHXkMQmhtcCljDHFUOXAJgQEBBEJ4AQYJARBCNEFJazVs9IEBOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTA2qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDTk3NyNBTVMzOjYwNjHaBAIIAeAEAfAEltzyoAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUn-gUECAAQAJAGAJgGAKIGDzEwMjY0I0FNUzM6NjAwMrgGAMEGAAAAAAAA8D_QBuUC2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGggEI87wxEnxuUlBqR1ZrQUFBQURBQWtDQlFFSW01alFCUkRzZ000QkdLMnhZQ0FIS0FCQW9OUzVBa2pZOWZRRFVMZ3ZXUEl1Y1FBQUFBQUEhlhBlQUNCQVGjWEFBQWlBRUFrQUVBbWdFQ0NBQ29BUUN4LiAAkIAHAYgHAKAHAboHDwgAEAAYACAAMAA4jwlAAMgHt_MF0gcNCQANugEeCNoHBgknaOAHAOoHAggA8Aful0uKCAIQAJUIAACAP5gIAQ..&s=7d951d7160101c764c36e282f94ee8baee543603&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=0.53&sid=8115962871238671285&vd=ct~0|rr~5&sv=228&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/228/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:12 GMT
AN-X-Request-Uuid
472abbe2-748f-4800-b832-e96a5c409514
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame 58D6 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 07:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 07:52:31 GMT
visit.js
tps.doubleverify.com/ Frame 0662 		1009 B
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=1025&ttfrms=34&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2Tar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3ETar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=2867&ddur=203&uid=1664946252241802&jsCallback=dvCallback_1664946252241534&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3094&tgjsver=3094&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dnemtdqdon%26e%3D1786821995930&fcifrms=14&brh=2&sdf=2&dvp_epl=184&noc=4&nav_pltfrm=Win32&ctx=3758893&cmp=27157518&sid=6603073&plc=326462199&crt=170131831&btreg=518452037&btadsrv=doubleclick&adsrv=1&advid=9684977&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=353411281892.15814&dvp_tukv=1286718440029.6877&dvp_uuid=6828230490.885739&dvp_strhd=0.20000004768371582&dvpx_strhd=0.20000004768371582&dvp_tuid=1134447477036
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
ccb838b8df3f7beb0ab226d5d625933594ef65d16a8b62f4a5ec3ef2a572a384

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:12 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
10/04/2022 05:04:12
vevent
ams3-ib.adnxs.com/ Frame 40AE 		0
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLSDPDtUgYAAAMA1gAFAQjIoPSZBhDbx4W3rsCZ42UYkN7ilYK4yI1iKjYJa1AYU-m4pj8RCu1sSV1goD8ZAAAAgD0Ktz8hl1CQg8prrT8pmpSCbi9ptD8xAAAAQOF6lD8witivCjiYUEDRB0gCUJbc8qABWIuylQFgAGj-4LABeM_0BYABAYoBA1VTRJIBA0VVUpgBrAKgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgMzY3MTk2MywgMTY2NDk0NjI0OCk7dWYoJ2knLCA0MjkwMTQxLCAxNjY0OTQ2MjQ4KQUdQGcnLCAxNTUwNzkzMCwgMTY2Mh4ALGMnLCA1MDIzNzA5NEYeAChyJywgMzM3NDIzOD4fAPCwkgLhBCFmNENoZmdpbW5mb1hFSmJjOHFBQkdBQWdpN0tWQVRBQU9BQkFBRWpSQjFDSzJLOEtXQUJnbUFWb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFaLVJDYktGNjdFX3dRRmNRY1pnRm1tMFA4a0JBQUFBQUFBQThEX1pBYmhZVVlOcEdPd180QUhkN0lVQzlRRXBYSTg5bUFJQW9BSUJ0UUlBATMIdlFJAQfYQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTVhDT2VMdXlRUUFoZ0JMUQU78GF5QjJSbFptRjFiSFM2QXdsQlRWTXpPall3T0RUZ0E3Z3ZnQVNHdWZjSWlBVGk3cU1Ka0FRQm1BUUJzZ1FLQ05EMDV3a1E4TldkRGJvRUdnaUZCQkdhbVptWm1abXBQeGtBQQVnOEFBQUNEam1PVU93UVNhbREgCDhrRQEbCQEYRFlCQUR4QgkNBQFsaUFYRUw1QUY4N3d4cVFYMlhSSDhieVh3UDdFRgUhBQFAREJCZXhSdUI2RjY3RV95UVUFFhRBQUR3UDkyKAAIWkJRDRvwQ1BBXzRBV2xQdkFGMnNPeUJfZ0ZtNF9nQVlJR0EwZENVSWdHQUpBR0FaZ0dBS0VHN0ZHNEhvWHJzVC1vQmdTeUJpUUpBDUsMQUFBUgEFDQEAWg0IAQEAaAEFCQFAQzRCZ28umgKZASFRUnowY1E6ZQIsSXV5bFFFZ0FDZ0FNHc0ET2cukQFAUkF1QzlKdUZoUmcya1k3RDkdeQBCHXkMQmhtcCljDHFUOXAJgQEBBEJ4AQYJARBCNEFJazVs9IEBOEQ4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMjE3LjEzOC4xOTYuMTA2qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANIEDTk3NyNBTVMzOjYwODTaBAIIAeAEAfAEltzyoAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUn-gUECAAQAJAGAJgGAKIGDzEwMjY0I0FNUzM6NTkwNLgGAMEGAAAAAAAA8D_QBuUC2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGggEI87wxEnxPeFBsQjFrQUFBQURBQWtDQlFFSW01alFCUkRzZ000QkdLMnhZQ0FIS0FCQW9OUzVBa2pZOWZRRFVMZ3ZXSkF1Y1FBQUFBQUEhlhBlQUNCQVGjWEFBQWlBRUFrQUVBbWdFQ0NBQ29BUUN4LiAAkIAHAYgHAKAHAboHDwgAEAAYACAAMAA4jwlAAMgHz_QF0gcNCQANugEeCNoHBgknaOAHAOoHAggA8Aful0uKCAIQAJUIAACAP5gIAQ..&s=92b53c4a98f4f6454a6f60a39ab8a45ae540bd6f&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=1&sid=8115962871238671285&vd=ct~0|rr~6&sv=228&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=pv&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/228/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:12 GMT
AN-X-Request-Uuid
d5ee637b-b0ca-4304-a582-46b43a2fda73
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sholke.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
visit.js
tps.doubleverify.com/ Frame A95F 		1009 B
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=1066&ttfrms=9&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2Tar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3ETar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=2802&ddur=226&uid=1664946252319749&jsCallback=dvCallback_1664946252319956&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3094&tgjsver=3094&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Doyfdjywa%26e%3D1786821995930&fcifrms=14&brh=2&sdf=2&dvp_epl=184&noc=4&nav_pltfrm=Win32&ctx=3758893&cmp=27157518&sid=6603073&plc=326462199&crt=171146382&btreg=518452037&btadsrv=doubleclick&adsrv=1&advid=9684977&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=3840760.8385098027&dvp_tukv=160622692648.0139&dvp_uuid=417402334559.95856&dvp_strhd=0.2999999523162842&dvpx_strhd=0.2999999523162842&dvp_tuid=1116708610270
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
94915ac099f5ca10fe361655223fcb04e89daa83367829c2c8fa9b9357912261

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:12 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
10/04/2022 05:04:12
async_usersync
ib.adnxs.com/ Frame 5816 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:12 GMT
AN-X-Request-Uuid
81fa26fe-55da-46f4-abe6-2f205b946066
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9DAC 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:12 GMT
AN-X-Request-Uuid
c9870510-0b62-4180-9a9a-45f082e7dfc4
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 67E1 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:12 GMT
AN-X-Request-Uuid
cad4e8ac-8085-4138-a4b0-c3d2619f629e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame EA34 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:12 GMT
AN-X-Request-Uuid
ccd8b732-fe0e-4907-a6b5-75caba861bd7
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
visit.js
tps.doubleverify.com/ Frame 3488 		1009 B
876 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=1034&ttfrms=10&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2Tar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3ETar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=3195&ddur=222&uid=1664946252439745&jsCallback=dvCallback_1664946252439742&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3094&tgjsver=3094&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Djbsaxzrm%26e%3D1786821995930&fcifrms=14&brh=2&sdf=2&dvp_epl=184&noc=4&nav_pltfrm=Win32&ctx=3758893&cmp=27157518&sid=6603073&plc=326462199&crt=174852284&btreg=518452037&btadsrv=doubleclick&adsrv=1&advid=9684977&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=21149694045.80673&dvp_tukv=1012540988.8546572&dvp_uuid=2778496255.452998&dvp_tuid=447469760189
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
60ae7bb89aea22f8b442b26d709c1db708ea2afd87ec400116814c9091c50aae

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:12 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
10/04/2022 05:04:12
async_usersync
ib.adnxs.com/ Frame 108D 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:12 GMT
AN-X-Request-Uuid
ae877cd6-6d0e-473b-a403-4bc32729ea09
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0C0F 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:12 GMT
AN-X-Request-Uuid
9b8c695c-3497-4558-be50-1d86adf14278
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 570F 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:12 GMT
AN-X-Request-Uuid
18811184-3d6c-474f-9574-5f678d3941c9
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4401 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:12 GMT
AN-X-Request-Uuid
9620fa64-7c3e-4ba3-9887-9c54db3447a0
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3830 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3OG-Hp4E5DaW8EwIvYnuQzmViJJ9G0FQv8A37cid0Rb2hcPYQgrsmgvgSZ-QL66Iq3bTeVPZPJK9PHbkcyzgZq7e9Sx-_GRc&sig=Cg0ArKJSzEsGkOTd9fKcEAE&id=lidar2&mcvt=1160&p=0,0,600,300&mtos=1160,1160,1160,1160,1160&tos=1160,0,0,0,0&v=20221003&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=1670905722&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664946247519&rpt=3795&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F1F1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgKMY65-CPVM_jxP92iUBgygVRgquQ3p26-ApFIb7_bSsAshpDIdW_TUB0BCRSKwbMpOcA8hQOmD9jlTZanB6YZJQgBHFQnNA&sig=Cg0ArKJSzGcXXybVYVbsEAE&id=lidar2&mcvt=1163&p=0,0,600,300&mtos=0,0,1163,1163,1163&tos=0,0,1163,0,0&v=20221003&bin=7&avms=nio&bs=0,0&mc=0.67&if=1&vu=1&app=0&itpl=34&adk=2677554848&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664946247729&rpt=3616&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit.js
tps.doubleverify.com/ Frame 20D9 		1009 B
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=898&ttfrms=8&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2Tar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3ETar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=3125&ddur=186&uid=1664946252522698&jsCallback=dvCallback_1664946252522598&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3094&tgjsver=3094&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dktlghlouxp%26e%3D1786821995930&fcifrms=14&brh=2&sdf=2&dvp_epl=184&noc=4&nav_pltfrm=Win32&ctx=3758893&cmp=27157518&sid=6603073&plc=326462202&crt=174655862&btreg=518792542&btadsrv=doubleclick&adsrv=1&advid=9684977&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=590272349.9363467&dvp_tukv=559472768807.0974&dvp_uuid=144296045.4497148&dvp_strhd=0.10000014305114746&dvpx_strhd=0.10000014305114746&dvp_tuid=46927950668
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e1c7f2cf6f0543813cbec81aa43d1dead26657b3e497dcb0b366a4bce7e7e7ff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:12 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
10/04/2022 05:04:12
activeview
pagead2.googlesyndication.com/pcs/ Frame B951 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOKXWEnDmY-_F6oeaZLU9AdRFhjtYdRSALpYHJ0Nvcbf3CoQe95lwT72Sh9m9STBEIBN0LmY-YQvDyall5fdaGETpE-lWYOI4&sig=Cg0ArKJSzPdgIEFCnPxjEAE&id=lidar2&mcvt=1093&p=0,0,600,300&mtos=1093,1093,1093,1093,1093&tos=1093,0,0,0,0&v=20221003&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=1250990293&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664946247447&rpt=3922&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0776 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssdY2A3lVgdrwD9FZxFBUycpfuYXiAzRgH63SjQDs3BUd2Qyf_ozQTRnz2RTrC-b5fyrSN_WhlkkP14bGYfvmrAWOazw4XRD3uhkjO308tFcV7G8LRlEdtmLuvoI7ZgrGKsIqkP6TQ_6O8lGloLSBA2mbA_dPwn&sig=Cg0ArKJSzBnm8uABp78TEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2763&vt=11&dtpt=2088&dett=3&cstd=672&cisv=r20220928.07983&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sid
mug.criteo.com/ Frame E6DA
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=friends.in.ua&sn=ChromeSyncframe&so=0&topUrl=friends.in.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=iFNzRnwvb0FyMXhmVnNGeVZZcDR2dlRRZmJZV1dwa1p0QnpweXgzMEdHRldLRGpQeVBSNEFNbWVOTVpFKzNTcmZTMGF0STVuak8wTTRmcDhxaldpbWV2ejhFcTFHcG9yOTBDaXRyTzFBbVJ4UUxpSVBYTEZObjZVcG9HTH...
441 B
660 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=iFNzRnwvb0FyMXhmVnNGeVZZcDR2dlRRZmJZV1dwa1p0QnpweXgzMEdHRldLRGpQeVBSNEFNbWVOTVpFKzNTcmZTMGF0STVuak8wTTRmcDhxaldpbWV2ejhFcTFHcG9yOTBDaXRyTzFBbVJ4UUxpSVBYTEZObjZVcG9HTHY3UEZkek05eGtwcGc2UnhCbVZoVmNyRUFuNUdzbDhVUTlVYVlpZ2VtK0ZjdUJBbzlUOVJPME5LMzZmTFVMeFVuUjM0b21XTmlRTVRKOW9nS1JVOXg4MkQwd09qT29EUkxOd3B3V29XWGEzbkFpeFpKSldOdjhQaTZUNUVMT1YrendkK0lLTzl5Z01qRTltTXg5NGwxaDFiWGZOeHFZZz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
bb9b6fc32ebc21ccf120c8569d7234e839200d44bfb1ccd7890785f3fb0e0fe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:11 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2085308
expires
0

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:11 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=iFNzRnwvb0FyMXhmVnNGeVZZcDR2dlRRZmJZV1dwa1p0QnpweXgzMEdHRldLRGpQeVBSNEFNbWVOTVpFKzNTcmZTMGF0STVuak8wTTRmcDhxaldpbWV2ejhFcTFHcG9yOTBDaXRyTzFBbVJ4UUxpSVBYTEZObjZVcG9HTHY3UEZkek05eGtwcGc2UnhCbVZoVmNyRUFuNUdzbDhVUTlVYVlpZ2VtK0ZjdUJBbzlUOVJPME5LMzZmTFVMeFVuUjM0b21XTmlRTVRKOW9nS1JVOXg4MkQwd09qT29EUkxOd3B3V29XWGEzbkFpeFpKSldOdjhQaTZUNUVMT1YrendkK0lLTzl5Z01qRTltTXg5NGwxaDFiWGZOeHFZZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
523016
content-length
0
expires
0
view
googleads4.g.doubleclick.net/pcs/ Frame F1F1 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu56ybejXGGUEH48udq3vROY0zo_vPOsdaVpwkVyCduO2C-GA9ZifKSvz0_fcUICEw_eprAz8CBL7WHlh_MwAJiIJVyaUK19rjc-KK-iUL4Nz5KpZIpXjHF6mIN2s6wd6yidXhTosvSm1dkx-BeWaAZHOcm09LC&sig=Cg0ArKJSzP6f3B9srrABEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2764&vt=11&dtpt=2059&dett=3&cstd=700&cisv=r20220928.59185&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
visit.js
tps.doubleverify.com/ Frame D082 		1009 B
876 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=1137&ttfrms=7&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2Tar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3ETar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=2835&ddur=259&uid=1664946252609979&jsCallback=dvCallback_1664946252609399&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3094&tgjsver=3094&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dihgvalvhu%26e%3D1786821995930&fcifrms=14&brh=2&sdf=2&dvp_epl=184&noc=4&nav_pltfrm=Win32&ctx=3758893&cmp=27157518&sid=6603073&plc=326462199&crt=170052490&btreg=518452037&btadsrv=doubleclick&adsrv=1&advid=9684977&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=174101172781.8606&dvp_tukv=497571642390.4418&dvp_uuid=22234254336.02794&dvp_strhd=0.20000004768371582&dvpx_strhd=0.20000004768371582&dvp_tuid=986118593784
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
4b43120f0be776c26b2b624d3632ab69f8419124d1f280d61c45e09cf6af33e1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:12 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
10/04/2022 05:04:12
view
googleads4.g.doubleclick.net/pcs/ Frame 3830 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstPVTFEH0DKryDSRcPMF7Y4ZBqOznTmDCa1tBNsC5ioLWyCrrtDDn8F1Wti9Ccf-_P44ohBz8FGTSBvuxClxDN-Fvi5MANAMX228b4lA0AWD9Km31d-Gh30WnBrLf9Rclp-fp3_7E9qVGtmfDXrcWj1cA9POC7a&sig=Cg0ArKJSzMejIyiPozvIEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2854&vt=11&dtpt=2239&dett=3&cstd=610&cisv=r20220928.73862&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
visit.js
tps.doubleverify.com/ Frame F6F2 		1009 B
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=1131&ttfrms=6&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2Tar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3ETar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=2832&ddur=239&uid=1664946252663502&jsCallback=dvCallback_1664946252663778&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3094&tgjsver=3094&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dsnhgrrt%26e%3D1786821995930&fcifrms=14&brh=2&sdf=2&dvp_epl=184&noc=4&nav_pltfrm=Win32&ctx=3758893&cmp=27157518&sid=6603073&plc=326462199&crt=170131660&btreg=518452037&btadsrv=doubleclick&adsrv=1&advid=9684977&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=704970674.693428&dvp_tukv=341112912915.3909&dvp_uuid=10703545526.837574&dvp_strhd=0.09999990463256836&dvpx_strhd=0.09999990463256836&dvp_tuid=958183698941
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
620a863c35c72ca2f0c1fc73b773dfa5cf3330f096e82a428e10a0fcf5a41b9a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:12 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
10/04/2022 05:04:12
visit.js
tps.doubleverify.com/ Frame AF6C 		1009 B
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=1167&ttfrms=8&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2Tar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3ETar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=2771&ddur=248&uid=1664946252675727&jsCallback=dvCallback_1664946252675750&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3094&tgjsver=3094&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dderiin%26e%3D1786821995930&fcifrms=14&brh=2&sdf=2&dvp_epl=184&noc=4&nav_pltfrm=Win32&ctx=3758893&cmp=27157518&sid=6603073&plc=326462199&crt=179229402&btreg=518452037&btadsrv=doubleclick&adsrv=1&advid=9684977&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=8911010.690335376&dvp_tukv=16650084.945930721&dvp_uuid=15710194663.88122&dvp_strhd=0.09999990463256836&dvpx_strhd=0.09999990463256836&dvp_tuid=85336098093
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
29bbf2b167c962be2d097895beff12fbf52280a4cd4ddbea9ecf5fae40b1adea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:12 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
10/04/2022 05:04:12
visit.js
tps.doubleverify.com/ Frame 2472 		1009 B
878 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=1101&ttfrms=6&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau7C%3A6%3F5D%5D%3A%3F%5DF2Tar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3ETar9EEADTbpTauTauD9%40%3D%3C6%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=2826&ddur=225&uid=1664946252685449&jsCallback=dvCallback_1664946252685779&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3094&tgjsver=3094&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dcgjxxle%26e%3D1786821995930&fcifrms=14&brh=2&sdf=2&dvp_epl=184&noc=4&nav_pltfrm=Win32&ctx=3758893&cmp=27157518&sid=6603073&plc=326462199&crt=174852284&btreg=518452037&btadsrv=doubleclick&adsrv=1&advid=9684977&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=30700835995.911667&dvp_tukv=370253329990.2726&dvp_uuid=15259176960.942951&dvp_strhd=0.10000014305114746&dvpx_strhd=0.10000014305114746&dvp_tuid=37389385604
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
b37eed3e8e005cc46768426098e555923876711f6bc99532264d267273d0c230

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:12 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
10/04/2022 05:04:12
view
googleads4.g.doubleclick.net/pcs/ Frame B951 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstEjWsYv5G-WhHWhtavcgZ3kgJm9ZQUlfuPOAORraPCeBTtgG0tc5QG5a4SnV_vgYE_0ib_rpUQ3vccdIt-yiux9A9_ettxvlM8C702EuUHf5bX-jL8D22jGopGV6kygwwMkPCdfbR5WleG4hCV64rV4pbS1x3x&sig=Cg0ArKJSzHBNaXW478RSEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2919&vt=11&dtpt=2139&dett=3&cstd=775&cisv=r20220928.30509&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F062 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7ZsJgdgwAqkUADW0S-BdODUFIXXSE_WKkNYf0w15Phzc-gh9HhH_RmdMHkq3GViWTngy_4rnTz2aDKCBarnSabYJ4nVWb2CnxgJySUphKILpzvwUVs_JoQEXi8ozk83AkdHtl8K3mxeQwsoaDos8tctJh18qo&sig=Cg0ArKJSzHBNlfixd5Q2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2817&vt=11&dtpt=2132&dett=3&cstd=679&cisv=r20220928.83724&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7395 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssdfvxPynS7rYt55Yn2oHpHGb1ghvDem7lPE3-kKegLrPsFfNHSoQl68PkeyA5UjXxjOgC6oSpYUMtkJUfoCgEadJoDdTWTQtDqkeleiqRjMjJQpwYmane3fjv7m2fdGMxPnsxEsrdcxqcXjbwVOAeelxiAiJSU&sig=Cg0ArKJSzAirnXJlZ9U3EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2796&vt=11&dtpt=2121&dett=3&cstd=672&cisv=r20220928.93701&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 40AE 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5K2fWtEyz-0krh81FYevuZEzB3YurG27r7Z-vQxqb5Q9cex5wD4UbC-p5sPeujHpUxB3LwwWL6Lc_aYgXA0mrWdz23poTVypnO1cwECo2f0O8hPBWdfXlf_8254jjuRy1tAEBo4BVOFXfTncpduYAaT8pjogO&sig=Cg0ArKJSzIftzukUcgF2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2713&vt=11&dtpt=2109&dett=3&cstd=598&cisv=r20220928.83605&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 85FA 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuoWE2B87PY4sYYh8ayvfxeudtEzEDoZ8ynC2LUkDPactYPQthAKgJTX-p8ubiVM-kU5qwrg-Ock5IqG1qyO-buo9F0CTc9lUG-oXDXoMdCJ6Uafo3DoSU80X0AYlx3kLiLO14cS8kR8I9b_vccVH8_ac8QOeD3&sig=Cg0ArKJSzGKtTD3spMVIEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2793&vt=11&dtpt=2144&dett=3&cstd=646&cisv=r20220928.99382&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: friends.in.ua
URL: https://friends.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame F062 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4NGRQoZdZ7xzMOvbbBv3UIwUol8BgE2hnEmt3eHVEKejGoiMVNpDln0xGGbee31xNSPmXhIDStfPIGnQ11oHBUPSCQJprc5M&sig=Cg0ArKJSzI8hz0U8WPYWEAE&id=lidar2&mcvt=1191&p=0,0,600,300&mtos=0,0,1191,1191,1191&tos=0,0,1191,0,0&v=20221003&bin=7&avms=nio&bs=0,0&mc=0.53&if=1&vu=1&app=0&itpl=34&adk=2928284355&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664946247748&rpt=3823&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0776 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst79cfU8HkrcXeS5erB1RLWWypayxTo6uQXTPiOr2IXdQx-NjyaXHSn78LMZ8hf40NGYby0OJK82ty6qK2PHD8qBuMPsyxIRoc&sig=Cg0ArKJSzNgPNTisoFbBEAE&id=lidar2&mcvt=1138&p=0,0,600,300&mtos=0,1138,1138,1138,1138&tos=0,1138,0,0,0&v=20221003&bin=7&avms=nio&bs=0,0&mc=0.94&if=1&vu=1&app=0&itpl=34&adk=2973613050&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664946247662&rpt=3954&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 40AE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvii-JLKMPnO9h89yI4d5dAS0wpORDtsGFvDUvcG5zicBxhxX-LUMGPw7ApNYYpGPyOG5pIYUBwFb_ooqRl-nha6Ctc2cKREaM&sig=Cg0ArKJSzEeCTTOPT35DEAE&id=lidar2&mcvt=1116&p=0,0,600,300&mtos=1116,1116,1116,1116,1116&tos=1116,0,0,0,0&v=20221003&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=1066843456&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664946247422&rpt=4323&met=mue&wmsd=0
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
COMMON.css
c.evidon.com/a/ Frame 3830 		2 KB
998 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/a/COMMON.css?r=0.06589118992190213
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Thu, 02 Feb 2017 16:26:10 GMT
server
AkamaiNetStorage
etag
"c3cc19ce8230df99c7835decc2d79ee8:1486052770"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
text/css
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
715
box_19_top-right.png
c.evidon.com/icon/ Frame 3830 		109 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/icon/box_19_top-right.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5c99dc27d465b2f8425daee704098e7335a880b4c757bfdded09721b9054d64d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:18 GMT
server
AkamaiNetStorage
etag
"8c7c476ac28727b21040351fa3006c59:1360189518"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
118
ci.png
c.evidon.com/icon/ Frame 3830 		581 B
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/icon/ci.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
528b6b3e8edb272a61e1d3b10f11af0d241680684143fb5339fa2758a3e65187

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:44 GMT
server
AkamaiNetStorage
etag
"2697f4b848d2400cd051312585a6bf42:1360189544"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
604
pixel.gif
l.betrad.com/ct/0_0_0_153615/gb/0/1/0/0/0/0/300/600/242/1267/0/ Frame 3830 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.betrad.com/ct/0_0_0_153615/gb/0/1/0/0/0/0/300/600/242/1267/0/pixel.gif?v=2_1&ttid=2&d=sholke.com&r=0.010413042948080653
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.139.110 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
COMMON.css
c.evidon.com/a/ Frame F1F1 		2 KB
998 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/a/COMMON.css?r=0.7335548254556166
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Thu, 02 Feb 2017 16:26:10 GMT
server
AkamaiNetStorage
etag
"c3cc19ce8230df99c7835decc2d79ee8:1486052770"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
text/css
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
715
box_19_top-right.png
c.evidon.com/icon/ Frame F1F1 		109 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/icon/box_19_top-right.png
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5c99dc27d465b2f8425daee704098e7335a880b4c757bfdded09721b9054d64d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:18 GMT
server
AkamaiNetStorage
etag
"8c7c476ac28727b21040351fa3006c59:1360189518"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
118
ci.png
c.evidon.com/icon/ Frame F1F1 		581 B
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/icon/ci.png
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
528b6b3e8edb272a61e1d3b10f11af0d241680684143fb5339fa2758a3e65187

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:44 GMT
server
AkamaiNetStorage
etag
"2697f4b848d2400cd051312585a6bf42:1360189544"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
604
pixel.gif
l.betrad.com/ct/0_0_0_153615/gb/0/1/0/0/0/0/300/600/242/1267/0/ Frame F1F1 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.betrad.com/ct/0_0_0_153615/gb/0/1/0/0/0/0/300/600/242/1267/0/pixel.gif?v=2_1&ttid=2&d=sholke.com&r=0.631778017181928
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.139.110 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
COMMON.css
c.evidon.com/a/ Frame 40AE 		2 KB
998 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/a/COMMON.css?r=0.792095535703006
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Thu, 02 Feb 2017 16:26:10 GMT
server
AkamaiNetStorage
etag
"c3cc19ce8230df99c7835decc2d79ee8:1486052770"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
text/css
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
715
box_19_top-right.png
c.evidon.com/icon/ Frame 40AE 		109 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/icon/box_19_top-right.png
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5c99dc27d465b2f8425daee704098e7335a880b4c757bfdded09721b9054d64d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:18 GMT
server
AkamaiNetStorage
etag
"8c7c476ac28727b21040351fa3006c59:1360189518"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
118
ci.png
c.evidon.com/icon/ Frame 40AE 		581 B
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/icon/ci.png
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
528b6b3e8edb272a61e1d3b10f11af0d241680684143fb5339fa2758a3e65187

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:44 GMT
server
AkamaiNetStorage
etag
"2697f4b848d2400cd051312585a6bf42:1360189544"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
604
pixel.gif
l.betrad.com/ct/0_0_0_153615/gb/0/1/0/0/0/0/300/600/242/1267/0/ Frame 40AE 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.betrad.com/ct/0_0_0_153615/gb/0/1/0/0/0/0/300/600/242/1267/0/pixel.gif?v=2_1&ttid=2&d=sholke.com&r=0.9249532937535019
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.139.110 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
COMMON.css
c.evidon.com/a/ Frame B951 		2 KB
998 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/a/COMMON.css?r=0.9740228797123498
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Thu, 02 Feb 2017 16:26:10 GMT
server
AkamaiNetStorage
etag
"c3cc19ce8230df99c7835decc2d79ee8:1486052770"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
text/css
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
715
box_19_top-right.png
c.evidon.com/icon/ Frame B951 		109 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/icon/box_19_top-right.png
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5c99dc27d465b2f8425daee704098e7335a880b4c757bfdded09721b9054d64d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:18 GMT
server
AkamaiNetStorage
etag
"8c7c476ac28727b21040351fa3006c59:1360189518"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
118
ci.png
c.evidon.com/icon/ Frame B951 		581 B
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/icon/ci.png
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
528b6b3e8edb272a61e1d3b10f11af0d241680684143fb5339fa2758a3e65187

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:44 GMT
server
AkamaiNetStorage
etag
"2697f4b848d2400cd051312585a6bf42:1360189544"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
604
pixel.gif
l.betrad.com/ct/0_0_0_153615/gb/0/1/0/0/0/0/300/600/242/1267/0/ Frame B951 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.betrad.com/ct/0_0_0_153615/gb/0/1/0/0/0/0/300/600/242/1267/0/pixel.gif?v=2_1&ttid=2&d=sholke.com&r=0.75949600266497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.139.110 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
COMMON.css
c.evidon.com/a/ Frame F062 		2 KB
998 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/a/COMMON.css?r=0.993847650278469
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Thu, 02 Feb 2017 16:26:10 GMT
server
AkamaiNetStorage
etag
"c3cc19ce8230df99c7835decc2d79ee8:1486052770"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
text/css
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
715
box_19_top-right.png
c.evidon.com/icon/ Frame F062 		109 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/icon/box_19_top-right.png
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5c99dc27d465b2f8425daee704098e7335a880b4c757bfdded09721b9054d64d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:18 GMT
server
AkamaiNetStorage
etag
"8c7c476ac28727b21040351fa3006c59:1360189518"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
118
ci.png
c.evidon.com/icon/ Frame F062 		581 B
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/icon/ci.png
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
528b6b3e8edb272a61e1d3b10f11af0d241680684143fb5339fa2758a3e65187

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:44 GMT
server
AkamaiNetStorage
etag
"2697f4b848d2400cd051312585a6bf42:1360189544"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
604
pixel.gif
l.betrad.com/ct/0_0_0_153615/gb/0/1/0/0/0/0/300/600/242/1267/0/ Frame F062 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.betrad.com/ct/0_0_0_153615/gb/0/1/0/0/0/0/300/600/242/1267/0/pixel.gif?v=2_1&ttid=2&d=sholke.com&r=0.5929575884539064
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.139.110 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
COMMON.css
c.evidon.com/a/ Frame 7395 		2 KB
998 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/a/COMMON.css?r=0.9053089621464423
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Thu, 02 Feb 2017 16:26:10 GMT
server
AkamaiNetStorage
etag
"c3cc19ce8230df99c7835decc2d79ee8:1486052770"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
text/css
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
715
box_19_top-right.png
c.evidon.com/icon/ Frame 7395 		109 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/icon/box_19_top-right.png
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5c99dc27d465b2f8425daee704098e7335a880b4c757bfdded09721b9054d64d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:18 GMT
server
AkamaiNetStorage
etag
"8c7c476ac28727b21040351fa3006c59:1360189518"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
118
ci.png
c.evidon.com/icon/ Frame 7395 		581 B
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/icon/ci.png
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
528b6b3e8edb272a61e1d3b10f11af0d241680684143fb5339fa2758a3e65187

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:44 GMT
server
AkamaiNetStorage
etag
"2697f4b848d2400cd051312585a6bf42:1360189544"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
604
pixel.gif
l.betrad.com/ct/0_0_0_153615/gb/0/1/0/0/0/0/300/600/242/1267/0/ Frame 7395 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.betrad.com/ct/0_0_0_153615/gb/0/1/0/0/0/0/300/600/242/1267/0/pixel.gif?v=2_1&ttid=2&d=sholke.com&r=0.4458209037810923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.139.110 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
COMMON.css
c.evidon.com/a/ Frame 85FA 		2 KB
998 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/a/COMMON.css?r=0.4583024216140288
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Thu, 02 Feb 2017 16:26:10 GMT
server
AkamaiNetStorage
etag
"c3cc19ce8230df99c7835decc2d79ee8:1486052770"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
text/css
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
715
box_19_top-right.png
c.evidon.com/icon/ Frame 85FA 		109 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/icon/box_19_top-right.png
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5c99dc27d465b2f8425daee704098e7335a880b4c757bfdded09721b9054d64d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:18 GMT
server
AkamaiNetStorage
etag
"8c7c476ac28727b21040351fa3006c59:1360189518"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
118
ci.png
c.evidon.com/icon/ Frame 85FA 		581 B
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/icon/ci.png
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
528b6b3e8edb272a61e1d3b10f11af0d241680684143fb5339fa2758a3e65187

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:44 GMT
server
AkamaiNetStorage
etag
"2697f4b848d2400cd051312585a6bf42:1360189544"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
604
pixel.gif
l.betrad.com/ct/0_0_0_153615/gb/0/1/0/0/0/0/300/600/242/1267/0/ Frame 85FA 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.betrad.com/ct/0_0_0_153615/gb/0/1/0/0/0/0/300/600/242/1267/0/pixel.gif?v=2_1&ttid=2&d=sholke.com&r=0.7501372588095936
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.139.110 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
COMMON.css
c.evidon.com/a/ Frame 0776 		2 KB
998 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/a/COMMON.css?r=0.08664720836174489
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Thu, 02 Feb 2017 16:26:10 GMT
server
AkamaiNetStorage
etag
"c3cc19ce8230df99c7835decc2d79ee8:1486052770"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
text/css
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
715
box_19_top-right.png
c.evidon.com/icon/ Frame 0776 		109 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/icon/box_19_top-right.png
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5c99dc27d465b2f8425daee704098e7335a880b4c757bfdded09721b9054d64d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:18 GMT
server
AkamaiNetStorage
etag
"8c7c476ac28727b21040351fa3006c59:1360189518"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
118
ci.png
c.evidon.com/icon/ Frame 0776 		581 B
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/icon/ci.png
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r220928
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
528b6b3e8edb272a61e1d3b10f11af0d241680684143fb5339fa2758a3e65187

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62
8096267
date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:44 GMT
server
AkamaiNetStorage
etag
"2697f4b848d2400cd051312585a6bf42:1360189544"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
604
pixel.gif
l.betrad.com/ct/0_0_0_153615/gb/0/1/0/0/0/0/300/600/242/1267/0/ Frame 0776 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.betrad.com/ct/0_0_0_153615/gb/0/1/0/0/0/0/300/600/242/1267/0/pixel.gif?v=2_1&ttid=2&d=sholke.com&r=0.243811264512664
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.139.110 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sholke.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:04:13 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0105 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKBwPSRA9Y4iuJPmz9u8PsoO_qAYAAAAAOAHgBAI&bg=!enmleT3NAAYQgTJdMIE7ACkAdvg8WuaxqMQrtJL3IRcl9sbiv4-fYu1yaaoCMAFEEZZy5WDs7sH3bQIAAATmUgAAAANoAQcKAG1GirGrzSMpgrRTaZ01Tn7yKSVKMF5sSA_-KoL66sbxduhs2UMer3YZVZDUiR87ipWUbrIxKL7EegLf0WAWI7rgXqOV3s0wiwMafruIDfa4lUqhf0fm8oALH29PvdfZWGooeTTDyPyrjYohT2JFmQLIlQ95V-ParClua_qsY6hltT1uNs-yCnFK9lgJZGPo2SYpR6kT0-DKq13-MP84RzDfjF4yARReTo0wh8XGIpvDcCYSsZVCdSFCWMGXOUXr0zmXonvdTII0OEOXlCGBzlgFyX7Fiogd4-le3TMYeAOQ4z_sUKSYayNRXx0ybpZWnefyUg34VuMJJ9aobPSKuAojFUXfKjfk9vUBsUSEUPMPFJdpduX_hUTDli5nLtUJ3jXugjFbEL9fBnbNr5LW_HWWYREZxPz9MLVxQ-oa9dfStTefSF3YoRd5yHXWjAxAe_eKA91uvLMk8pMp6MOA1tqjnv7rcve8TlVr5cUj4WKGtVFxNcthAUNqGf4u22AI4erGqw3YObDV14VygmUDBwkMpM5bWy3liqX8ZpKNr8uiPC7koaQ2uJQdMuoFdeOLg-m9uumIo99ixgcKUuA7ByQFEwvNx0U9rRPSM9HkAYI8QfUUjsfHFzf3p5xAngJ3jSiscbTzibJv3H4ZjAKdrKfcR25RnmRbk3LQpsaL0zVtXkt0hg5dj6Q5CJtWUCG4vlu2UuJ4eAUw_3w-KxsXoSohYKUhOCHwgbrnhh7jlperk1pe5NyixoNx6YDChvIE5b5mceY-CIjXy4P1ua8Kxxqcmm9rLkAhfIIF_NfkZ-Sp1c4iK6Ut7KCCrDdlVvzTXXt-4YaebdIfd5UpIV2KxKXMwiPYSqtkp28qbgaW4vPDfAYej5_EAoKEzI2xZYZP0iZJ3ZF6RKH-SNOhzu7rRb89c0A_F52p0leusJdYos4BdSH0JuuubWNnkWYYuTsPSmNBkqtFDMBjZgcxc38ytGZclX3LdIdDDE6Y1oc88dDpX_QtoS12hJAoczTVK8JPx7x4ZAWtMHCwz0e0c3fhJ27ESekz-vcheBR1WcERmiZfjRmDlgu0eQmpN6ER6lAT0q0XDYmsbLrBIQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8CB8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQaq4SRA9Y6iuJLe7x_AP3eeemAwAAAAAOAHgBAI&bg=!Dg2lDUnNAAYQgTJdMIE7ACkAdvg8WrY5BUvzvrhver8A1OQcmAdJOHjFvfTQtQIVOMAbGeVBQY5qKwIAAATYUgAAAAFoAQcKAKXWLhea97AZ-OGDnhozSPjgNKVmVuKHh0wLtRn2j63WSlDo9XxddWo3deyLSvEcYZ31oFsG1y2pIO71rQkA3kqBtSfFLORNSEzHwNM4JYfxzXMy3ekCjYx4kmtEuhKIfVkdGL9_THJVAepFLJJOYLjFJxcKYVLQWGszFmymeMfTGwrYwEW3kUyzdul2u0_lzMztOm6twIUwIMB4ORrVXwIFNEcO1GaZAtBOmusxj0yErRul1p-d6DZ6jNvjkjd_5lOv098-UtL5m-C1cWgRSWpxHmrX5I4LdGcoao0-WgnpWpcR1AQfJiHHWbai7iSbs09SYYZilH5IiohnWccye587DzUF1iCws7uvTHEo3JWLyhFGRj2ICZx4f2weIUo3tgN4bqwemZnbShs-qHTiNjI8W89XUGRk2KX88oxLhgqM31AVoVaN2kssqziD7CvSvkz9SoLGxJ4v1zSeHkOoJe-luPnwYCrJKcPA93OjINNv1tvUAcjmw7S-suHjvNJOVZL55j3MEuW6geNKGVZospEtS7NgpdWgNiaCqdCrWjXDM4Tn8GUcrF2PncPFVidYJbPNivmGvZnssSuBD9S7gHfUeB1ku7k0xFQs2SwwI_6YWjb-nJ23OecpZTSZ4uhK9JR4_nHQDGHaONgkEJKembScK14H1UIeSDN4Z-YS5EmDU6pW0vUHUhHAFuHvXUIbxQYKV9Khi1A9OQSTvp7ngXwQMqXhyWegEnasF1-jvjDiu0Dbz4H0pXumBDDrmBrDq4tFeu0C-OcZbOY578AdUSWhHfG1NB1_qy-dQAjvZNbRCbbLovOiYzqOr9XKouQ_qH9E2PBNz7ZCC2v2GSBMgkLRsFzaqfkWkWkzypolOdjAQTXqsozRU0rzMerrpvtCvy91wDWxIgG-pARiAwyYchaHa-Q3uqfkaG_fPnsy_4ec20rmH91LBm5zOCsPg4gOQhk8TQ3x6ayRzZOAN1W6SD1kV6t3Hy7VAdlYsyEb9EfdKhIlnZz6gE-DhI9niYnFVSnyZMbyYEKzbN8clXO_owGEdJwWJI7BXfYZ_pFQZHZ5EuDMi1l7m6tmjCNbevKH9CdnRy35EHQ3yYgKHDm0VYIf_VOytAtQyO8Z-N_IkBh6AH1s-fPSUO4kySDJGuHuSs9qT0ubqLybMZ-qOoBkeY7oRrbNGgS-yKo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BACB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BEv_DSRA9Y9meJJOq7gO91o-YBAAAAAA4AeAEAg&bg=!zM-lz4vNAAYQgTJdMIE7ACkAdvg8Wp-A6zGWgFoTU98iQIWKrQwdBRpTluezXhyy_2Q7LdMdGjLvmAIAAAQcUgAAAAFoAQcKALfteYaoGseiQoFzu6_tNqIE9rID1tNMjHSnUkBBq6dLZdOaR1IvV56y5WcpWObqlEkhy9wVIOBPs4MSF9YDglcOp5QR0vF5r40eQ_KNIUAGhFURl_n3xMhxnbCKF_HOAdL7QCnQR0MmRS9jPsOZRAklRGtbmSYKRj6jo5LaqyKxeTyff7nllKjctdiV2SWDJFFdTF5isIO1zc0JB4-5_PIyMLcHyALobwAawcw1OHGyuLrxJeGuF5KZAsK_Zlmn1yeE2Z6KPaT1Is2nMa60hgi5OxjpeXNy3Hu42mhZrZTYFrixtrCot7sE63pf21KEEViAgGj0i9z_tp_4J44Dw9BNM9YQtATlFKTUuqjQONrvHaq4UY9YtWT2apjm5Ossk8CJSo8YTHgnsN91SrXepkvu-g6kPjRRQbEGPj_UtUZOZg4SxmDavv3mT_XTrO2GBRG7hy0GIwj8NUXUMGIWMPjyAmxCPiUl38vQ-rjjh_nhSrDYssv7pFI6hmHBvwf0sJYK1EyUFnpKDWQjg_HLy72i5p9U1w5_A-q9YStF8t35NEqzAlQLHFpPI4j4E8du8dwJlrzz-PYt0wh7nPA29jfFDyZ1bOpDs0XLa-EMHFGjWbcUhDCR_u2zWCG8xZlXEtoJ8WZmj7pc75gIgVpYvtZV-tDlVz3X0mYW62D-x0Y_SMk6hgtVWmfZg7FjeNeMEMUEeYBWwb0dc35cnr0cYIG4n9ewsHt1ZlIqx1NoDiNGQWi_dYyPBoPe0MPf4wCX2PskFicFNhNAXvPUGtRbmBpWIXlc0B3CsFDcGOuaOvNIN8BNsKOUXc0hI4bk63gfE33F0jQnBj0f1fPO6CQtSVMvEwL9O2B3_OYVA1iKEHzkERnMxVhvk-0BEO5X7aR9VH1AD7FYRwuXKkgsIErbTSgmthEJeJ5qH6Mhf4NJBB2sD9WiuJ1uLsgTj0_yV-74SvprDTslmTA9XAzSTHg0geIBrh76tYjxppIj7ZZZzvg0YzxtoD4D4YVOpeLWAmMDOvxr9uJNd25xPgOC3xDwWhe9KFpG89xLd0PDiull1T8YV_gGTupM9mcLDzsFtvrixAenOxZJfXtSTy5Z_FpwaRzxnkWJMRjTc97GkW9q61r9LEYfxQ3R8NuYO-__Ct8ghv2P2mGIkaZ0EkU-2dojkj6KHCT6LdrBd8rkxpKk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5816 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:13 GMT
AN-X-Request-Uuid
46672d39-8bef-4e97-b08b-0fec659238d1
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9DAC 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:13 GMT
AN-X-Request-Uuid
7c73d83d-5a45-4586-92ff-19f9349f0eba
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 67E1 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:13 GMT
AN-X-Request-Uuid
bb5d744b-68c7-44dc-b8b1-f994eb8154bb
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame EA34 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:13 GMT
AN-X-Request-Uuid
c7bd9a8f-44b7-4c6e-a421-f94db904812a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A7AE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXrEISRA9Y8iuJN7nx_AP8-quSAAAAAA4AeAEAg&bg=!Tk2lTQnNAAYQgTJdMIE7ACkAdvg8WqAhYYb8JYjagxFDIZZnuIlNzUer4wVzNrzaq2NZ4FO990Vk2gIAAAOWUgAAAAJoAQcKAC0aCSVsQS2j6h7jhuCEchm7lVTvwWNEUZH44I3tyz-_WvGgQJWZq5KczbSZp8CZAtAjgW1VeDFTphS1bzU9JzckYULDiz5lRhN82_0ZFAkKZQKwPOiQt54wjod0AMLNk_nwo04965nD2otg-KQ_DgUPidFbqNjS0OqvmH9ueXvNZFVWBG3BdtVXnhkRUKIASdHgve2PxVQKYt5nmTNKJ14xeO0zwuWTlzVCJnTVeU8ufPTLbgayRuJwI0ks2GvLdGbjV0ftm9-gcNmdJgWGm3yUtdyf7A-jCrMHTkXpbLJnZMiNjNxYpSuWT0E9NhIAcvftsaAJpWH0K1D7cSEWzQyGBMF_WlPPrvImHxRZJI6YoOyrKIqNszrDzHytn5G5a-FOxA7c6HITzpvhrv0tfQWOSIHuJNR2EapejtElyLRidG29h-YVFq4B2Nxp6C_GGEWDWKGmFkeVNddBJblgZhm8NWdmwvUuuK0pQKMTo_0yYZ-Z9wJTAsscVQagw_X73hKznHBLnJqMfEqaEFJzE8kFkm_SJrldjl8kOhA3TLiGosJRwUWgFwSg8ztWnL6Ca9IUJKw3ZJRyiQKq0krq-q4suPpQ-rqgMLbzpYyKLxKOTLyZ-pWxkvGT0Xfc9EXZhb0LUAjj_8tz1osq3aRYxiyrHUTeUuTVDBDjUQ7FtvzYMuL3qMd-t_VhPzrZhxeAq44h_PmgxJdrk9qSGshh6KqWjWFjY_T4LSL-k8XRsYgOOwlMuDHi4C7qXGk9RG5ki1dCv_ZMElyq-VDW4Sgxe9Si_riDX6OYP70B6gm-0Qn--LWGDv2L7mM1XthBkPre4LxzQ_pk3ZBDSrsw-rOdyb_6heLCm4mJCeuiKToem3ES_nFOa6lLTICxNw_kLPQj1pYM44goMmM2K6nGvwvYNwhabJfTftmIMZWSbJIgE1CM8Jqb25gPggA8ay9sPERQy_2imvM5QUjKzjp4JHPvJEFY-GigZYx3wcxpq3rSjW8IMr2WvP5h2fqcjejpyT6RyIs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 108D 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:13 GMT
AN-X-Request-Uuid
4b0de515-033f-40e9-afc3-465727d6cfa2
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0C0F 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:13 GMT
AN-X-Request-Uuid
6a75159c-5265-4c3a-9e25-da0c76e034e1
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 570F 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:13 GMT
AN-X-Request-Uuid
f26e33df-9ee4-4c97-9ff2-c13775c763c0
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C0BA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BugYPSRA9Y-euJIGQ9u8PgO28sA8AAAAAOAHgBAI&bg=!g4ClgMTNAAYQgTJdMIE7ACkAdvg8WjxWzxz9B4W4jhRi5uOm5VkpDZOBdqsvbkZfwMbWFSkwwowAoAIAAAM6UgAAAAJoAQcKADLIU5bKngssLPtE25xqbscaj7_0bCNLhjBAxefReW0pN8Horq00EmPylhdSpRzdF4SZW5kCzUiI-Oc041EikO1Nosd-tDrf_tIXvO1Qkloh-_s_cC0w_WJf079H1Hzl-To0Cw2n3MKy5m79xD2THtC-N6xwDahRQmzWyPiR5MKJcW9LsuFQ1aGdQOQfR08BLm7aBv_qtRqxCcdvYkcSpTSuu5_4cy5opKmiWWqo7ifc_7pSjQ_jjnWhLVDKt2IVCvpZZ0GpwCk5OjA9ZPI-6WD2ILM0LLDopNvIuMl5SjwM2c18kOVYj0wMlBNB28j0bkAgReELkzpdscnwJxR1zKBN2sycbELvlA43Lrzc5Vae9VQtJvW-oF_hkrFXVlR109DnyOafNC2hSXZfTvyJXH0D38bh2TaZn3reHx0sup5YjcgwYkuQUcc0wKkFAEcqQSP-NyUpZBsAC73YMxIeAqNElntEsMSx5mjbTe_628hjUnhfS7OpqEey3Fm-s-WxEk2SVREd4Z-aMBxUYkMNXmxKdlynzewR3eV8KOC4hzZ8mMt5GUKlqxLnosDX1kN3etyVVPVySFspH6kTIunqAGzjD-mRszgvtHMrRqlSO1ZiLKuAfyKNk7oas9yvhAK2Ron7FEUucaSPl4gqY6NEXWXNXqP2Zge63hvJC5cSUSwUooHLNBICmf7t3oh0FxaRe42O_f82C5qLwlLjEpjGzPX-pAL8LditEc1YbtZPhGcqqxcHOBbG5z80ZrsA6zrCMN2EFlXXoN1vDiuU3IoIbXr3OGlm_QmQzf_8hN0oQf_lEY7N19bnxf34mwzYlCnJEro_wsRIpWiXAvnI4oWx6UQmUBBCvND7TXqMurvzG3I_0Ig1eIBbAOY-fv5dvk3w_2d6ASHBX04j1Ii2Huq8GjMRtG8atO9-c2cmy1VBJvMkoKHt6p4XOfCELC7zpToH29NC4NLjw2j1wm9pKXWYnfr990vbyDIzBvA-GevpOrL7emdayFzCUOdVlA0B8pReXAe8Tw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4401 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:04:13 GMT
AN-X-Request-Uuid
e8e17a73-4e57-4b81-aa1c-72f8e59ed0aa
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AB3C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtqvySRA9Y7ynJI3D7_UPrImKiAcAAAAAOAHgBAI&bg=!paalpuLNAAYQgTJdMIE7ACkAdvg8WkRUqmYyn1_pzyZHZR-fwuwcXfdXbFz0Py_EjB_BTHZrhofBjAIAAAMuUgAAAAJoAQcKANJLXrhH3S1hf6b2twrldCWvn8zfZdph-tY9a8oq0eESYPV4L75wTCnGzHo_W1o0Dw8oX2yANtT5Z_kKv5vi4OI9iIBTVTfQfA7RCpyc9gNDwmUgl2n-JbyvVaxUYZ0jk4HjHhPRlDpNppP2lsfqVzu0MOtUHl_Ok9PleW32DgXn_i0g3-zSY4jQjYg-5pw1y8tPGGp49k55IVTrHkJAKu1r0tqv3JDp0_Zrzu0e5fjnpA7uWOHJCTWSa8Cuvue8_Uqtwn7ELp8Tt3UAJaCVTpgS6rWZAsR1v7dvNuCIiSEonxdYHWEICgtOefvOYlNQgC21WURlpbkIr-LVyd-mOhHzVXIrJnetniN1uApjDztFGeW3BgtAqU8RgO3D7IH6E9SW9nTZP16Gd4H_HZGjxt_Gq4ssLd3sSXlvzBcY7hjBHWArXws1F8kRQEpK37CUUaZeJmYWWDlA-ygHUDZsRcoj8EloL7zxRHxjpuC8dAXZZfQyO50F86vtiL0T_c_d_cY_Ju-RGNj3MX164xuiKUiXnKdpRgxTdD3KVVv93Tf5sC-MvtGa8e1xAV6Km8BoiXrQvkiinjMI-BFxZEcYVqP3BWkPEmarSjTivHLMNheb_mBc0TLP71C_x_m3JTEhtfhCCik8d3xeY0AUeYbYPmHEIsScxbBopfyPwmlCIEJKkui1lFKWHWKIsNJ-QSlh8gfB010hudpLLWf1RBMbqqYYo-1jTpMnvaATWi11KS0moV3I14MpZqx1LAj-fpYGdw-geoADDHEfydH-eZ_xOPAdodBMxvKgPU-Le8Z7Rqi0JYWwUJcqwVjrrp9AWY1it9zT9K5DkcyUTbFMS2BFBmVlqnIC8ogIsFsSKPzQI9Qj8Pztdvo1kEcfI3ZwPlWZtUiYP7R7BNSraFCNO8pnnFunFqMWJazZqKc0v13TQ4zVi1wvpUsMFykdmyM7IkAgQib62plwdO2qBc8TckUJVkhrSxS9avayb6HfMEyhWg7pUckdoOLvdG7FSI9Drnh3uBcVt2QrkP5VIi1qMFZPe6rCThyeuKY_yATaTbpW9QkTFfAT9Sox_kbQlcsxELtI52xIHHcTWGe4c5bTyW1f1EgQB1u8g6xsWSQg0zKNFXvema1xzHcDVz7KJyUAOOZEAsbdtj0pQ3sDz9Skq4QUvYGCQb7pebeeGC2UCENLYKFPvCXeDds0qCSXsJ5x9Bzp6f2y2BoBg28vHcE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 72E6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8W0oSRA9Y7eeJKWs9u8PgeKYyAMAAAAAOAHgBAI&bg=!T0ylTAjNAAYQgTJdMIE7ACkAdvg8WmqCu5XackAATXUCIOoWLKc4XceQQxXRKtNRwf4PvFoti-Wl1AIAAAL3UgAAAANoAQcKAIadHWGQqAztZkzml9dz7lgbCaDm31rlO2fKOj5QRuIxd_eNUXLELpTJz9hXZklezGzwzJpQTdKC11yE4OfLrtsVak_hdA_SCb8ejcb4o7hbZLjtePhxb_ydKL2iF-eOqxu0y10Fq-RzZuOAQXkYAOq_tmAB7hnusykrObBy8iMHFsfkCiuva5kCzwUGJ8vGS8mgJEXpDqr_Deo3j3NEKkx3_UjQBIODBbOpwVrqydRAPJ-4refYBM1tCK3Udj3zLI__uIkDHhK10FCYrX0RTlr7Ikq2q5C4_LvRbM08nQ1u_b-P9-3yBR7ApWA1eSIOdyh2Hqsg8pRgvEaWh_y_vL7fzC3MPiay5Fc5ZQ6j1ixjqP4QnUGHoBaA51K8sr5Hv0rd5qzrNNbVGjlCZbzgfmGX1HPGrAljNdSNMut69m2jHTP-KRsZ4qrRCT3y5uQ79nd1o33_XbcWxEOcJgbHbHDouparTHYI9-G1KKnO5bKMvHhQxVQvxBksM2LkYjq9PszidSWhfgFYdcec5nqD9IO7osMJ-OiQpb_C8ycgJQu3uHpqmsKCPtuw4otSQ2kB7QvriSUsY04OXGX4YVi0vBtDNjMZ5jdMlO6pjWTflVFj9fTqkzA6UbErrttgqr5t3sXi8a7PnC1TjvO5vBjGpHz_sfhV32jdtfFQSfyd788qoGAIfveLzo_AgHQBJ-DL8dSmtaEFmNYvq7Efdl7voav3S4Gxvfx6zUevno2Vi3RF_IxF7RFtil69RNU9ZtzNFUMy8uNIzhXtZ0WeCMQavaxfgB1EaQkfygDq2RaFHpbBFnVd0lhHNT65lpZJ2hqoQvXAN78iY7DevyCMopC3ds1oz5Tsg3BK_bJL6ZXoTp9YYVpCcdudK0FJxvIdg84iajh33iUo2vZMNYvGCkpW4KrYTBRe7EGwON5Py_boQOCu4STovSa9r5MyiAWWM1BQoYSnwphAJA0XU7xpGNtjvMtufVYac-Zp4sX0dSiZMqFfFeqhOQkXcYsjjnmre1wUlNw2q0mvUCPq4SEtTa-yf-tr7yPP2uT01Arz8Rb3kBhdqIpYYyB3k0z4vFxzU2TlU8GLk4UCeVJmG11nZbqh5503-kCkCp8uST0sAMLH1HM6G2vlZBdgT3pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 58D6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcRUcSRA9Y6fNJIW13gPDyaj4BwAAAAA4AeAEAg&bg=!2tml2Z3NAAYQgTJdMIE7ACkAdvg8Wnd-_cuaeQD3I5FJOAMZA7zityYPZJ2JlgyVx-efpG-htz-IDQIAAALMUgAAAANoAQcKAJch01tVtv718KACGZ29q0NSik-mIIwchdUDSgD8D1HggRE0tyQSXvNhsyp6tfY5sfRb8fz2CoBfJaAeHCLvYnUNBvO3Vk3ZUMDxCpBOzFWAVKkPm5EUMSPL0e0lvkLf9ZvGB8vMn2bP7ltNUrR4hu1GSyXMZlU_HU1dC8ONT7TeUInL2BOK5cOZEKpe9ZKogJgVH5WcnmREmQLQhxpBsb423al6aKJtvzJs1YQVGfKvdVuwS-QXy8Xaj1cZNj9unNbw-1p_z82ghX5QbyNkfyRzKRiswPzRmRgq1gz3I0-rIgJ3HDRPpOG4hrXbnpP79CXl5yhEomU6mOV-S3DjB1E9FyqmdVOFTmFTBjDIXjmqpXv4Vy-KYQ1rVA4zMTtD2sFZfG_0v0c1UNUg4tSo2QOiQj6rG6udNqAxA9_jXvavy6c4Pz_KB8ieoBC3QI6fOFdBlsrwR_OIk3R0zmWJkNTysx1-JI6Qjfn73Ul8sHDovUQVX4MbfR1HXHuI3qLTQlAaiii1rL6CjVZf4NIdDj6UpFvhK_t9QszTXcpk-G3hh4IY6Tc6pJjx8sbEUmiBGGtI9ilmkB_109Yjxy8FANIvtpQq6sx_cx0m9DwLMRVup6c2_iAQHp1wmlWHxbUj77cSqylNtN_cuinaxV4nrk3ZTxiDoMBJ3k95IaZn9pI3d3EW0-gIXW362DyY3jgSOVXHAxHzShPuWzo-Tu_PLKBcudf1l1D0sTwBB8dWDOX6OcxgUhas-T0lmEBa_mqZ3jbk39xvaxViEl5BF2SyBQRriGk6GHDVtbWN-cc1AZ_sFcotIqknYZ6MB3UV_O9fG9Kdf655u-Aqafl4k-vNLEa59Mpr1ngf2rod8t_g2vX2hD06Do7YA1kdXesfkvYXyPuvarWtapE3n1IXxjNlG2j9fRV_h7ODB-oVqLSAgiHvvuHPQHm7LZ6hPhNDgQ2k46gXik-9D-6aPzprhGfUV7OQotuPnEFEaZ5Xy0Gxh_6cNpqa8nOzqjvaejsQs5Lf-ps536p6O_LJfHIU5jXKowp2h1bBnweeRaeC0WyeE78jGm1q-G5Cu7BUDUOcSmBrePe5_JWjLdNAtxDesgYSEa9GfMR6_TOu_jjkeorrFvj2pj-A3xRsZVHTm48XeS5Aoyx5QPJGyPLp5iV6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:04:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

208 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| gtag object| dataLayer object| head object| s number| __actualize.js object| c_cache object| dle_poll_voted function| reload function| dle_change_sort function| doPoll function| IPMenu function| ajax_save_for_edit function| ajax_prep_for_edit function| ajax_comm_edit function| ajax_cancel_comm_edit function| ajax_save_comm_edit function| DeleteComments function| MarkSpam function| doFavorites function| CheckLogin function| doCalendar function| doRate function| doCommentsRate function| ajax_cancel_reply function| ajax_fast_reply function| dle_reply function| doAddComments function| isHistoryApiAvailable function| CommentsPage function| dle_copy_quote function| dle_fastreply function| dle_ins function| ShowOrHide function| ckeck_uncheck_all function| confirmDelete function| setNewField function| dle_news_delete function| MenuNewsBuild function| sendNotice function| AddComplaint function| DLEalert function| DLEconfirm function| DLEprompt string| dle_user_profile string| dle_user_profile_link function| ShowPopupProfile function| ShowProfile function| FastSearch function| dle_do_search function| ShowLoading function| HideLoading function| ShowAllVotes function| fast_vote function| AddIgnorePM function| DelIgnorePM function| subscribe function| media_upload function| dropdownmenu function| hidemenu function| delayhidemenu function| clearhidemenu function| $ function| jQuery object| html5 object| Modernizr function| yepnope boolean| canRunAds function| doRateLD boolean| logopened undefined| auth_window function| set_video number| need_warning string| video_selector function| show_warning_js function| append string| GoogleAnalyticsObject function| ga function| show_warning function| getCookie boolean| autoplay function| minimize function| try_vip boolean| need_play object| jQuery111008795830746979214 object| fv_word string| dle_root string| dle_admin string| dle_login_hash number| dle_group string| dle_skin string| dle_wysiwyg string| quick_wysiwyg object| dle_act_lang string| menu_short string| menu_full string| menu_profile string| menu_send string| menu_uedit string| dle_info string| dle_confirm string| dle_prompt string| dle_req_field string| dle_del_agree string| dle_spam_agree string| dle_complaint string| dle_big_text string| dle_orfo_title string| dle_p_send string| dle_p_send_ok string| dle_save_ok string| dle_reply_title string| dle_tree_comm string| dle_del_news string| dle_sub_agree boolean| allow_dle_delete_news boolean| dle_search_delay string| dle_search_value object| Shares object| google_tag_manager object| google_tag_data object| FB object| AMSP function| Fingerprint2 object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| openTab function| vbm object| VAST_LIST object| h number| pushy_loaded object| __buffer function| sw_text string| ajax_root object| header number| headerPos number| headerHeight number| stickyHide function| AdVast function| AdHumanitarianFive object| data object| r function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| adpnExecutions object| aliveChecks boolean| adpnLoaded function| X2JS function| VbmVideo object| viboomGa function| 31aeb6078a58f6d2 object| Ya object| viboomYM function| MXoverrollClose object| _6238012052 function| aidataSendEvent function| aidataRefreshEventListeners object| GoogleGcLKhOms object| google_image_requests object| criteo_syncframe_state

52 Cookies

Domain/Path Name / Value
map.go.affec.tv/map/af Name: oo
Value: 1
map.go.affec.tv/map/an Name: oo
Value: 1
friends.in.ua/ Name: PHPSESSID
Value: nm9am206de81hj0i9kt73rqta5
franecki.net/ Name: CM_redirector
Value: 248ee93da
.friends.in.ua/ Name: _ga
Value: GA1.3.280957019.1664946246
.friends.in.ua/ Name: _gid
Value: GA1.3.749856625.1664946246
.friends.in.ua/ Name: _gat
Value: 1
.friends.in.ua/ Name: _gat_gtag_UA_60815340_5
Value: 1
friends.in.ua/ Name: hideModal
Value: true
.reichelcormier.bid/ Name: ADWUID
Value: 633d10e00a26414069625101
franecki.net/ Name: ADWUID
Value: 633d10e00a26414069625101
quitzon.net/ Name: ADWUID
Value: 633d10e00a26414069625101
quitzon.net/ Name: CM_redirector
Value: 248ee93da
godsave.lgbt/ Name: ADWUID
Value: 633d10e00a26414069625101
godsave.lgbt/ Name: CM_redirector
Value: 248ee93da
.franecki.net/ Name: ADWUID
Value: 633d10e00a26414069625101
franecki.net/ Name: DMPID
Value: 633d10e00a26414069625101
.franecki.net/ Name: DMPID
Value: 633d10e00a26414069625101
franecki.net/ Name: DMPHASH
Value:
.franecki.net/ Name: DMPHASH
Value:
franecki.net/ Name: CPOOL
Value: 4
franecki.net/ Name: BNR_109268
Value: 1665032646%7C1%7C1664946246
bashirian.biz/ Name: ADWUID
Value: 633d10e00a26414069625101
bashirian.biz/ Name: CM_redirector
Value: 248ee93da
0qq20ey4fo5veh0t.wisokykulas.bid/ Name: ADWUID
Value: 633d10e00a26414069625101
0qq20ey4fo5veh0t.wisokykulas.bid/ Name: CM_redirector
Value: 248ee93da
buckridge.link/ Name: ADWUID
Value: 633d10e00a26414069625101
buckridge.link/ Name: CM_redirector
Value: 248ee93da
.aidata.io/ Name: __upin
Value: GUhsHCRIUb7W4q27fB+pkQ
.aidata.io/ Name: __upints
Value: 1664946247
.friends.in.ua/ Name: _gat_gtag_UA_57015589_1
Value: 1
.friends.in.ua/ Name: _ym_uid
Value: 166494624878543126
.friends.in.ua/ Name: _ym_d
Value: 1664946248
.yandex.ru/ Name: yandexuid
Value: 1949307651664946247
.yandex.ru/ Name: yuidss
Value: 1949307651664946247
mc.yandex.ru/ Name: yabs-sid
Value: 1334771381664946247
.yandex.ru/ Name: i
Value: GyOeQNUkm0cwx5UOD77L+ynb5PbmS1IZJAw1v/ZPFf/PQZJcrOyDfBKhDOpmd2RFIGbYAHicCeIeIs18wr8TOi7RmN4=
.yandex.ru/ Name: ymex
Value: 1696482247.yrts.1664946247#1696482247.yrtsi.1664946247
x01.aidata.io/ Name: livin
Value: 1
.adnxs.com/ Name: uuid2
Value: 7069281149188091664
.friends.in.ua/ Name: _ym_isad
Value: 2
.adnxs.com/ Name: icu
Value: ChgIx6J5EAoYAyADKAMwyKD0mQY4A0ADSAMQyKD0mQYYAg..
.doubleclick.net/ Name: IDE
Value: AHWqTUmSFwrY1nWnCTsY_tTPPgLQq_eWngpCZ1Lc1JOSXfATCBIuX3JYDJm8oB2QCE4
.friends.in.ua/ Name: __gads
Value: ID=2b344166dd3221cf:T=1664946246:S=ALNI_MaOcypoQBgEzL3UgWV4zUms-FKE5A
.go.affec.tv/ Name: oo
Value: 1
.go.affec.tv/ Name: ck
Value: 633d1048f0d4f3000172c13d
.go.affec.tv/ Name: pt
Value: eyJhbiI6eyJkdCI6MTY2NDk0NjI0OCwiaWQiOiI3MDY5MjgxMTQ5MTg4MDkxNjY0IiwibHMiOjE2NjQ5NDYyNDh9LCJ2IjowfQ==|1664946248|85bb6e379e7a6132b3fa250a00b7d7eca1ec2ec5
.krxd.net/ Name: _kuid_
Value: PHn8gYVF
.myvisualiq.net/ Name: c
Value: 1664946251
.myvisualiq.net/ Name: tuuid_lu
Value: 1664946251
.myvisualiq.net/ Name: tuuid
Value: 93d91623-3edb-4ae6-842e-65aa1293a030
.criteo.com/ Name: uid
Value: 2ae648b5-53ab-4855-8039-8271cde06dae

16 Console Messages

Source Level URL
Text
other warning URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://sholke.com/r/p.html?f=nemtdqdon&e=1786821995930
Message:
Refused to execute script from 'https://go.affec.tv/px' because its MIME type ('image/gif') is not executable.
security error URL: https://sholke.com/r/p.html?f=ktlghlouxp&e=1786821995930
Message:
Refused to execute script from 'https://go.affec.tv/px' because its MIME type ('image/gif') is not executable.
security error URL: https://sholke.com/r/p.html?f=cgjxxle&e=1786821995930
Message:
Refused to execute script from 'https://go.affec.tv/px' because its MIME type ('image/gif') is not executable.
security error URL: https://sholke.com/r/p.html?f=oyfdjywa&e=1786821995930
Message:
Refused to execute script from 'https://go.affec.tv/px' because its MIME type ('image/gif') is not executable.
security error URL: https://sholke.com/r/p.html?f=ihgvalvhu&e=1786821995930
Message:
Refused to execute script from 'https://go.affec.tv/px' because its MIME type ('image/gif') is not executable.
security error URL: https://sholke.com/r/p.html?f=snhgrrt&e=1786821995930
Message:
Refused to execute script from 'https://go.affec.tv/px' because its MIME type ('image/gif') is not executable.
security error URL: https://sholke.com/r/p.html?f=deriin&e=1786821995930
Message:
Refused to execute script from 'https://go.affec.tv/px' because its MIME type ('image/gif') is not executable.
security error URL: https://sholke.com/r/p.html?f=jbsaxzrm&e=1786821995930
Message:
Refused to execute script from 'https://go.affec.tv/px' because its MIME type ('image/gif') is not executable.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0qq20ey4fo5veh0t.wisokykulas.bid
9a542a62a474b891d7e38d3a57fb71a5.safeframe.googlesyndication.com
acdn.adnxs-simple.com
acdn.adnxs.com
ad.doubleclick.net
adservice.google.co.uk
adservice.google.com
ajax.googleapis.com
ams3-ib.adnxs.com
aurabom.ru
bashirian.biz
beacon.krxd.net
bidder.criteo.com
buckridge.link
c.evidon.com
cdn.adnxs.com
cdn.doubleverify.com
connect.facebook.net
counter.yadro.ru
data00.adlooxtracking.com
fonts.googleapis.com
fonts.gstatic.com
franecki.net
friends.in.ua
go.affec.tv
godsave.lgbt
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.adpone.com
i.clean.gg
ib.adnxs.com
j.adlooxtracking.com
kodir2.github.io
l.betrad.com
map.go.affec.tv
mc.yandex.ru
mug.criteo.com
mxtads.com
pagead2.googlesyndication.com
partner.googleadservices.com
prg.smartadserver.com
quitzon.net
reichelcormier.bid
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
rtbcdn.doubleverify.com
s.sarafan.fun
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
sholke.com
static.criteo.net
stats.myangular.life
t.illuma-tech.com
t.myvisualiq.net
test.takedwn.ws
tpc.googlesyndication.com
tps.doubleverify.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.megastock.ru
x01.aidata.io
141.95.45.78
142.250.180.194
142.250.180.198
142.250.186.130
148.251.247.92
151.101.1.108
151.101.65.108
176.9.86.122
178.162.159.92
178.250.0.157
178.250.2.131
18.203.64.12
185.89.210.141
185.89.210.212
185.89.211.132
212.118.48.164
212.224.112.249
213.196.39.165
23.205.241.144
2606:4700:20::ac43:49e4
2606:50c0:8002::153
2a00:1450:4001:801::2002
2a00:1450:4001:806::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a00:1450:4001:813::2006
2a00:1450:4001:827::2001
2a00:1450:4001:827::200e
2a00:1450:4001:829::2001
2a00:1450:400d:807::2002
2a00:1450:400d:807::2004
2a00:1450:400d:807::2008
2a00:1450:400d:80a::2002
2a00:1450:400d:80c::2002
2a00:1450:400d:80c::200a
2a00:1450:400d:80e::2002
2a02:2638::1c
2a02:2638::3
2a02:26f0:3500:585::4469
2a02:6b8::1:119
2a03:2880:f02d:12:face:b00c:0:3
3.122.138.253
34.149.12.213
34.95.69.49
35.241.31.249
37.187.24.88
52.210.76.91
52.23.139.110
54.72.111.18
63.32.155.38
65.9.66.87
81.17.55.98
88.212.201.198
89.108.120.68
89.149.200.234
91.240.20.7
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
00ac6ba4c7cd386ce2f692f45e7718b866bb00af4a14be2efab8e49a90b3df01
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01eb2db1f440f089c2b59dc55fca9733225906a2af5cd8c2506e3364840c1877
01f460e02afed4fa122618a31212b246ecb7004961851dce17a42500dc4e0442
027ef4099a9abb6d8cd6b9b5e6d1eab6074580d033f8c67877c7cc1a11c8b5a1
02a58acbc441082afffc279ae739aa8359c1e3b39ec18621647611b1e93809a4
0312e1f30bf4a79a90bead6d2cd681c2049e8a51d9e4a55249f21b2300da09c5
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
045fa110a4973043ed9d4c2e023ed09030040f5c6b614ad729f45675e5810263
0462c90aa69c24ecb90cfb59024b71fb99c89c911432d5ad21c7cbf18ef7ea6e
0627e2de3ed07693664eed5c932c94daed9d98b3f10043914b93c34b83e8627c
080f5fc502880f80dcd57b12367d688b946283db3525e722a164e84025532fbd
090ae6d3b5dbc4d9c7bd9f0f9b12e5b7a4a80485b64139445b5b157fc74c53c3
0914444836fae2f430d7c42f27b07a536508197a35aa9e4c8294bc5f7978d08b
09a4807379c8dbb95b72fb6d300b8d6a4ebb5048d98df6583893b9d871e99a61
0a68293ef85b8c9d40041be52e6382da5dfa3ca897627a4f58af54895287d7bb
0c1e40e99923109f31cc5674720dd10ca5f757aeeccc60c750efede4054678fd
0c24d5868a3003ccf924ab3d528967219e03d6c93d46da648dc7e15b7d0b005d
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0c83f652b7b0d8143fd24a0c2dc31504e59480b7fd4255a1f1400e3b8e3d43de
0e1c15d159d08a6083b8c9e50b6f08308a348106bf60b385300761cb816574c0
0e4bf2a6514acb56b7a7c1040fc1832aef24c59db47234c38599021611468606
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
164331299d8714c825f8579119570c0281762fd67567e32cfa7e95cfa0516a22
17ea00f45c87696eea458d8499980bc6bfd9f4eab9f4d351cf0b71e1578a5adf
18e618623f45775fc9cf4c362a7a226b1de8cde5117b858eb60e14cbb2a9a1ef
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19a504af35c5c86859ecc31d7c9851dfc96dfe7828484998fdfd544d45fe6add
19bcad5c32c05a87eeecac5ae6a3398dc2b3d2a0409a32f32c4824b4a0ca9459
1cdfec4471965cdc07a0a4fff3c5d65c624d201dd2d30772d1fa40adff2d9e4e
1e7e6b59a5b05255178c9b9acfc303fe2c35a16534e61076c8bfe37a16ec8e51
1eb7e2bcd2b65c17f5c658b19c297a4e8061f4c3f249ab09196179fb50473151
1fb930176fd6bf0f5290efb83af733099c0974100f0cdf42e80dc944db46ccdd
1fc4150ef7c77c928e9ec44858aed80b40ca49c6ffb59f87d7698a2d99ccb9cd
2072b344a4c1604ce23e31d3f4cd6b54934adb30b360113553a4873bf08232e8
216db878858f983f4aa17e422e00ff9fa80a9a50941f9f0e3f5aa4a77297aa56
2228a0b683bc8f4fb23a7ae799d6d6a0effc8143b0d4cff7d0f74f5c30ab5717
2322d95384d0a42987fd05817743fb27805d7ab82f918b7f14619023f0854dc5
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
25e06362bf019c5bca6144ff1f865cd9d4b6dc71961b63f102f00ac3dc47dc44
26c1055d87ef81bd223708ab6db9f5b302efd683ff7132c338cfa14b4e082cbb
2912715da3714b88f4aca308e1fcf382b195729f8dfe3a2cc3146cec8c43c1de
29bbf2b167c962be2d097895beff12fbf52280a4cd4ddbea9ecf5fae40b1adea
2ebd8f4b206d3cc70d859e3b0c7dfb47e21f79b0d925a50a94353334e8c72e5d
2f52041fa177a27da84d924c540696137f264ea9a7f29ae6981d2c07b262d986
304f1eaeafa5bb03ae53acf7a1045412ad05d1afe7c5335d0075c5a1adbcc149
309fb9d17db1beaf94bbdbc62c9a6d764b7574af63db15442c19a5257a038327
32a9235b760199923caee53c00c27522b9a7344ec5e7547ec84e69834a5d37b1
33e4a02476f296bcf7fa2b8e925a984d5663524962eef15fd4f30a2f62b6d29e
351085b836eac6830b84a6917bf7330d4b8de3bf9ec8feb52ff3ffc1ec61544d
363ccdf06428224471488086dcb2003cb37375978a93cee3dc0f04536d4a0de6
371bd1007ecc50fdb3474537fd2a65516483e547bd0a552e0c51770c5c4e5952
39980b315eb62a1631c5f4016ab4b3e6cf632996def0434b91cec6077ec9bb64
39b6618099aa4a22a8187b0cd248583d63df1f1113ec3770f49be6e4433a0f79
39d48a40d78c8a90a13055b780f89dab1ac990992594a8e9b6d2eee39f79420e
3c8dc5ae9e043f688c30fcbb35619ddfb632733747471c803301fb23fc7dc21b
3d2c19c70416e84216783738fae9623c624eb7049c401bd90b218f3f5646d7f3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fd3db8ce7fd2cdb94a91c31943a479bde1af254e9fcae83e0f3559bb7a99d51
403c0e1e97789c75bc117d111b4462758a4243118cdcfe5858b55d35a03810ef
425d14466d34dbb0acaa9cac644d5508c96124e36c0f233b365dff87a6e37874
4583b20b71a970b8b8c1b628041b948635a6a06bb8d229c51046376dae3c80f9
45c55ac479fbe676c7ffe1238b0648766c3e377ee4cacb8de33a5b92a378a5ea
46967c5357950663d5b99cea4a1646982f8cc90467f8d2fcd5d7c5e38d0f96dd
479eb0a60fcc13a65e631985de2ff415d416c84f53265014a31cc12ca2c91e7f
480e671f35917348ea232ffe01e2d759469f630f3b4045689e60d2edf69b63e0
4842e7f28ce31b8044560bb63762638d957dae394c1b18b24808a2d459886d4c
486cf8923081a57175e52763b3ecaf24fa6c3c2338770f3ae07064e5161865d9
4941d02cb94ba17abdab02b4baa3fe5a12cca24abf1675064914fc303ff11efe
4a75c66f062272ef990890d3c3f5512acd5b226d96ff6b681be45940bbfd5e34
4b43120f0be776c26b2b624d3632ab69f8419124d1f280d61c45e09cf6af33e1
4d3bb41c18c870df8c7ea0d5dcedfc013a5102a01c0bc22cc78fed63ec669b23
4e3cf60495dca6411d155372c42aa62f07a6f0c5792f016cff361dd7a3965b20
4f8c566f2cc5e60ddec29774fddf017646b0d814eb25c6132d89c5c7cebd4cc3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
511f3490b92ee978941e7b2e59578b6406e9528a2775f67b37d5b18f3a384f6c
528b6b3e8edb272a61e1d3b10f11af0d241680684143fb5339fa2758a3e65187
52eb7a07438ebdc24f89c4b1f74f57ca82d66203b0d23981d8b9b37ff9ac343f
53afc3a3b914c01577cef9bdfc8bf51fd54472c90616376cf80a9eafadcc315e
53ed2416e0f25590e6b400cf443e06615a0b40cddbf5a90eda5cead01b78c4b9
53f5a8c40cce2b52db685149304af9752cabc981cb8eddabc4bc1642e0ddda56
540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a6606bed93bee86d6763cdc2f435c3501de5b129044f7896fda2080e9d5caa
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57747d0c58d8a960164c63f821b3132b813318f97d34fe74ed61ff679158ede4
5885a54db7d6039ea505d57f5642e5e8ac558befd30a24422bc3933e0e103aaa
58aca9a50d520a84ff24eb7055888a762e881d0101260242dcb1c8fe9da83e99
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5a97341f8b59d56b7c3e87a0370d63376122b0c9d680a1e20f15870d7d4bd83d
5c99dc27d465b2f8425daee704098e7335a880b4c757bfdded09721b9054d64d
5ce0bbe89a521f471b2e1dcac3dfde2fa5532200acc9d5d3c8a450f363a2c54e
5d3e78e83bad8162b08b4ab6c3e5f62b19c15973a51fe22855249a13d5f715d2
5db1fee4b5703808c48078a76768b155b421b210c0761cd6a5d223f4d99f1eaa
5f1a3a89f85d7d8fea248137111c5030e521d9efa3da80f95eaa2bf8ac3b6836
5f3633721bc9540be94e8c7897a326fadd9e795823c410b7ab28abbd6f08ca21
5f5e0ffa32fd250048c345a9e0c49b670a4467e31c580f4fa4185d74483c4729
5ffa97740452736898a60bf7040ad3e194327fc967760751f3cc05d7769eede3
600612fe49e1e39ab8ccff7d0f5261e65e810c008ab71b8a8dd4901ac8f8cdbe
60ae7bb89aea22f8b442b26d709c1db708ea2afd87ec400116814c9091c50aae
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620a863c35c72ca2f0c1fc73b773dfa5cf3330f096e82a428e10a0fcf5a41b9a
63be0686efc30c972da71dc410cd58ae2b0240aff933d1b50652c5caef1b8a3a
66a648204ae2be6d2b10389902bb3c78a25f47f0223c8dc967adb17d88ea4d82
6845b6896e74c6be8da223ccf09aa5556c1bb53bd3b947c1f91408e8df31871f
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
686e939ca3963e076e64ab8e94bbf7307246897b17ea31636f30d4d1a4b932e7
68f308a3c18a93295ef2931fc6a596de9ff381e6399b480fe2de3b77c6bae6e1
69d68a19d0a1b873c533d181ee2d77d2b98e4ad2574c955855d204a8ba3c93a2
6ad1b5f4f6a16a10ce4cb2c275f4f3f3db4d5c1cf487d6abfb51894af4dda90b
6b3aae8d5c0fdbaa1f266cfa5272aae78f9b9a180ef43d4280ff3f5b23bc6d01
6b5f93fcba0cae2cf7d63478302e219b922d252bca9925061e733d5494da52ac
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c298c7796b872b6caa387178a0089923ed809b663bc5584601ec7c2182eb2bc
6c7d21820d8c95a22e9f43a0f6de2bd01040f1ada1db0fad8826a9472777d8b7
6d5466f76fd227a2029054e09c132479983ab4697f45efb622f8294ca44f0423
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808
7037c2c685cb085e0dc42b3b36863d798cb5d2dc898ba382097498b0af0def72
7258e5031b7e0c11836aa6f93982492a25dbb5aaa757eb580257ec1fbc1d9cb0
740e828170f6fbf1038b634e2b707e13b9d3efd99d970081e31862c53f592591
7470481dd9116d39ce52ffef3ba6e4f13fbe26fb7412bc5db9231f93314e119d
75b79012e2d2d2600ec7f91783f319aa75d867e7feabccd943045af6fcf2540f
774841f7f3e43fb33b6cc8b2716400ac6d5ca51611b0833f29447ca0258d23fe
77b923d6fd76d50e9728f2786c10de9ab04d7853b863244de8f4f9ab612f8bd3
7938c2ff019c1761fceaf068e2d881edfea7ec533b15ee386e10ef1d9afd8137
7a647079f1d21bfd8b86f7e8c0dfc6545a4022b4114adb33ea5766da7d0c781f
7c5c79e25d5702fd716c8be193096f2dad6f96ef88f8a304ff8b01289224b24e
7d3a7e7199b391db7fb524f30850024e5d78d0cc0351b6b19d64df33c054c2dc
8078f97416dbfbb2b24d6a2ae82d6130ace453db0199a80746dfac32ac1040b8
825190bc39f5380a2a05980aa17f0503dceaa0704081a20b97f43afb180ca5ed
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
833bf0ec37d8a8c48ee876d0eb3d4c140fa7436d272d693097f005606f288e66
84f86f662a5c1711ee6a5599ba05cf51a9383dfa460e43ad68c27acfab6fddf8
855cf138941573cf3dd1daf6ea12a15122e115c9145d809c8e3556f73668e254
892cb57a1eeb3e07a75462120d3b8429f2cf28d1f57aba1d7933395a9043bb7b
8a619c113ea6042c55f99a75b34a10ad032fb1f817a614144a5e7cdba5b38c28
8acb2901019abb489e6744b1309eef3d46347f372f88d5d69015591939c6f53f
8b75164d0bc8bb03e67016c72697b2211bbf9b9f8cb43b8aa010d26d5b766b15
8c851ca97c012ecb1ff51d5a1c5c103d1963e3d39007e7f7a90749b21e94858b
8c8e597124eb829d4c18010e9498a7911c5b77996d3d1c8e74324a33dfffab78
8ca4233eefee59f7a233f8c2f33000cd3211d91006bcfb6818c20da79d2b1918
8cb9f3311deb33c6fa63d01af5dee7bc21943abf45f767093d8587c7210757ae
8cd30bdade386d9a2cf9f9740743490cabdb616a07bd9d9c06f82c46b9382571
8d4b9d561703235b44c824408370d4405e2c2c7ba7da310af7f40fc094da283e
8df9ebf946edc1534246020fcf80d389a87c92f9f999a48c577673298d281b29
8e541fe13532c4ee1bde21ed75e710a4d436f393dcf34080d2627b626a064783
8ecc93ad96e703f108ae165143026978ee581790b7186af002102bcb536d6878
8fbef915c39b670da441a27a7ac28cfbd480a921ee6ec1ec0d325aec3d074914
90d4fc09ac4f71dfbc2ce62fa5aef48b8d4fe0b8d84278943ff4afa3fb9d2bca
90f31d7ec5f8ad1653805597c52a9223ac01fc437bda9cc6646edb8cef74b6cd
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
91b6795f67761fdfd9a0953af510ed66f0e0d42ca3157c71200030bffba91393
91f52d775b50f8cfc52cc4c51adc1179a9a4ee65e3c9274edf55a642409ed8fc
94915ac099f5ca10fe361655223fcb04e89daa83367829c2c8fa9b9357912261
94d7aa346974c2fb89458181777b05db520c81fefd53220dd124f064b08e6866
94e8b99f224b394ce1a5031b2f1742c551f635eed13a813716a475d8275f46c5
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
99703aad857a9562216518b1aa196121c423c2af743156438ae2b1e30e9ac11a
99f22b41ec6e96d685dfaad61b30fd290392a7533e58ce523dcf9eee53d459f8
9a210f208afe7d94673898071f42e05c6040ae0d98aff80c0dd2770a18da62d7
9a49365a0972e0978e6bb697a7f2f6916fcc47c6482b994b69e16122589964f8
9b2122e15b2da9ba2f0059e8d368d06b74311515c0653bc747d3d6b117acb1d5
9b78e8a878c34b8be71de84983a5fdfd8298b29159f6df6aac9e877ac17ff0d2
9ca899b0ece9e303d13aa03a73f1e0506537e2a9c3d4eaa17ec74b626944afc0
9d6fa08725c37fcffa46428609d390afba3fabd3f4efbbd551bff16006d94d4e
9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3
9df4f15430d3c3ecf3dc04d57fac9fa62ee768464cec28145f33765abd5eb7bf
a00f713ac3c1e56e1a5f9a92e0744d7b40b3c94ff9c5526b048e2547f867d029
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a21fd319444bfdf326ca107a85d2fdeb38c53042caabe363b441d923f22439d1
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907
a3d0f082a00a8246b6d228e59fb7648b54977c7c9ed91e576f2b445c9e349869
a472ce20c2c4ab1907fedde9d44b4f0d09e295d22603d26bc392233ba4a4448a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a57acc7776143c4260462075f7ee06df650c3ea5969900f63f1246b0fb76cff4
a65970eb3bbac287ee9adc7ec325dc9ba71df20c00df16e6aed8aa92f1f7b637
a6dda527298c0b8c28192e0300b3827c1f28e06803458b949f5c05d4aac44d3a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8ea37119ce5b5d454561269b0f691cdf2ecf5dcde9ac392516a828861f49ea6
a98859a06a5d54bc094c0d0c65c42972c38eea07c5c9f3b3fdba600ca35fe69c
aa7b6be652ae0d71e1a84a2dc95aea3ba4882b51f947182450c860573ba56be0
ab8b6924619317a40378b8e6300d982eed7212151048bc43bd2f3706ca428621
abd981d1d2dd3eaf724234dce2f17d1dad9ec8229bdd7b88b86ce0f98944cdcb
ac87c7592329fb136ad7b708c1f131377d6051b649b5b3bc5ea7b73e9ca06b83
adf7d809294b4ff2720377059881a98f3be0c44e29f58091dcf148e82c4240d8
ae667f9c3a748739ea15139d817849bca484b29d00bdbdb3c5c6c318a87951b2
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b037ba0598ec77c1f79ffdf184d982b8245725deb557a0d8b5d4b48feaf78fcc
b0f87452b6c5dfe646057214eec42f400d6f9e8597a9676f633de1838b359f2d
b25afe836fe01228950b19da4d18283305bf86d810c9c29f1aaa0b54987c098e
b27dac1362a907e10e84987c6e2ba5f5fbb716f095bd646f85de1d1927750b3c
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b37eed3e8e005cc46768426098e555923876711f6bc99532264d267273d0c230
b3d7038e6de59b491dbd1106574b963cfd9c86132da7ad98adf20497ab64dca6
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5613a563cf22229f4ebd593c664e02a58837efd1fb47a93e0fa7b4e1b9f5b37
b62e41470c1ea230f6c98660f2fd4f8f43a2617762988c848d78b46aeb669c61
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
b88c79d595d13dfcca3db322f0b1c9ee654901db33057162d87743be8e647327
b9132ab54c6e1bc9d6c1fd6b66b93c77894cda13b87cc8fdb3fabb1d4222ee0e
ba08e2f893a29a98b41931ac403b3fb512b21fcb47e254c251e52f892454be19
ba6ad3d5f2e4f812f189159634422ef4595e1efecc67ac79f5bd484fba3e3a46
bb9b6fc32ebc21ccf120c8569d7234e839200d44bfb1ccd7890785f3fb0e0fe7
bd4a5ebd77ca7caeb1413b5a37eca762d38c9e1d0705f32d31259078064fcc3b
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
c1944cadc3cc35becd75927386db10afe5504cca6c7977ae2c42e5c7f8496191
c24bbcb3112da75415103f764163f3d510440abe4f3916e601ae6c1fa894eb4f
c2899b0932bdf27ca8d24ffefabe2892045f7dd8bcb3d45ba2c81f683578f308
c4534a51a5bb40c29f40ab5b70a5081e86b34c770b50d1446db2890b0def8fdc
c4e2537b9bd1d0a6b1ced6f187a6021f132561b61e7426d539cd4e1a87d08230
c5008a39ea338d4746654aabff5c6cc84f1f2dfebe07c0235b12f3684ff61951
c541bb1bb0311d73908bdda3985cdd96b052dfe631a257f63257432b5641307e
c5a8e6a4a1f3a0ead7935f5c0114d379dfb111cc8f63e8182732d85f4eb5fde8
c6002842e5f7cd5d7898ccd55452049240e2014e283191fb63770bfe3ec49973
c663affba96bfa7878e01c0ddaac111c35a0dc75f8e8ec304f30a5f50bb88f93
c6b005f5932f4947535aeb04ec796d28ac793e484fffd71b79b232506138dfec
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4
c823c44a9ffcfe4d471985234785be3600248e87f8de025bfd2023a9fa48c638
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c9fdacf507c8e4f5c525df0a5749cc9029031c27a92cda801f1fa38375f06535
ca706f7070b55f04ad7e61bcd28ddf780ca341464cd42a329400101f0b01e423
ca86b63e5da3d509ca1e7fc814ff18589853d11bf147943001262b342c13a1ba
cac7dddfd848d7e8a382041db220990c8008e062d0c39802494a43c2f590f9a9
cbe5115094456c10685f3454e131d48d4f40d4ae7dd4e6b1e7af453fe0ee0501
ccb838b8df3f7beb0ab226d5d625933594ef65d16a8b62f4a5ec3ef2a572a384
cd41cd943f982d676c19e9e786fd7ddb808383139b9ef86897663284308a3b10
cd96f372517f2aa00ad5e7ac2c3d01296a80122852d07f12df5722d3faadd338
cee490fdb12f5a7b47e3c3cb6c07082dbb80d36bac565762799456fde264424d
ceef2c7442a7c16af14ced2f73647567416379b68bfc95ee227b99c1119c4b4d
ceff9eda6c9f3949aaae308c67e5a247f583cfe2f7144eb92c9357faf0f654b0
cf66c7ae342b7965a597696c3fd4a2bdec112e4899a25b4f3e73a958fd79dcbe
cf9ce312d39963aa2c755712a8dc205faa6930a6bb3b8b804ee6c00c9036a344
d194e1349888f5622daa8347a4e62864ce252ba18ba2598ad41f8108a093e802
d246b1bf203aacd7e71fb72e454878bf92fa562d3bde221e897d554e807bf43b
d41883b69b87c3c0e651d52ff6d1b0b3510123b4d9b4af3de2f6c34cbef3917e
d66f33be56fbc9ac8c56b8a9f402681039e443aa600d08a6ac738b69ff2c9589
d83c8c684c71b22436e90b2de30f4346a6691d1a40e93a19285864ee5725108a
d9f7eb7abd8c938bdd86975d382911f93580a1a4622b2b816fb920f93e9a66ee
dd2059dd98af175f39c3480a0e0db9b47370d3b11ab0eeb69100532abd389718
de090f509204b8071e87400dea9580912fb4ba1e7fd771e0e92a104fb07633c1
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64
defb36c068311c70e18e287848d67e949bf28231fbda84f8195230af93264ffe
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e1c7f2cf6f0543813cbec81aa43d1dead26657b3e497dcb0b366a4bce7e7e7ff
e25b1807f6285a992305a2a993e7894c56c8864b20d7627f8956c454a8a84824
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e458b52e4e805d803d4075f2546c869edad223996a5da12e810ba748e1ffaed8
e4b2e8b875ed62f4d30234ef7ecafbfd59377334ee927a645470a8b522b843ae
e5bccba5073828e61b7be4f11cd0ef35ad5eb848ba11c7aa4051f7c08b508712
e5efe77ddc5177b5796fae7c6bc7ceee3a92b36c7b080a2863184a8a7903ee65
e6306e70be0972a581fac53d7d114296d4e8d81cd56ac85c8018c9e4cc7bd510
e9d04b52142cb63af955d167a62bc412e280b01a17648994aa4b838e0c979c52
eb3a9257c5a34558ff23fc6805d348b2b173f77d971f0f1ac116abb213bf314a
eb9e53d22eac938bc21678a0fcd30d0f279e0b4d6fdae9f87d79cfe1ee4afcc7
ec7c7704dff96cefde09d463320858879f5d02567828c3e3c1480527cd23f012
ed4a6bfc2ee3e531be78b7330cbdbf23b564fa5144975bca472d60c3b03212b3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02a298299ee39eeaa176665bbf5960d01638638b01cbebfd59429e3e320c159
f0890052c64e6ebeb30ce1522f4b4255ec1e28acd020f57ed371134d4cf06801
f2422b1a31ccc40cf12980e692b48814447f8b52511ca4507bf3db00a034fc11
f2afc0de9e1ef49986fc827a463dfacbb7b8f36119d34ad81e2441e1c770726d
f3b2476a36567877a817b0481d4e70d85248683eda28c03d0e46016313e50b61
f41120c9bfda2291b2b0c84043f621af033e890b61e5aaf1b62c8312f1383fe3
f4d6fa15792bf2316634e30547b58982f70779af811f4f4612d78d4af4525a3d
f503f946755018ce89f4d10e137a20764541934ab6f84151b3f5a753046c07f6
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f60dae7119e9a426e1d780c4975d6bcc5a86ee60638a8bd0588324ed29905438
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f7d20d8570ddfda3856b29542ac701a297dc3a027c005e78df1dd972323a6bcb
f800e06dd0a06d26695ce311bdd13904916ae3e280481842cb5ffec4ddccc9a5
f83aba329a813f09369e5835393cf80f17235983b5933dcd51b8a8f3d95aac73
f9fd3253372e67937b5afa84f6b25ca46ab8de48c8e6d384c6c6c1c77d4826c8